WO2017071192A1 - Identity verification method and apparatus - Google Patents

Identity verification method and apparatus Download PDF

Info

Publication number
WO2017071192A1
WO2017071192A1 PCT/CN2016/083105 CN2016083105W WO2017071192A1 WO 2017071192 A1 WO2017071192 A1 WO 2017071192A1 CN 2016083105 W CN2016083105 W CN 2016083105W WO 2017071192 A1 WO2017071192 A1 WO 2017071192A1
Authority
WO
WIPO (PCT)
Prior art keywords
operation gesture
verification code
binary string
binary
user
Prior art date
Application number
PCT/CN2016/083105
Other languages
French (fr)
Chinese (zh)
Inventor
杨霞
林陆一
郝允允
李轶峰
Original Assignee
腾讯科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 腾讯科技(深圳)有限公司 filed Critical 腾讯科技(深圳)有限公司
Publication of WO2017071192A1 publication Critical patent/WO2017071192A1/en
Priority to US15/817,014 priority Critical patent/US10657244B2/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to an identity verification method and apparatus.
  • data security is generally improved by means of authentication.
  • the authentication information provided by the user such as an account number and a password
  • the authentication information is compared with the pre-stored verification information. If they are consistent, the verification is passed. Otherwise, it is determined that the verification fails.
  • the prior art also proposes a "verification code" technology, that is, randomly generating only one human Questions that can be answered, such as a string of numbers, letters, words, pictures or questions, require the registrant to input according to the requirements of the verification code. Only when the input is correct and the authentication information is correct, the verification can be confirmed. In short, the existence of the verification code is to distinguish whether the input of the authentication information is a person or a machine to improve the security of the verification.
  • the embodiment of the invention provides an identity verification method and device, which can be obtained through a touchpad. Take the verification code input by the user to improve the flexibility of operation under the premise of ensuring data security.
  • An embodiment of the present invention provides an identity verification method, including:
  • An embodiment of the present invention further provides an identity verification apparatus, including:
  • a receiving unit configured to receive an authentication request of the user, where the identity verification request carries authentication information
  • a verification code generating unit configured to generate a verification code according to the identity verification request
  • An obtaining unit configured to obtain an operation gesture of the user on the touch panel when the user needs to input the verification code
  • a string generating unit configured to generate a corresponding binary string according to the operation gesture
  • a processing unit configured to match the binary string with the verification code according to a preset rule, and if yes, determine that the authentication is valid when determining that the authentication information is correct, and if not, reject the Authentication request.
  • the embodiment of the invention further provides a non-transitory computer readable storage medium storing a program, which enables the computer to perform the following steps:
  • the embodiment of the present invention When receiving the identity verification request of the user, the embodiment of the present invention generates a verification code according to the identity verification request, and obtains an operation gesture of the user on the touch panel when determining that the user needs to input the verification code, and then according to the operation gesture Generating a corresponding binary string, and matching the binary string with the verification code according to a preset rule. If the matching is performed, determining that the authentication information carried by the identity verification request is correct, and determining that the identity verification is passed, and vice versa, if not If the match is made, the authentication request is rejected, thereby achieving the purpose of authenticating the user.
  • the verification code input by the user when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard, and therefore, compared with the prior art, the technology can only be input through the keyboard. It provides a choice for the user to enter the verification code, which greatly facilitates the user's operation and helps to improve the flexibility and fun of the operation.
  • FIG. 1 is a flowchart of an identity verification method according to an embodiment of the present invention
  • FIG. 2a is another flowchart of an identity verification method according to an embodiment of the present invention.
  • 2b is a schematic diagram of a verification code input interface in an identity verification method according to an embodiment of the present invention.
  • FIG. 3a is still another flowchart of an identity verification method according to an embodiment of the present invention.
  • FIG. 3b is another embodiment of a verification code input interface in an identity verification method according to an embodiment of the present invention. a schematic diagram;
  • FIG. 4 is a schematic structural diagram of an identity verification apparatus according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
  • the embodiment of the invention provides an identity verification method. This embodiment will be described from the perspective of an identity verification device, which may be integrated in a terminal, a server, or other device that requires authentication.
  • An authentication method includes: receiving an authentication request of a user, the authentication request carrying the authentication information, generating a verification code according to the identity verification request, and determining that the user needs to input the verification code to obtain the operation of the user on the touch panel a gesture, according to the operation gesture, generating a corresponding binary string, and matching the binary string with the verification code according to a preset rule. If the matching is performed, determining that the authentication information is correct, determining that the identity verification is passed, otherwise, if If there is no match, the authentication request is rejected.
  • the specific process of the identity verification method can be as follows:
  • the authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
  • the strategy when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset
  • the strategy generates a verification code.
  • the preset policy may be determined according to the needs of the actual application.
  • the verification code may be randomly generated or generated according to a certain rule, and the verification code may be a binary string or other binary numbers, such as decimal or hexadecimal numbers, or even It may also be a combination of pictures or a combination of colors, such as a combination of a male photo and a female photo, or a combination of black and white, a combination of blue and red, and the like, and will not be described again here.
  • corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character.
  • the male photo indicates a tap and the female photo indicates a tap
  • the user may be prompted: "Where the male photo indicates a tap, the female photo indicates a tap, please input in order.”
  • black indicates a tap and white indicates a tap
  • the user can be prompted: "Where black indicates a tap, white indicates a tap, please input in order.”
  • the input information may be distinguished according to the strength of the pressing, for example, as follows:
  • the method for determining that the user needs to input the verification code may be various. For example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code.
  • the user can perform the operation on the touch panel according to the prompt information, that is, the step of “acquiring the operation gesture of the user on the touch panel” may be: obtaining the user according to the The gesture of the prompt information on the touchpad, such as "tap” or "tap".
  • the rules for generating a binary string can be set in advance.
  • a pressure touch Force touch
  • any one of the following methods can be used:
  • the operation gesture is determined to be a tap
  • the character 1 is generated
  • the generated characters are arranged in the order of the operation gestures to form a binary string.
  • the operation gesture is determined to be a tap
  • the character 1 is generated
  • the generated characters are arranged in the order of the operation gestures to form a binary string.
  • the generated characters are arranged in the order of the operation gestures to form a binary string.
  • a pressure threshold may be preset, and when the pressure applied by the operation gesture is greater than the pressure threshold, determining that the operation gesture is a re-press, and when the pressure applied by the operation gesture is less than or equal to the pressure threshold, determining The operation gesture is a tap.
  • the generated characters are arranged in the order of the operation gestures to form a binary string.
  • a pressure threshold may be preset, and when the pressure applied by the operation gesture is greater than the pressure threshold, determining that the operation gesture is a re-press, and when the pressure applied by the operation gesture is less than or equal to the pressure threshold, determining The operation gesture is a tap.
  • step 105 Match the binary string with the verification code according to a preset rule. If yes, go to step 106. If not, go to step 107.
  • the verification code is a binary string
  • the verification code is a combination of a decimal number or a hexadecimal number
  • the combination of the decimal number or the hexadecimal number can be converted into a binary string, and then the operation gesture is determined. Whether the binary string is consistent with the converted binary string. If they are consistent, it is determined that the binary string corresponding to the operation gesture matches the verification code; if not, the binary string corresponding to the operation gesture is determined not to be the verification code. match.
  • each digit of the decimal number combination or the hexadecimal number combination can be converted into a binary number, and then Sorting and combining in order, you can also directly convert the decimal number combination or hexadecimal number combination as a number.
  • the specific conversion rules can be determined according to the needs of the actual application, but need to be converted with the user input. The rules are consistent and will not be described here.
  • the authentication request is rejected.
  • the authentication information such as the account number and the password
  • the pre-stored authentication information such as the saved account number and password
  • the embodiment when receiving the identity verification request of the user, the embodiment generates a verification code according to the identity verification request, and obtains an operation gesture of the user on the touch panel when determining that the user needs to input the verification code, and then according to The operation gesture generates a corresponding binary string, and matches the binary string with the verification code according to a preset rule. If the matching, the identity verification is determined when the authentication information carried by the identity verification request is correct, and vice versa. If it does not match, the authentication request is rejected, thereby achieving the purpose of authenticating the user.
  • the verification code input by the user when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard, and therefore, compared with the prior art, the technology can only be input through the keyboard. Providing a choice for the user to enter the verification code greatly facilitates the user's operation and helps to improve the flexibility, fun and interactivity of the operation.
  • the embodiment of the invention provides an identity verification method. According to the method described in the embodiment shown in Fig. 1, the following will be exemplified in further detail.
  • the verification code will be a binary string, and “0” indicates a tap. "1” indicates that the tap is taken as an example for explanation.
  • the identity verification method includes the following specific processes.
  • the identity verification device receives an authentication request of the user.
  • the authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
  • the identity verification device generates a verification code according to the identity verification request, where the verification code may be a binary string.
  • the policy when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset
  • the policy generates a verification code.
  • the preset policy may be determined according to the requirements of the actual application.
  • the verification code may be randomly generated or generated according to a certain rule.
  • corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character.
  • the verification code “10110” is displayed.
  • the user can be prompted: "Where, 0 means tap, 1 means tap, please enter in order", and so on.
  • the identity verification device determines that the user needs to input the verification code to obtain an operation gesture of the user on the touch panel.
  • the user can make a “tap” or “tap” operation gesture on the touchpad according to the prompt information, and after the input is completed, the identity verification device can receive the operation gestures.
  • the method for determining that the user needs to input the verification code may be various. For example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code.
  • the identity verification device determines that the operation gesture is a tap, generates a character 0, determines that the operation gesture is a tap, generates a character 1, and arranges the generated characters in the order of the operation gesture to form a binary character string.
  • the identity verification device determines whether the binary string corresponding to the operation gesture is consistent with the verification code. If the identity is consistent, determining that the binary string corresponding to the operation gesture matches the verification code, performing step 206; if not, determining the The binary string corresponding to the operation gesture does not match the verification code, and step 207 is performed.
  • the identity verification device determines that the identity verification is passed when determining that the authentication information is correct.
  • step 207 is performed.
  • the authentication information such as the account number and the password
  • the pre-stored authentication information such as the saved account number and password
  • the identity verification device rejects the identity verification request.
  • the user in addition to allowing the user to input the verification code through the touchpad, the user can also be allowed to input the verification code through other means, such as a keyboard, that is, the user can select the way to input the verification code, and details are not described herein.
  • the embodiment when receiving the identity verification request of the user, the embodiment generates a binary character string as a verification code according to the identity verification request, and obtains the user on the touchpad when determining that the user needs to input the verification code.
  • Manipulating a gesture such as tapping or tapping, and then generating a corresponding binary string according to the operation gesture, and comparing the binary string with the verification code. If they are consistent, determining the authentication carried by the identity verification request When the information is correct, it is determined that the authentication is passed. On the other hand, if the information is inconsistent, the authentication request is rejected, thereby achieving the purpose of authenticating the user.
  • the verification code input by the user when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard. Therefore, compared with the prior art technology that can only input through the keyboard, the user inputting the verification code provides one more choice, which greatly facilitates the operation of the user, and is beneficial to improve the flexibility, fun and interaction of the operation. Sex.
  • the embodiment of the invention provides an identity verification method. According to the method described in the embodiment shown in Fig. 1, the following will be exemplified in further detail.
  • the verification code is a decimal character string, and “0” indicates a tap, and “1” indicates a click as an example.
  • the identity verification method may include the following specific process.
  • the identity verification device receives an authentication request of the user.
  • the authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
  • the identity verification device generates a verification code according to the identity verification request, where the verification code may be a decimal string.
  • the policy when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset
  • the policy generates a verification code.
  • the preset policy may be determined according to the requirements of the actual application.
  • the verification code may be randomly generated or generated according to a certain rule.
  • corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character.
  • the verification code “4587” is displayed.
  • the user can be prompted to: "Enter the displayed number into binary and enter it, where 0 means tap, 1 means tap, please enter in order", and so on.
  • numeric binary number for example, "8" in the verification code "4587” can be highlighted, such as a color different from other numbers, such as red, and then the user is required to input "8" in sequence on the touchpad. "The corresponding binary number, where 0 means tap, 1 means tap, and so on.
  • the identity verification device determines that the user needs to input the verification code to obtain an operation gesture of the user on the touch panel.
  • the user can make a “tap” or “tap” operation gesture on the touchpad according to the prompt information, and after the input is completed, the identity verification device can receive the operation gestures.
  • the method for determining that the user needs to input the verification code may be various. For example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code.
  • the identity verification device determines that the operation gesture is a tap, generates a character 0, determines that the operation gesture is a tap, generates a character 1, and arranges the generated characters in the order of the operation gesture to form a binary character string.
  • the authentication device converts the verification code, that is, the decimal number combination into a binary string.
  • each of the decimal number combinations can be converted to a binary number and then sorted and combined in order.
  • the identity verification device determines whether the binary string corresponding to the operation gesture is consistent with the converted binary string (ie, the verification code). If the identifier is consistent, determining that the binary string corresponding to the operation gesture matches the verification code, and performing steps If the inconsistency is determined, it is determined that the binary string corresponding to the operation gesture does not match the verification code, and step 308 is performed.
  • the identity verification device determines that the identity verification is passed when determining that the authentication information is correct.
  • step 307 is performed.
  • the authentication information such as the account number and the password
  • the pre-stored authentication information such as the saved account number and password
  • the identity verification device rejects the identity verification request.
  • verification code is a decimal string as an example. It should be understood that the verification code may also be expressed in other forms, such as a hexadecimal string or a color combination. The implementation is similar to the above, and will not be described here.
  • the embodiment when receiving the identity verification request of the user, the embodiment generates a decimal string as a verification code according to the identity verification request, and obtains the user on the touchpad when determining that the user needs to input the verification code.
  • Manipulating a gesture such as tapping or tapping, and then generating a corresponding binary string according to the operation gesture, converting the verification code into a binary string, and then comparing the binary string with the binary string into which the verification code is converted, If the authentication information is correct, the identity verification is determined to be passed, and if not, the identity verification request is rejected, thereby achieving the purpose of authenticating the user.
  • Obtaining a verification code input by a user When it is not necessary to pass the keyboard, but by monitoring the touchpad, it is obtained. Therefore, compared with the prior art technology that can only input through the keyboard, the user is provided with one more choice for inputting the verification code. Convenient for the user's operation, which helps to improve the flexibility, fun and interactivity of the operation.
  • An embodiment of the present invention further provides an identity verification apparatus.
  • the identity verification apparatus includes a receiving unit 401, a verification code generating unit 402, an obtaining unit 403, a character string generating unit 404, and a processing unit 405.
  • the receiving unit 401 is configured to receive an authentication request of the user.
  • the authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
  • the verification code generating unit 402 is configured to generate a verification code according to the identity verification request.
  • the strategy when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset
  • the strategy generates a verification code.
  • the preset policy may be determined according to the requirements of the actual application.
  • the verification code may be randomly generated or generated according to a certain rule.
  • the verification code may be a binary string or other hexadecimal. Numbers, such as decimal or hexadecimal numbers, or even combinations of pictures or colors, such as a combination of male and female photos, or a combination of black and white, a combination of blue and red, etc. I will not repeat them here.
  • corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character.
  • the verification code generating unit 402 is further configured to generate prompt information, where the prompt information is used to indicate a correspondence between the operation gesture and the binary character.
  • the male photo indicates a tap and the female photo indicates a tap
  • the user may be prompted: "Where the male photo indicates a tap, the female photo indicates a tap, please input in order.”
  • black indicates a tap and white indicates a tap
  • the user can be prompted: "Where black indicates a tap, white indicates a tap, please input in order.”
  • the input information may be distinguished according to the strength of the pressing, for example, as follows:
  • the obtaining unit 403 is configured to determine an operation gesture of the user on the touch panel when the user needs to input the verification code.
  • the obtaining unit 403 may be specifically configured to acquire an operation gesture of the user on the touch panel according to the prompt information, such as “tap” or “tap”.
  • the method for determining that the user needs to input the verification code may be various, for example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code, etc. Wait.
  • the string generating unit 404 is configured to generate a corresponding binary character according to the operation gesture string.
  • the rule for generating a binary string may be set in advance, for example, in the embodiment of the present invention,
  • the character string generating unit 404 is specifically configured to: when the operation gesture is determined to be a tap, generate a character 1; when the operation gesture is determined to be a tap, generate a character 0; and the generated characters are arranged in the order of the operation gesture to form a binary String.
  • the character string generating unit 404 may be specifically configured to: when the operation gesture is a tap, generate a character 0; when the operation gesture is determined to be a tap, generate a character 1; and the generated characters are arranged in the order of the operation gesture. Make up a binary string.
  • the character string generating unit 404 may be specifically configured to: when the operation gesture is a tap, generate a character 0; when the operation gesture is determined to be a re-press, generate a character 1; and the generated characters are arranged in the order of the operation gesture to form Binary string.
  • the character string generating unit 404 may be specifically configured to: when the operation gesture is determined to be a tap, generate a character 1; when the operation gesture is determined to be a re-press, generate a character 0; and the generated characters are arranged in the order of the operation gesture. Make up a binary string.
  • the processing unit 405 is configured to match the binary string with the verification code according to a preset rule. If the matching is successful, the identity verification is determined to be passed when the authentication information is determined to be correct, and if not, the identity verification request is rejected.
  • the processing unit 405 may be specifically configured to determine whether the binary string corresponding to the operation gesture is consistent with the verification code; if yes, determine the binary string corresponding to the operation gesture. Matching the verification code; if not, determining that the binary string corresponding to the operation gesture does not match the verification code.
  • the The processing unit 405 may be specifically configured to convert the decimal number combination or the hexadecimal number combination into a binary character string; determine whether the binary string corresponding to the operation gesture is consistent with the converted binary string; if they are consistent, determine The binary string corresponding to the operation gesture matches the verification code; if not, it is determined that the binary string corresponding to the operation gesture does not match the verification code.
  • each digit of the decimal number combination or the hexadecimal number combination can be converted into a binary number, and then Sorting and combining in order, you can also directly convert the decimal number combination or hexadecimal number combination as a number.
  • the specific conversion rules can be determined according to the needs of the actual application, but need to be converted with the user input. The rules are consistent and will not be described here.
  • processing unit 405 is further configured to: when determining that the binary string matches the verification code, if it is determined that the authentication information is incorrect, reject the identity verification request.
  • the foregoing units may be implemented as a separate entity, or may be implemented in any combination, and may be implemented as the same or a plurality of entities.
  • the foregoing method embodiments and details are not described herein.
  • the authentication device can be specifically integrated in a terminal, a server, or other device that requires authentication.
  • the verification code generating unit 402 when the identity verification device of the embodiment receives the identity verification request of the user, the verification code generating unit 402 generates a verification code according to the identity verification request, and the obtaining unit 403 determines that the user needs to input the verification code.
  • the verification code input by the user when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard, and therefore, compared with the prior art, the technology can only be input through the keyboard. Providing a choice for the user to enter the verification code greatly facilitates the user's operation and helps to improve the flexibility, fun and interactivity of the operation.
  • the embodiment of the present invention further provides an identity verification device, which may include any identity verification device provided by the embodiment of the present invention.
  • an identity verification device which may include any identity verification device provided by the embodiment of the present invention.
  • the identity verification device includes an identity verification device, configured to receive an authentication request of the user, where the identity verification request carries the authentication information, generate a verification code according to the identity verification request, and determine that the user needs to input the verification code to obtain the user touch
  • An operation gesture on the control panel generates a corresponding binary string according to the operation gesture, and matches the binary string with the verification code according to a preset rule. If the matching is performed, determining the identity verification when determining that the authentication information is correct Pass, otherwise, if not, reject the authentication request.
  • the character 1 is generated
  • the operation gesture is determined to be a tap
  • the character 0 is generated
  • the generated characters are arranged in the order of the operation gesture to form a binary character string.
  • the character 0 is generated
  • the operation gesture is determined to be a tap
  • the character 1 is generated, and then the generated characters are arranged in the order of the operation gesture to form a binary character string.
  • the authentication device may be a terminal, a server, or other device that needs to be authenticated.
  • the authentication device may be a terminal, a server, or other device that needs to be authenticated.
  • the identity verification device can include any of the identity verification devices provided by the embodiments of the present invention
  • the beneficial effects that can be achieved by any of the identity verification devices provided by the embodiments of the present invention can be implemented. For example, it will not be described here.
  • the terminal 500 can be a conventional desktop computer or laptop, an intelligent mobile terminal, or a dedicated authentication device.
  • the terminal 500 includes a central processing unit (CPU) 501, a system memory 504 including a random access memory (RAM) 502 and a read only memory (ROM) 503, and a system bus 505 that connects the system memory 504 and the central processing unit 501.
  • the terminal 500 also includes a basic input/output system (I/O system) 506 that facilitates transfer of information between various devices within the terminal, and mass storage for storing the operating system 513, applications 514, and other program modules 515.
  • I/O system basic input/output system
  • the basic input/output system 506 includes a display 508 for displaying information and an input device 509 such as a touchpad, mouse, keyboard for inputting information by the user. Both the display 508 and the input device 509 are connected to the central processing unit 501 via an input and output controller 510 that is coupled to the system bus 505.
  • the basic input/output system 506 can also include an input and output controller 510 for receiving and processing input from a plurality of other devices, such as a touchpad, keyboard, mouse, or electronic stylus.
  • input and output controller 510 also provides output to a display screen, printer, or other type of output device.
  • the mass storage device 507 is connected to the central processing unit 501 by a mass storage controller (not shown) connected to the system bus 505.
  • the mass storage device 507 and its associated terminal readable medium provide non-volatile storage for the terminal 500. That is, the mass storage device 507 can include a computer readable medium (not shown) such as a hard disk or a CD-ROM drive.
  • the computer readable medium can include computer storage media and communication media.
  • Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data.
  • Computer storage media include RAM, ROM, EPROM, EEPROM, flash memory or other solid state storage technologies, CD-ROM, DVD or other optical storage, tape cartridges, magnetic tape, magnetic disk storage or other magnetic storage devices.
  • RAM random access memory
  • ROM read only memory
  • EPROM Erasable programmable read-only memory
  • EEPROM electrically erasable programmable read-only memory
  • the terminal 500 may also be connected to a remote computer running on a network through a network such as the Internet. That is, the terminal 500 can be connected to the network 512 through a network interface unit 511 connected to the system bus 505, or can be connected to other types of networks or remote computer systems (not shown) using the network interface unit 511. .
  • the network interface unit 511 may connect the terminal 500 to the network 512 in a wired or wireless manner.
  • the program may be stored in a computer readable storage medium, and the storage medium may include: Read Only Memory (ROM), Random Access Memory (RAM), disk or optical disk.
  • ROM Read Only Memory
  • RAM Random Access Memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

Disclosed are an identity verification method and apparatus. In the embodiments of the present invention, the method comprises: when an identity verification request of a user is received, generating a verification code according to the identity verification request, and acquiring an operation gesture of the user on a touch control panel when it is determined that it is necessary for the user to input the verification code; then generating a corresponding binary character string according to the operation gesture; and matching the binary character string with the verification code according to a pre-set rule, and if matching, determining that identity verification is passed when authentication information carried by the identity verification request is determined to be correct, and if not matching, rejecting the identity verification request.

Description

身份验证方法和装置Authentication method and device
本申请要求于2015年10月26日提交中国专利局、申请号为201510703867.8、发明名称为“一种身份验证方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 201510703867.8, the entire disclosure of which is hereby incorporated by reference. .
技术领域Technical field
本发明涉及通信技术领域,具体涉及一种身份验证方法和装置。The present invention relates to the field of communications technologies, and in particular, to an identity verification method and apparatus.
发明背景Background of the invention
现如今,人们生活的方方面面几乎都离不开数据,比如进行网络购物、转账、以及会话等等,无不涉及到数据的处理,因此,如何保障数据安全,也成为业界一直以来都极为关注的一个问题。Nowadays, almost all aspects of people's lives are inseparable from data, such as online shopping, transfer, and conversation, etc., all of which involve data processing. Therefore, how to ensure data security has become a concern of the industry. problem.
在现有技术中,一般都会通过身份验证的方式来提高数据的安全性。比如,根据用户提供的鉴权信息,如账号和密码等,与预存的验证信息进行比较,若一致,则验证通过,否则,则确定验证不通过。其中,为了有效防止某个黑客对某一个特定注册用户,采用特定程序暴力破解方式进行不断的登录尝试(即验证尝试),现有技术又提出了“验证码”技术,即随机生成一个只有人类才能解答的问题,比如一串数字、字母、文字、图片或问题等,要求登陆者按照该验证码的要求进行输入,只有输入正确,且鉴权信息正确,才可确定验证通过。简而言之,验证码的存在就是为了区分鉴权信息的输入是人还是机器,以提高验证的安全性。In the prior art, data security is generally improved by means of authentication. For example, according to the authentication information provided by the user, such as an account number and a password, the authentication information is compared with the pre-stored verification information. If they are consistent, the verification is passed. Otherwise, it is determined that the verification fails. In order to effectively prevent a hacker from using a specific program brute force attack to perform a continuous login attempt (ie, verification attempt) for a specific registered user, the prior art also proposes a "verification code" technology, that is, randomly generating only one human Questions that can be answered, such as a string of numbers, letters, words, pictures or questions, require the registrant to input according to the requirements of the verification code. Only when the input is correct and the authentication information is correct, the verification can be confirmed. In short, the existence of the verification code is to distinguish whether the input of the authentication information is a person or a machine to improve the security of the verification.
发明内容Summary of the invention
本发明实施例提供一种身份验证方法和装置,可以通过触控板来获 取用户输入的验证码,在保障数据安全的前提下,提高操作的灵活性。The embodiment of the invention provides an identity verification method and device, which can be obtained through a touchpad. Take the verification code input by the user to improve the flexibility of operation under the premise of ensuring data security.
本发明实施例提供一种身份验证方法,包括:An embodiment of the present invention provides an identity verification method, including:
接收用户的身份验证请求,所述身份验证请求携带鉴权信息;Receiving an authentication request of the user, where the authentication request carries authentication information;
根据所述身份验证请求生成验证码;Generating a verification code according to the identity verification request;
确定用户需要输入验证码时,获取用户在触控板上的操作手势;When the user needs to input the verification code, the operation gesture of the user on the touch panel is obtained;
根据所述操作手势生成对应的二进制字符串;Generating a corresponding binary string according to the operation gesture;
按照预置规则将所述二进制字符串与所述验证码进行匹配;Matching the binary string with the verification code according to a preset rule;
若匹配,则在确定所述鉴权信息正确时,确定身份验证通过;If it is matched, when it is determined that the authentication information is correct, it is determined that the identity verification is passed;
若不匹配,则拒绝所述身份验证请求。If there is no match, the authentication request is rejected.
本发明实施例还提供一种身份验证装置,包括:An embodiment of the present invention further provides an identity verification apparatus, including:
接收单元,用于接收用户的身份验证请求,所述身份验证请求携带鉴权信息;a receiving unit, configured to receive an authentication request of the user, where the identity verification request carries authentication information;
验证码生成单元,用于根据所述身份验证请求生成验证码;a verification code generating unit, configured to generate a verification code according to the identity verification request;
获取单元,用于确定用户需要输入验证码时,获取用户在触控板上的操作手势;An obtaining unit, configured to obtain an operation gesture of the user on the touch panel when the user needs to input the verification code;
字符串生成单元,用于根据所述操作手势生成对应的二进制字符串;a string generating unit, configured to generate a corresponding binary string according to the operation gesture;
处理单元,用于按照预置规则将所述二进制字符串与所述验证码进行匹配,若匹配,则在确定所述鉴权信息正确时,确定身份验证通过,若不匹配,则拒绝所述身份验证请求。a processing unit, configured to match the binary string with the verification code according to a preset rule, and if yes, determine that the authentication is valid when determining that the authentication information is correct, and if not, reject the Authentication request.
本发明实施例还提供一种非易失性计算机可读存储介质,存储有程序,所述程序能够使计算机执行如下步骤:The embodiment of the invention further provides a non-transitory computer readable storage medium storing a program, which enables the computer to perform the following steps:
接收用户的身份验证请求,所述身份验证请求携带鉴权信息;Receiving an authentication request of the user, where the authentication request carries authentication information;
根据所述身份验证请求生成验证码;Generating a verification code according to the identity verification request;
确定用户需要输入验证码时,获取用户在触控板上的操作手势;When the user needs to input the verification code, the operation gesture of the user on the touch panel is obtained;
根据所述操作手势生成对应的二进制字符串; Generating a corresponding binary string according to the operation gesture;
按照预置规则将所述二进制字符串与所述验证码进行匹配;Matching the binary string with the verification code according to a preset rule;
若匹配,则在确定所述鉴权信息正确时,确定身份验证通过;If it is matched, when it is determined that the authentication information is correct, it is determined that the identity verification is passed;
若不匹配,则拒绝所述身份验证请求。If there is no match, the authentication request is rejected.
本发明实施例采用在接收到用户的身份验证请求时,根据该身份验证请求生成验证码,并在确定用户需要输入验证码时,获取用户在触控板上的操作手势,然后根据该操作手势生成对应的二进制字符串,并按照预置规则将该二进制字符串与验证码进行匹配,若匹配,则在确定身份验证请求所携带的鉴权信息正确时,确定身份验证通过,反之,若不匹配,则拒绝该身份验证请求,从而实现对用户进行身份验证的目的。根据本发明实施例,在获取用户输入的验证码时,无需通过键盘,而是通过对触控板进行监控来获取,因此,相对于现有技术只能通过键盘来进行输入的技术而言,为用户输入验证码提供了多一份选择,大大方便了用户的操作,有利于提高操作的灵活性和趣味性。When receiving the identity verification request of the user, the embodiment of the present invention generates a verification code according to the identity verification request, and obtains an operation gesture of the user on the touch panel when determining that the user needs to input the verification code, and then according to the operation gesture Generating a corresponding binary string, and matching the binary string with the verification code according to a preset rule. If the matching is performed, determining that the authentication information carried by the identity verification request is correct, and determining that the identity verification is passed, and vice versa, if not If the match is made, the authentication request is rejected, thereby achieving the purpose of authenticating the user. According to the embodiment of the present invention, when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard, and therefore, compared with the prior art, the technology can only be input through the keyboard. It provides a choice for the user to enter the verification code, which greatly facilitates the user's operation and helps to improve the flexibility and fun of the operation.
附图简要说明BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention. Other drawings can also be obtained from those skilled in the art based on these drawings without paying any creative effort.
图1是本发明实施例提供的身份验证方法的流程图;FIG. 1 is a flowchart of an identity verification method according to an embodiment of the present invention;
图2a是本发明实施例提供的身份验证方法的另一流程图;2a is another flowchart of an identity verification method according to an embodiment of the present invention;
图2b是本发明实施例提供的身份验证方法中验证码输入界面的示意图;2b is a schematic diagram of a verification code input interface in an identity verification method according to an embodiment of the present invention;
图3a是本发明实施例提供的身份验证方法的又一流程图;FIG. 3a is still another flowchart of an identity verification method according to an embodiment of the present invention;
图3b是本发明实施例提供的身份验证方法中验证码输入界面的另 一示意图;FIG. 3b is another embodiment of a verification code input interface in an identity verification method according to an embodiment of the present invention; a schematic diagram;
图4是本发明实施例提供的身份验证装置的结构示意图;4 is a schematic structural diagram of an identity verification apparatus according to an embodiment of the present invention;
图5是本发明实施例提供的终端的结构示意图。FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
实施本发明的方式Mode for carrying out the invention
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
本发明实施例提供一种身份验证方法。本实施例将从身份验证装置的角度进行描述,该身份验证装置具体可以集成在终端、服务器或其他需要进行身份验证的设备中。The embodiment of the invention provides an identity verification method. This embodiment will be described from the perspective of an identity verification device, which may be integrated in a terminal, a server, or other device that requires authentication.
一种身份验证方法,包括:接收用户的身份验证请求,该身份验证请求携带鉴权信息,根据该身份验证请求生成验证码,确定用户需要输入验证码时,获取用户在触控板上的操作手势,根据该操作手势生成对应的二进制字符串,按照预置规则将该二进制字符串与该验证码进行匹配,若匹配,则在确定该鉴权信息正确时,确定身份验证通过,否则,若不匹配,则拒绝该身份验证请求。An authentication method includes: receiving an authentication request of a user, the authentication request carrying the authentication information, generating a verification code according to the identity verification request, and determining that the user needs to input the verification code to obtain the operation of the user on the touch panel a gesture, according to the operation gesture, generating a corresponding binary string, and matching the binary string with the verification code according to a preset rule. If the matching is performed, determining that the authentication information is correct, determining that the identity verification is passed, otherwise, if If there is no match, the authentication request is rejected.
如图1所示,该身份验证方法的具体流程可以如下:As shown in Figure 1, the specific process of the identity verification method can be as follows:
101、接收用户的身份验证请求。101. Receive an authentication request of a user.
其中,该身份验证请求可以携带鉴权信息,比如用户的帐户和密码等,该帐户可以包括邮箱地址、即时通信的号码、用户名称或用户编号等。The authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
102、根据该身份验证请求生成验证码。 102. Generate a verification code according to the identity verification request.
例如,可以在接收到用户的身份验证请求时,比如用户打开登陆界面时,或者用户输入鉴权信息时,又或者,当用户在登陆界面上,点击生成验证码的触发键时,根据预设的策略生成验证码。For example, when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset The strategy generates a verification code.
其中,该预设策略可以根据实际应用的需求而定。比如,该验证码可以是随机生成的,也可以按照一定的规律来生成,该验证码可以是二进制字符串,也可以是其他进制的数字,比如十进制或十六进制的数字,甚至,还可以是图片组合或颜色组合,比如男性相片和女性相片的组合,或者黑色和白色的组合、蓝色和红色的组合,等等,在此不再赘述。The preset policy may be determined according to the needs of the actual application. For example, the verification code may be randomly generated or generated according to a certain rule, and the verification code may be a binary string or other binary numbers, such as decimal or hexadecimal numbers, or even It may also be a combination of pictures or a combination of colors, such as a combination of a male photo and a female photo, or a combination of black and white, a combination of blue and red, and the like, and will not be described again here.
在本发明实施例中,为了便于用户操作,在生成验证码时,还可以生成相应的提示信息,以指示操作手势与二进制字符的对应关系。In the embodiment of the present invention, in order to facilitate the user operation, when generating the verification code, corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character.
例如,若“0”表示轻触,“1”表示点按,则可以提示用户:“其中,0表示轻触,1表示点按,请按顺序输入”。For example, if “0” means tap, and “1” means tap, you can prompt the user: “Where, 0 means tap, 1 means tap, please input in order”.
又例如,若“1”表示轻触,“0”表示点按,则可以提示用户:“其中,1表示轻触,0表示点按,请按顺序输入”。For another example, if "1" indicates a tap and "0" indicates a tap, the user can be prompted: "Where 1 indicates a tap, 0 indicates a tap, please input in order."
又例如,若男性相片表示轻触,女性相片表示点按,则可以提示用户:“其中,男性相片表示轻触,女性相片表示点按,请按顺序输入”。For another example, if the male photo indicates a tap and the female photo indicates a tap, the user may be prompted: "Where the male photo indicates a tap, the female photo indicates a tap, please input in order."
又例如,若黑色表示轻触,白色表示点按,则可以提示用户:“其中,黑色表示轻触,白色表示点按,请按顺序输入”。For another example, if black indicates a tap and white indicates a tap, the user can be prompted: "Where black indicates a tap, white indicates a tap, please input in order."
又例如,还可以按照按压的力度的不同来区分输入的信息,比如,可以如下:For another example, the input information may be distinguished according to the strength of the pressing, for example, as follows:
若“0”表示轻按,“1”表示重按,则可以提示用户:“其中,0表示轻按,1表示重按,请按顺序输入”。If “0” means tap and “1” means press again, you can prompt the user: “Where, 0 means tap, 1 means press, please input in order”.
或者,若“1”表示轻按,“0”表示重按,则可以提示用户:“其中,1表示轻按,0表示重按,请按顺序输入”。Or, if "1" means tap, and "0" means re-press, you can prompt the user: "Where 1 means tap, 0 means press, please input in order".
以此类推,在此不再赘述。 By analogy, it will not be repeated here.
需说明的是,除了“轻触”和“点按”,以及“轻按”和“重按”之外,也可以是其他的操作手势,比如“画圈”等,该操作手势与二进制字符的对应关系可以根据实际应用的需求进行设置,在此不再赘述。It should be noted that in addition to "tap" and "tap", as well as "tap" and "re-press", other operational gestures, such as "circle", etc., can be used to perform gestures and binary characters. The corresponding relationship can be set according to the requirements of the actual application, and will not be described here.
103、确定用户需要输入验证码时,获取用户在触控板上的操作手势。103. When it is determined that the user needs to input the verification code, obtain an operation gesture of the user on the touch panel.
其中,确定用户需要输入验证码的方式可以有多种,比如,当用户点击验证码的输入框时,或者,当输入光标在验证码的输入框时,则可以确定用户需要输入验证码。The method for determining that the user needs to input the verification code may be various. For example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code.
若在步骤102中,已经生成了提示信息,则此时用户可以根据该提示信息在触控板上进行操作,即步骤“获取用户在触控板上的操作手势”具体可以为:获取用户根据该提示信息在触控板上的操作手势,比如“点按”或“轻触”。If the prompt information has been generated in the step 102, the user can perform the operation on the touch panel according to the prompt information, that is, the step of “acquiring the operation gesture of the user on the touch panel” may be: obtaining the user according to the The gesture of the prompt information on the touchpad, such as "tap" or "tap".
104、根据该操作手势生成对应的二进制字符串。104. Generate a corresponding binary string according to the operation gesture.
其中,生成二进制字符串的规则可以预先进行设定,比如,以压力触控(Force touch)为例,可以采用如下任意一种方式:The rules for generating a binary string can be set in advance. For example, in the case of a pressure touch (Force touch), any one of the following methods can be used:
(1)第一种方式;(1) The first way;
确定该操作手势为轻触时,生成字符1;When the operation gesture is determined to be a tap, the character 1 is generated;
确定该操作手势为点按时,生成字符0;When the operation gesture is determined to be tapped, the character 0 is generated;
将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The generated characters are arranged in the order of the operation gestures to form a binary string.
(2)第二种方式;(2) the second way;
确定该操作手势为轻触时,生成字符0;When the operation gesture is determined to be a tap, the character 0 is generated;
确定该操作手势为点按时,生成字符1;When the operation gesture is determined to be a tap, the character 1 is generated;
将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The generated characters are arranged in the order of the operation gestures to form a binary string.
(3)第三种方式;(3) The third way;
确定该操作手势为轻按时,生成字符0;When the operation gesture is determined to be tapped, the character 0 is generated;
确定该操作手势为重按时,生成字符1; Determining that the operation gesture is a re-press, generating a character 1;
将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The generated characters are arranged in the order of the operation gestures to form a binary string.
在本发明实施例中,可以预先设置压力阈值,当该操作手势施加的压力大于该压力阈值时,确定该操作手势为重按,当该操作手势施加的压力小于或等于该压力阈值时,确定该操作手势为轻按。In the embodiment of the present invention, a pressure threshold may be preset, and when the pressure applied by the operation gesture is greater than the pressure threshold, determining that the operation gesture is a re-press, and when the pressure applied by the operation gesture is less than or equal to the pressure threshold, determining The operation gesture is a tap.
(4)第四种方式;(4) The fourth way;
确定该操作手势为轻按时,生成字符1;Determining that the operation gesture is a tap, generating a character 1;
确定该操作手势为重按时,生成字符0;Determining that the operation gesture is a re-press, generating a character 0;
将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The generated characters are arranged in the order of the operation gestures to form a binary string.
在本发明实施例中,可以预先设置压力阈值,当该操作手势施加的压力大于该压力阈值时,确定该操作手势为重按,当该操作手势施加的压力小于或等于该压力阈值时,确定该操作手势为轻按。In the embodiment of the present invention, a pressure threshold may be preset, and when the pressure applied by the operation gesture is greater than the pressure threshold, determining that the operation gesture is a re-press, and when the pressure applied by the operation gesture is less than or equal to the pressure threshold, determining The operation gesture is a tap.
需说明的是,该生成的规则与提示信息相对应,当然,还存在有其他的方式,在此不再赘述。It should be noted that the generated rule corresponds to the prompt information. Of course, there are other ways, and details are not described herein again.
105、按照预置规则将该二进制字符串与该验证码进行匹配,若匹配,则执行步骤106,若不匹配,则执行步骤107。105. Match the binary string with the verification code according to a preset rule. If yes, go to step 106. If not, go to step 107.
例如,若该验证码为二进制字符串,则此时,可以确定该操作手势对应的二进制字符串与该验证码是否一致,若一致,则确定该操作手势对应的二进制字符串与该验证码匹配;若不一致,则确定该操作手势对应的二进制字符串与该验证码不匹配。For example, if the verification code is a binary string, at this time, it can be determined whether the binary string corresponding to the operation gesture is consistent with the verification code. If they are consistent, it is determined that the binary string corresponding to the operation gesture matches the verification code. If it is inconsistent, it is determined that the binary string corresponding to the operation gesture does not match the verification code.
又例如,若该验证码为十进制数字组合或十六进制数字组合,则此时,可以将该十进制数字组合或十六进制数字组合转换为二进制字符串,然后,确定该操作手势对应的二进制字符串与转换得到的二进制字符串是否一致,若一致,则确定该操作手势对应的二进制字符串与该验证码匹配;若不一致,则确定该操作手势对应的二进制字符串与该验证码不匹配。 For another example, if the verification code is a combination of a decimal number or a hexadecimal number, at this time, the combination of the decimal number or the hexadecimal number can be converted into a binary string, and then the operation gesture is determined. Whether the binary string is consistent with the converted binary string. If they are consistent, it is determined that the binary string corresponding to the operation gesture matches the verification code; if not, the binary string corresponding to the operation gesture is determined not to be the verification code. match.
需说明的是,其中,在将十进制数字组合或十六进制数字组合转换为二进制字符串时,可以将该十进制数字组合或十六进制数字组合中的每一个数字转换为二进制数,然后按顺序进行排序组合,也可以直接将该十进制数字组合或十六进制数字组合当作一个数字进行转换,具体转换规则可以根据实际应用的需求而定,但是需要与用户输入时所遵守的转换规则保持一致,在此不再赘述。It should be noted that, when converting a decimal number combination or a hexadecimal number combination into a binary string, each digit of the decimal number combination or the hexadecimal number combination can be converted into a binary number, and then Sorting and combining in order, you can also directly convert the decimal number combination or hexadecimal number combination as a number. The specific conversion rules can be determined according to the needs of the actual application, but need to be converted with the user input. The rules are consistent and will not be described here.
106、若匹配,则在确定该鉴权信息正确时,确定身份验证通过。106. If it matches, when it is determined that the authentication information is correct, it is determined that the identity verification is passed.
反之,若确定该鉴权信息不正确,则拒绝该身份验证请求。On the other hand, if it is determined that the authentication information is incorrect, the authentication request is rejected.
其中,鉴权信息是否正确,可以将该鉴权信息,比如帐号和密码与预存的验证信息,比如保存的帐号和密码进行比对来确定,在此不再赘述。If the authentication information is correct, the authentication information, such as the account number and the password, may be compared with the pre-stored authentication information, such as the saved account number and password, and will not be described here.
107、若不匹配,则拒绝该身份验证请求。107. If there is no match, the authentication request is rejected.
由上可知,本实施例采用在接收到用户的身份验证请求时,根据该身份验证请求生成验证码,并在确定用户需要输入验证码时,获取用户在触控板上的操作手势,然后根据该操作手势生成对应的二进制字符串,并按照预置规则将该二进制字符串与验证码进行匹配,若匹配,则在确定身份验证请求所携带的鉴权信息正确时,确定身份验证通过,反之,若不匹配,则拒绝该身份验证请求,从而实现对用户进行身份验证的目的。根据本发明实施例,在获取用户输入的验证码时,无需通过键盘,而是通过对触控板进行监控来获取,因此,相对于现有技术只能通过键盘来进行输入的技术而言,为用户输入验证码提供了多一份选择,大大方便了用户的操作,有利于提高操作的灵活性、趣味性和互动性。As can be seen from the above, when receiving the identity verification request of the user, the embodiment generates a verification code according to the identity verification request, and obtains an operation gesture of the user on the touch panel when determining that the user needs to input the verification code, and then according to The operation gesture generates a corresponding binary string, and matches the binary string with the verification code according to a preset rule. If the matching, the identity verification is determined when the authentication information carried by the identity verification request is correct, and vice versa. If it does not match, the authentication request is rejected, thereby achieving the purpose of authenticating the user. According to the embodiment of the present invention, when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard, and therefore, compared with the prior art, the technology can only be input through the keyboard. Providing a choice for the user to enter the verification code greatly facilitates the user's operation and helps to improve the flexibility, fun and interactivity of the operation.
本发明实施例提供一种身份验证方法。根据图1所示实施例所描述的方法,以下将举例作进一步详细说明。The embodiment of the invention provides an identity verification method. According to the method described in the embodiment shown in Fig. 1, the following will be exemplified in further detail.
在本实施例中,将以该验证码为二进制字符串,且“0”表示轻触, “1”表示点按为例进行说明。In this embodiment, the verification code will be a binary string, and “0” indicates a tap. "1" indicates that the tap is taken as an example for explanation.
如图2a所示,该身份验证方法包括如下具体流程。As shown in FIG. 2a, the identity verification method includes the following specific processes.
201、身份验证装置接收用户的身份验证请求。201. The identity verification device receives an authentication request of the user.
其中,该身份验证请求可以携带鉴权信息,比如用户的帐户和密码等,该帐户可以包括邮箱地址、即时通信的号码、用户名称或用户编号等。The authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
202、身份验证装置根据该身份验证请求生成验证码,该验证码具体可以是二进制字符串。202. The identity verification device generates a verification code according to the identity verification request, where the verification code may be a binary string.
例如,可以在接收到用户的身份验证请求时,比如用户打开登陆界面时,或者用户输入鉴权信息时,又或者,当用户在登陆界面上,点击生成验证码的触发键时,根据预设策略生成验证码。其中,该预设策略可以根据实际应用的需求而定,比如,该验证码可以是随机生成的,也可以按照一定的规律来生成。For example, when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset The policy generates a verification code. The preset policy may be determined according to the requirements of the actual application. For example, the verification code may be randomly generated or generated according to a certain rule.
在本发明实施例中,为了便于用户操作,在生成验证码时,还可以生成相应的提示信息,以指示操作手势与二进制字符的对应关系,比如,参见图2b,在显示验证码“10110”时,可以提示用户:“其中,0表示轻触,1表示点按,请按顺序输入”,等等。In the embodiment of the present invention, in order to facilitate the user operation, when generating the verification code, corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character. For example, referring to FIG. 2b, the verification code “10110” is displayed. When prompted, the user can be prompted: "Where, 0 means tap, 1 means tap, please enter in order", and so on.
203、身份验证装置确定用户需要输入验证码时,获取用户在触控板上的操作手势。203. The identity verification device determines that the user needs to input the verification code to obtain an operation gesture of the user on the touch panel.
例如,用户可以根据该提示信息在触控板上作出“点按”或“轻触”的操作手势,在输入完毕后进行确定,则此时,身份验证装置便可以接收到这些操作手势。For example, the user can make a “tap” or “tap” operation gesture on the touchpad according to the prompt information, and after the input is completed, the identity verification device can receive the operation gestures.
其中,确定用户需要输入验证码的方式可以有多种,比如,当用户点击验证码的输入框时,或者,当输入光标在验证码的输入框时,则可以确定用户需要输入验证码。 The method for determining that the user needs to input the verification code may be various. For example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code.
204、身份验证装置确定该操作手势为轻触时,生成字符0,确定该操作手势为点按时,生成字符1,将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。204. The identity verification device determines that the operation gesture is a tap, generates a character 0, determines that the operation gesture is a tap, generates a character 1, and arranges the generated characters in the order of the operation gesture to form a binary character string.
205、身份验证装置确定该操作手势对应的二进制字符串与该验证码是否一致,若一致,则确定该操作手势对应的二进制字符串与该验证码匹配,执行步骤206;若不一致,则确定该操作手势对应的二进制字符串与该验证码不匹配,执行步骤207。205. The identity verification device determines whether the binary string corresponding to the operation gesture is consistent with the verification code. If the identity is consistent, determining that the binary string corresponding to the operation gesture matches the verification code, performing step 206; if not, determining the The binary string corresponding to the operation gesture does not match the verification code, and step 207 is performed.
206、身份验证装置在确定该鉴权信息正确时,确定身份验证通过。206. The identity verification device determines that the identity verification is passed when determining that the authentication information is correct.
反正,若确定该鉴权信息不正确,则拒绝该身份验证请求(即执行步骤207)。Anyway, if it is determined that the authentication information is incorrect, the authentication request is rejected (ie, step 207 is performed).
其中,鉴权信息是否正确,可以将该鉴权信息,比如帐号和密码与预存的验证信息,比如保存的帐号和密码进行比对来确定,在此不再赘述。If the authentication information is correct, the authentication information, such as the account number and the password, may be compared with the pre-stored authentication information, such as the saved account number and password, and will not be described here.
207、身份验证装置拒绝该身份验证请求。207. The identity verification device rejects the identity verification request.
需说明的是,除了允许用户通过触控板输入验证码之外,也可以允许用户通过其他的途径,如键盘输入验证码,即用户可以选择输入验证码的途径,在此不再赘述。It should be noted that, in addition to allowing the user to input the verification code through the touchpad, the user can also be allowed to input the verification code through other means, such as a keyboard, that is, the user can select the way to input the verification code, and details are not described herein.
由上可知,本实施例采用在接收到用户的身份验证请求时,根据该身份验证请求生成一个二进制字符串作为验证码,并在确定用户需要输入验证码时,获取用户在触控板上的操作手势,比如,点按或轻触等,然后根据该操作手势生成对应的二进制字符串,并将该二进制字符串与验证码进行比较,若一致,则在确定身份验证请求所携带的鉴权信息正确时,确定身份验证通过,反之,若不一致,则拒绝该身份验证请求,从而实现对用户进行身份验证的目的。根据本发明实施例,在获取用户输入的验证码时,无需通过键盘,而是通过对触控板进行监控来获取, 因此,相对于现有技术只能通过键盘来进行输入的技术而言,为用户输入验证码提供了多一份选择,大大方便了用户的操作,有利于提高操作的灵活性、趣味性和互动性。As can be seen from the above, when receiving the identity verification request of the user, the embodiment generates a binary character string as a verification code according to the identity verification request, and obtains the user on the touchpad when determining that the user needs to input the verification code. Manipulating a gesture, such as tapping or tapping, and then generating a corresponding binary string according to the operation gesture, and comparing the binary string with the verification code. If they are consistent, determining the authentication carried by the identity verification request When the information is correct, it is determined that the authentication is passed. On the other hand, if the information is inconsistent, the authentication request is rejected, thereby achieving the purpose of authenticating the user. According to the embodiment of the present invention, when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard. Therefore, compared with the prior art technology that can only input through the keyboard, the user inputting the verification code provides one more choice, which greatly facilitates the operation of the user, and is beneficial to improve the flexibility, fun and interaction of the operation. Sex.
本发明实施例提供一种身份验证方法。根据图1所示实施例所描述的方法,以下将举例作进一步详细说明。The embodiment of the invention provides an identity verification method. According to the method described in the embodiment shown in Fig. 1, the following will be exemplified in further detail.
在本实施例中,将以该验证码为十进制字符串,且“0”表示轻触,“1”表示点按为例进行说明。In this embodiment, the verification code is a decimal character string, and “0” indicates a tap, and “1” indicates a click as an example.
如图3a所示,该身份验证方法可以包括如下具体流程。As shown in FIG. 3a, the identity verification method may include the following specific process.
301、身份验证装置接收用户的身份验证请求。301. The identity verification device receives an authentication request of the user.
其中,该身份验证请求可以携带鉴权信息,比如用户的帐户和密码等,该帐户可以包括邮箱地址、即时通信的号码、用户名称或用户编号等。The authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
302、身份验证装置根据该身份验证请求生成验证码,该验证码具体可以是十进制字符串。302. The identity verification device generates a verification code according to the identity verification request, where the verification code may be a decimal string.
例如,可以在接收到用户的身份验证请求时,比如用户打开登陆界面时,或者用户输入鉴权信息时,又或者,当用户在登陆界面上,点击生成验证码的触发键时,根据预设策略生成验证码。其中,该预设策略可以根据实际应用的需求而定,比如,该验证码可以是随机生成的,也可以按照一定的规律来生成。For example, when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset The policy generates a verification code. The preset policy may be determined according to the requirements of the actual application. For example, the verification code may be randomly generated or generated according to a certain rule.
在本发明实施例中,为了便于用户操作,在生成验证码时,还可以生成相应的提示信息,以指示操作手势与二进制字符的对应关系,比如,参见图3b,在显示验证码“4587”时,可以提示用户:“将显示的数字转换为二进制后进行输入,其中,0表示轻触,1表示点按,请按顺序输入”,等等。In the embodiment of the present invention, in order to facilitate the user operation, when generating the verification code, corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character. For example, referring to FIG. 3b, the verification code “4587” is displayed. When prompted, the user can be prompted to: "Enter the displayed number into binary and enter it, where 0 means tap, 1 means tap, please enter in order", and so on.
在本发明实施例中,也可以只要求用户输入该十进制字符串中某部 分数字的二进制数,比如,可以将验证码“4587”中的“8”进行突出显示,比如标记为有别于其他数字的颜色,如红色,然后要求用户按顺序在触控板输入“8”对应的二进制数,其中,0表示轻触,1表示点按,等等。In the embodiment of the present invention, only the user may be required to input a certain part of the decimal string. A numeric binary number, for example, "8" in the verification code "4587" can be highlighted, such as a color different from other numbers, such as red, and then the user is required to input "8" in sequence on the touchpad. "The corresponding binary number, where 0 means tap, 1 means tap, and so on.
303、身份验证装置确定用户需要输入验证码时,获取用户在触控板上的操作手势。303. The identity verification device determines that the user needs to input the verification code to obtain an operation gesture of the user on the touch panel.
例如,用户可以根据该提示信息在触控板上作出“点按”或“轻触”的操作手势,在输入完毕后进行确定,则此时,身份验证装置便可以接收到这些操作手势。For example, the user can make a “tap” or “tap” operation gesture on the touchpad according to the prompt information, and after the input is completed, the identity verification device can receive the operation gestures.
其中,确定用户需要输入验证码的方式可以有多种,比如,当用户点击验证码的输入框时,或者,当输入光标在验证码的输入框时,则可以确定用户需要输入验证码。The method for determining that the user needs to input the verification code may be various. For example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code.
304、身份验证装置确定该操作手势为轻触时,生成字符0,确定该操作手势为点按时,生成字符1,将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。304. The identity verification device determines that the operation gesture is a tap, generates a character 0, determines that the operation gesture is a tap, generates a character 1, and arranges the generated characters in the order of the operation gesture to form a binary character string.
305、身份验证装置将该验证码,即该十进制数字组合转换为二进制字符串。305. The authentication device converts the verification code, that is, the decimal number combination into a binary string.
例如,可以将该十进制数字组合中的每一个数字转换为二进制数,然后按顺序进行排序组合。For example, each of the decimal number combinations can be converted to a binary number and then sorted and combined in order.
比如,以“4587”为例,则可以将其中的“4”转换为“100”,将其中的“5”转换为“101”,将其中的“8”转换为“1000”,以及将其中的“7”转换为“111”,然后,将这几个数按顺序进行组合,即为“1001011000111”。For example, taking "4587" as an example, you can convert "4" to "100", convert "5" to "101", convert "8" to "1000", and put The "7" is converted to "111", and then these numbers are combined in order, which is "1001011000111".
当然,也可以设置直接将该十进制数字直接转换成二进制数,而不是将每个数字转换成二进制数,比如,可以将“4587”这个数转换为二 进制即为“1000111101011”,等等。具体需要采用哪种方式进行转换,可以根据实际应用的需求而定,但是需要与用户输入时所遵守的转换规则保持一致。Of course, you can also set the direct conversion of the decimal number directly into a binary number instead of converting each number to a binary number. For example, you can convert the number "4587" to two. The hexadecimal is "1000111101011", and so on. Which method is needed to convert can be determined according to the needs of the actual application, but it needs to be consistent with the conversion rules that the user enters when inputting.
306、身份验证装置确定该操作手势对应的二进制字符串与转换得到的二进制字符串(即验证码)是否一致,若一致,则确定该操作手势对应的二进制字符串与该验证码匹配,执行步骤307;若不一致,则确定该操作手势对应的二进制字符串与该验证码不匹配,执行步骤308。306. The identity verification device determines whether the binary string corresponding to the operation gesture is consistent with the converted binary string (ie, the verification code). If the identifier is consistent, determining that the binary string corresponding to the operation gesture matches the verification code, and performing steps If the inconsistency is determined, it is determined that the binary string corresponding to the operation gesture does not match the verification code, and step 308 is performed.
307、身份验证装置在确定该鉴权信息正确时,确定身份验证通过。307. The identity verification device determines that the identity verification is passed when determining that the authentication information is correct.
反正,若确定该鉴权信息不正确,则拒绝该身份验证请求(即执行步骤307)。Anyway, if it is determined that the authentication information is incorrect, the authentication request is rejected (ie, step 307 is performed).
其中,鉴权信息是否正确,可以将该鉴权信息,比如帐号和密码与预存的验证信息,比如保存的帐号和密码进行比对来确定,在此不再赘述。If the authentication information is correct, the authentication information, such as the account number and the password, may be compared with the pre-stored authentication information, such as the saved account number and password, and will not be described here.
308、身份验证装置拒绝该身份验证请求。308. The identity verification device rejects the identity verification request.
需说明的是,以上仅仅以该验证码为十进制字符串为例进行说明,应当理解的是,该验证码也可以以其他的形式来表示,比如十六进制字符串或颜色组合等,其实现方式与上述类似,在此不再赘述。It should be noted that the above description only takes the verification code as a decimal string as an example. It should be understood that the verification code may also be expressed in other forms, such as a hexadecimal string or a color combination. The implementation is similar to the above, and will not be described here.
由上可知,本实施例采用在接收到用户的身份验证请求时,根据该身份验证请求生成一个十进制字符串作为验证码,并在确定用户需要输入验证码时,获取用户在触控板上的操作手势,比如点按或轻触等,然后根据该操作手势生成对应的二进制字符串,将验证码转换为二进制字符串,然后将该二进制字符串与验证码转换成的二进制字符串进行比较,若一致,则在确定身份验证请求所携带的鉴权信息正确时,确定身份验证通过,反之,若不一致,则拒绝该身份验证请求,从而实现对用户进行身份验证的目的。根据本发明实施例,在获取用户输入的验证码 时,无需通过键盘,而是通过对触控板进行监控来获取,因此,相对于现有技术只能通过键盘来进行输入的技术而言,为用户输入验证码提供了多一份选择,大大方便了用户的操作,有利于提高操作的灵活性、趣味性和互动性。As can be seen from the above, when receiving the identity verification request of the user, the embodiment generates a decimal string as a verification code according to the identity verification request, and obtains the user on the touchpad when determining that the user needs to input the verification code. Manipulating a gesture, such as tapping or tapping, and then generating a corresponding binary string according to the operation gesture, converting the verification code into a binary string, and then comparing the binary string with the binary string into which the verification code is converted, If the authentication information is correct, the identity verification is determined to be passed, and if not, the identity verification request is rejected, thereby achieving the purpose of authenticating the user. Obtaining a verification code input by a user according to an embodiment of the present invention When it is not necessary to pass the keyboard, but by monitoring the touchpad, it is obtained. Therefore, compared with the prior art technology that can only input through the keyboard, the user is provided with one more choice for inputting the verification code. Convenient for the user's operation, which helps to improve the flexibility, fun and interactivity of the operation.
本发明实施例还提供一种身份验证装置。如图4所示,该身份验证装置包括接收单元401、验证码生成单元402、获取单元403、字符串生成单元404和处理单元405。An embodiment of the present invention further provides an identity verification apparatus. As shown in FIG. 4, the identity verification apparatus includes a receiving unit 401, a verification code generating unit 402, an obtaining unit 403, a character string generating unit 404, and a processing unit 405.
接收单元401用于接收用户的身份验证请求。The receiving unit 401 is configured to receive an authentication request of the user.
其中,该身份验证请求可以携带鉴权信息,比如用户的帐户和密码等,该帐户可以包括邮箱地址、即时通信的号码、用户名称或用户编号等。The authentication request may carry authentication information, such as a user's account and password, and the account may include an email address, an instant messaging number, a user name, or a user number.
验证码生成单元402用于根据该身份验证请求生成验证码。The verification code generating unit 402 is configured to generate a verification code according to the identity verification request.
例如,可以在接收到用户的身份验证请求时,比如用户打开登陆界面时,或者用户输入鉴权信息时,又或者,当用户在登陆界面上,点击生成验证码的触发键时,根据预设的策略生成验证码。For example, when receiving the user's authentication request, such as when the user opens the login interface, or when the user inputs the authentication information, or when the user clicks the trigger button for generating the verification code on the login interface, according to the preset The strategy generates a verification code.
其中,该预设策略可以根据实际应用的需求而定,比如,该验证码可以是随机生成的,也可以按照一定的规律来生成,该验证码可以是二进制字符串,也可以是其他进制的数字,比如十进制或十六进制的数字,甚至,还可以是图片组合或颜色组合,比如男性相片和女性相片的组合,或者黑色和白色的组合、蓝色和红色的组合,等等,在此不再赘述。The preset policy may be determined according to the requirements of the actual application. For example, the verification code may be randomly generated or generated according to a certain rule. The verification code may be a binary string or other hexadecimal. Numbers, such as decimal or hexadecimal numbers, or even combinations of pictures or colors, such as a combination of male and female photos, or a combination of black and white, a combination of blue and red, etc. I will not repeat them here.
在本发明实施例中,为了便于用户操作,在生成验证码时,还可以生成相应的提示信息,以指示操作手势与二进制字符的对应关系。该验证码生成单元402,还可以用于生成提示信息,该提示信息用于指示操作手势与二进制字符的对应关系。In the embodiment of the present invention, in order to facilitate the user operation, when generating the verification code, corresponding prompt information may also be generated to indicate the correspondence between the operation gesture and the binary character. The verification code generating unit 402 is further configured to generate prompt information, where the prompt information is used to indicate a correspondence between the operation gesture and the binary character.
例如,若“0”表示轻触,“1”表示点按,则可以提示用户:“其中, 0表示轻触,1表示点按,请按顺序输入”。For example, if "0" means tap, and "1" means tap, you can prompt the user: "Where, 0 means tap, 1 means tap, please enter in order.
又例如,若“1”表示轻触,“0”表示点按,则可以提示用户:“其中,1表示轻触,0表示点按,请按顺序输入”。For another example, if "1" indicates a tap and "0" indicates a tap, the user can be prompted: "Where 1 indicates a tap, 0 indicates a tap, please input in order."
又例如,若男性相片表示轻触,女性相片表示点按,则可以提示用户:“其中,男性相片表示轻触,女性相片表示点按,请按顺序输入”。For another example, if the male photo indicates a tap and the female photo indicates a tap, the user may be prompted: "Where the male photo indicates a tap, the female photo indicates a tap, please input in order."
又例如,若黑色表示轻触,白色表示点按,则可以提示用户:“其中,黑色表示轻触,白色表示点按,请按顺序输入”。For another example, if black indicates a tap and white indicates a tap, the user can be prompted: "Where black indicates a tap, white indicates a tap, please input in order."
又例如,还可以按照按压的力度的不同来区分输入的信息,比如,可以如下:For another example, the input information may be distinguished according to the strength of the pressing, for example, as follows:
若“0”表示轻按,“1”表示重按,则可以提示用户:“其中,0表示轻按,1表示重按,请按顺序输入”。If “0” means tap and “1” means press again, you can prompt the user: “Where, 0 means tap, 1 means press, please input in order”.
或者,若“1”表示轻按,“0”表示重按,则可以提示用户:“其中,1表示轻按,0表示重按,请按顺序输入”。Or, if "1" means tap, and "0" means re-press, you can prompt the user: "Where 1 means tap, 0 means press, please input in order".
以此类推,在此不再赘述。By analogy, it will not be repeated here.
需说明的是,除了“轻触”和“点按”,以及“轻按”和“重按”之外,也可以是其他的操作手势,比如“画圈”等,该操作手势与二进制字符的对应关系可以根据实际应用的需求进行设置,在此不再赘述。It should be noted that in addition to "tap" and "tap", as well as "tap" and "re-press", other operational gestures, such as "circle", etc., can be used to perform gestures and binary characters. The corresponding relationship can be set according to the requirements of the actual application, and will not be described here.
获取单元403用于确定用户需要输入验证码时,获取用户在触控板上的操作手势。The obtaining unit 403 is configured to determine an operation gesture of the user on the touch panel when the user needs to input the verification code.
例如,该获取单元403,具体可以用于获取用户根据该提示信息在触控板上的操作手势,比如“点按”或“轻触”等。For example, the obtaining unit 403 may be specifically configured to acquire an operation gesture of the user on the touch panel according to the prompt information, such as “tap” or “tap”.
其中,确定用户需要输入验证码的方式可以有多种,比如,当用户点击验证码的输入框时,或者,当输入光标在验证码的输入框时,则可以确定用户需要输入验证码,等等。The method for determining that the user needs to input the verification code may be various, for example, when the user clicks the input box of the verification code, or when the input cursor is in the input box of the verification code, it may be determined that the user needs to input the verification code, etc. Wait.
字符串生成单元404用于根据该操作手势生成对应的二进制字符 串。The string generating unit 404 is configured to generate a corresponding binary character according to the operation gesture string.
其中,生成二进制字符串的规则可以预先进行设定,例如,在本发明实施例中,The rule for generating a binary string may be set in advance, for example, in the embodiment of the present invention,
该字符串生成单元404,具体可以用于确定该操作手势为轻触时,生成字符1;确定该操作手势为点按时,生成字符0;将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The character string generating unit 404 is specifically configured to: when the operation gesture is determined to be a tap, generate a character 1; when the operation gesture is determined to be a tap, generate a character 0; and the generated characters are arranged in the order of the operation gesture to form a binary String.
或者,该字符串生成单元404,具体可以用于确定该操作手势为轻触时,生成字符0;确定该操作手势为点按时,生成字符1;将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。Alternatively, the character string generating unit 404 may be specifically configured to: when the operation gesture is a tap, generate a character 0; when the operation gesture is determined to be a tap, generate a character 1; and the generated characters are arranged in the order of the operation gesture. Make up a binary string.
或者,该字符串生成单元404,具体可以用于确定该操作手势为轻按时,生成字符0;确定该操作手势为重按时,生成字符1;将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。Alternatively, the character string generating unit 404 may be specifically configured to: when the operation gesture is a tap, generate a character 0; when the operation gesture is determined to be a re-press, generate a character 1; and the generated characters are arranged in the order of the operation gesture to form Binary string.
又或者,该字符串生成单元404,具体可以用于确定该操作手势为轻按时,生成字符1;确定该操作手势为重按时,生成字符0;将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。Alternatively, the character string generating unit 404 may be specifically configured to: when the operation gesture is determined to be a tap, generate a character 1; when the operation gesture is determined to be a re-press, generate a character 0; and the generated characters are arranged in the order of the operation gesture. Make up a binary string.
需说明的是,该生成的规则与提示信息相对应,当然,还存在有其他的方式,在此不再赘述。It should be noted that the generated rule corresponds to the prompt information. Of course, there are other ways, and details are not described herein again.
处理单元405用于按照预置规则将该二进制字符串与该验证码进行匹配,若匹配,则在确定该鉴权信息正确时,确定身份验证通过,若不匹配,则拒绝该身份验证请求。The processing unit 405 is configured to match the binary string with the verification code according to a preset rule. If the matching is successful, the identity verification is determined to be passed when the authentication information is determined to be correct, and if not, the identity verification request is rejected.
例如,若该验证码为二进制字符串,则该处理单元405,具体可以用于确定该操作手势对应的二进制字符串与该验证码是否一致;若一致,则确定该操作手势对应的二进制字符串与该验证码匹配;若不一致,则确定该操作手势对应的二进制字符串与该验证码不匹配。For example, if the verification code is a binary string, the processing unit 405 may be specifically configured to determine whether the binary string corresponding to the operation gesture is consistent with the verification code; if yes, determine the binary string corresponding to the operation gesture. Matching the verification code; if not, determining that the binary string corresponding to the operation gesture does not match the verification code.
又例如,若该验证码为十进制数字组合或十六进制数字组合,则该 处理单元405,具体可以用于将该十进制数字组合或十六进制数字组合转换为二进制字符串;确定该操作手势对应的二进制字符串与转换得到的二进制字符串是否一致;若一致,则确定该操作手势对应的二进制字符串与该验证码匹配;若不一致,则确定该操作手势对应的二进制字符串与该验证码不匹配。For another example, if the verification code is a decimal number combination or a hexadecimal number combination, then the The processing unit 405 may be specifically configured to convert the decimal number combination or the hexadecimal number combination into a binary character string; determine whether the binary string corresponding to the operation gesture is consistent with the converted binary string; if they are consistent, determine The binary string corresponding to the operation gesture matches the verification code; if not, it is determined that the binary string corresponding to the operation gesture does not match the verification code.
需说明的是,其中,在将十进制数字组合或十六进制数字组合转换为二进制字符串时,可以将该十进制数字组合或十六进制数字组合中的每一个数字转换为二进制数,然后按顺序进行排序组合,也可以直接将该十进制数字组合或十六进制数字组合当作一个数字进行转换,具体转换规则可以根据实际应用的需求而定,但是需要与用户输入时所遵守的转换规则保持一致,在此不再赘述。It should be noted that, when converting a decimal number combination or a hexadecimal number combination into a binary string, each digit of the decimal number combination or the hexadecimal number combination can be converted into a binary number, and then Sorting and combining in order, you can also directly convert the decimal number combination or hexadecimal number combination as a number. The specific conversion rules can be determined according to the needs of the actual application, but need to be converted with the user input. The rules are consistent and will not be described here.
此外,处理单元405,还可以用于在确定该二进制字符串与该验证码匹配时,若确定该鉴权信息不正确,则拒绝该身份验证请求。In addition, the processing unit 405 is further configured to: when determining that the binary string matches the verification code, if it is determined that the authentication information is incorrect, reject the identity verification request.
具体实施时,以上各个单元可以作为独立的实体来实现,也可以进行任意组合,作为同一或若干个实体来实现,以上各个单元的具体实施可参见前面的方法实施例,在此不再赘述。In the specific implementation, the foregoing units may be implemented as a separate entity, or may be implemented in any combination, and may be implemented as the same or a plurality of entities. For the specific implementation of the foregoing, refer to the foregoing method embodiments, and details are not described herein.
该身份验证装置具体可以集成在终端、服务器或其他需要进行身份验证的设备中。The authentication device can be specifically integrated in a terminal, a server, or other device that requires authentication.
由上可知,本实施例的身份验证装置的采用在接收到用户的身份验证请求时,由验证码生成单元402根据该身份验证请求生成验证码,并由获取单元403在确定用户需要输入验证码时,获取用户在触控板上的操作手势,然后由字符串生成单元404根据该操作手势生成对应的二进制字符串,并由处理单元405按照预置规则将该二进制字符串与验证码进行匹配,若匹配,则在确定身份验证请求所携带的鉴权信息正确时,确定身份验证通过,反之,若不匹配,则拒绝该身份验证请求,从而实 现对用户进行身份验证的目的。根据本发明实施例,在获取用户输入的验证码时,无需通过键盘,而是通过对触控板进行监控来获取,因此,相对于现有技术只能通过键盘来进行输入的技术而言,为用户输入验证码提供了多一份选择,大大方便了用户的操作,有利于提高操作的灵活性、趣味性和互动性。It can be seen from the above that when the identity verification device of the embodiment receives the identity verification request of the user, the verification code generating unit 402 generates a verification code according to the identity verification request, and the obtaining unit 403 determines that the user needs to input the verification code. Obtaining an operation gesture of the user on the touch panel, and then generating a corresponding binary character string according to the operation gesture by the string generation unit 404, and matching, by the processing unit 405, the binary string and the verification code according to a preset rule. If the authentication information is correct, the identity verification is determined to be passed, and if not, the identity verification request is rejected. The purpose of authenticating the user is now. According to the embodiment of the present invention, when the verification code input by the user is acquired, it is obtained by monitoring the touch panel without using a keyboard, and therefore, compared with the prior art, the technology can only be input through the keyboard. Providing a choice for the user to enter the verification code greatly facilitates the user's operation and helps to improve the flexibility, fun and interactivity of the operation.
此外,本发明实施例还提供一种身份验证设备,可以包括本发明实施例所提供的任一种身份验证装置,具体可参见图4所示实施例。In addition, the embodiment of the present invention further provides an identity verification device, which may include any identity verification device provided by the embodiment of the present invention. For details, refer to the embodiment shown in FIG.
例如,该身份验证设备包括的身份验证装置用于接收用户的身份验证请求,该身份验证请求携带鉴权信息,根据该身份验证请求生成验证码,确定用户需要输入验证码时,获取用户在触控板上的操作手势,根据该操作手势生成对应的二进制字符串,按照预置规则将该二进制字符串与该验证码进行匹配,若匹配,则在确定该鉴权信息正确时,确定身份验证通过,否则,若不匹配,则拒绝该身份验证请求。For example, the identity verification device includes an identity verification device, configured to receive an authentication request of the user, where the identity verification request carries the authentication information, generate a verification code according to the identity verification request, and determine that the user needs to input the verification code to obtain the user touch An operation gesture on the control panel generates a corresponding binary string according to the operation gesture, and matches the binary string with the verification code according to a preset rule. If the matching is performed, determining the identity verification when determining that the authentication information is correct Pass, otherwise, if not, reject the authentication request.
例如,在确定该操作手势为轻触时,生成字符1,确定该操作手势为点按时,生成字符0,然后,将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。For example, when it is determined that the operation gesture is a tap, the character 1 is generated, and when the operation gesture is determined to be a tap, the character 0 is generated, and then the generated characters are arranged in the order of the operation gesture to form a binary character string.
或者,又例如,在确定该操作手势为轻触时,生成字符0,确定该操作手势为点按时,生成字符1,然后,将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。Or, for example, when it is determined that the operation gesture is a tap, the character 0 is generated, and when the operation gesture is determined to be a tap, the character 1 is generated, and then the generated characters are arranged in the order of the operation gesture to form a binary character string.
该身份验证设备具体可以为终端、服务器或其他需要进行身份验证的设备等,以上操作的具体实施可参见前面的实施例,在此不再赘述。The authentication device may be a terminal, a server, or other device that needs to be authenticated. For the specific implementation of the foregoing operations, refer to the foregoing embodiments, and details are not described herein.
由于该身份验证设备可以包括本发明实施例所提供的任一种身份验证装置,因此,可以实现本发明实施例所提供的任一种身份验证装置所能实现的有益效果,相见前面的实施例,在此不再赘述。Since the identity verification device can include any of the identity verification devices provided by the embodiments of the present invention, the beneficial effects that can be achieved by any of the identity verification devices provided by the embodiments of the present invention can be implemented. For example, it will not be described here.
请参见图5所示,其示出了本发明一个实施例中提供的一种终端的 结构示意图,所述终端500可以为常规的台式计算机或者膝上型笔记本,智能移动终端,或者专用的身份验证设备。所述终端500包括中央处理单元(CPU)501、包括随机存取存储器(RAM)502和只读存储器(ROM)503的系统存储器504,以及连接系统存储器504和中央处理单元501的系统总线505。所述终端500还包括帮助终端内的各个器件之间传输信息的基本输入/输出系统(I/O系统)506,和用于存储操作系统513、应用程序514和其他程序模块515的大容量存储设备507。Referring to FIG. 5, it shows a terminal provided in an embodiment of the present invention. A schematic diagram of the structure, the terminal 500 can be a conventional desktop computer or laptop, an intelligent mobile terminal, or a dedicated authentication device. The terminal 500 includes a central processing unit (CPU) 501, a system memory 504 including a random access memory (RAM) 502 and a read only memory (ROM) 503, and a system bus 505 that connects the system memory 504 and the central processing unit 501. The terminal 500 also includes a basic input/output system (I/O system) 506 that facilitates transfer of information between various devices within the terminal, and mass storage for storing the operating system 513, applications 514, and other program modules 515. Device 507.
所述基本输入/输出系统506包括有用于显示信息的显示器508和用于用户输入信息的诸如触控板、鼠标、键盘之类的输入设备509。其中所述显示器508和输入设备509都通过连接到系统总线505的输入输出控制器510连接到中央处理单元501。所述基本输入/输出系统506还可以包括输入输出控制器510以用于接收和处理来自触控板、键盘、鼠标、或电子触控笔等多个其他设备的输入。类似地,输入输出控制器510还提供输出到显示屏、打印机或其他类型的输出设备。The basic input/output system 506 includes a display 508 for displaying information and an input device 509 such as a touchpad, mouse, keyboard for inputting information by the user. Both the display 508 and the input device 509 are connected to the central processing unit 501 via an input and output controller 510 that is coupled to the system bus 505. The basic input/output system 506 can also include an input and output controller 510 for receiving and processing input from a plurality of other devices, such as a touchpad, keyboard, mouse, or electronic stylus. Similarly, input and output controller 510 also provides output to a display screen, printer, or other type of output device.
所述大容量存储设备507通过连接到系统总线505的大容量存储控制器(未示出)连接到中央处理单元501。所述大容量存储设备507及其相关联的终端可读介质为终端500提供非易失性存储。也就是说,所述大容量存储设备507可以包括诸如硬盘或者CD-ROM驱动器之类的计算机可读介质(未示出)。The mass storage device 507 is connected to the central processing unit 501 by a mass storage controller (not shown) connected to the system bus 505. The mass storage device 507 and its associated terminal readable medium provide non-volatile storage for the terminal 500. That is, the mass storage device 507 can include a computer readable medium (not shown) such as a hard disk or a CD-ROM drive.
不失一般性,所述计算机可读介质可以包括计算机存储介质和通信介质。计算机存储介质包括以用于存储诸如计算机可读指令、数据结构、程序模块或其他数据等信息的任何方法或技术实现的易失性和非易失性、可移动和不可移动介质。计算机存储介质包括RAM、ROM、EPROM、EEPROM、闪存或其他固态存储其技术,CD-ROM、DVD或其他光学存储、磁带盒、磁带、磁盘存储或其他磁性存储设备。当然,本领域技 术人员可知所述计算机存储介质不局限于上述几种。Without loss of generality, the computer readable medium can include computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media include RAM, ROM, EPROM, EEPROM, flash memory or other solid state storage technologies, CD-ROM, DVD or other optical storage, tape cartridges, magnetic tape, magnetic disk storage or other magnetic storage devices. Of course, the technology in the field The skilled person will know that the computer storage medium is not limited to the above.
根据本发明的各种实施例,所述终端500还可以通过诸如因特网等网络连接到网络上的远程计算机运行。也即终端500可以通过连接在所述系统总线505上的网络接口单元511连接到网络512,或者说,也可以使用网络接口单元511来连接到其他类型的网络或远程计算机系统(未示出)。根据本发明的各种实施例,网络接口单元511可以采用有线或者无线方式将终端500连接到网络512。According to various embodiments of the present invention, the terminal 500 may also be connected to a remote computer running on a network through a network such as the Internet. That is, the terminal 500 can be connected to the network 512 through a network interface unit 511 connected to the system bus 505, or can be connected to other types of networks or remote computer systems (not shown) using the network interface unit 511. . According to various embodiments of the present invention, the network interface unit 511 may connect the terminal 500 to the network 512 in a wired or wireless manner.
本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,该程序可以存储于一计算机可读存储介质中,存储介质可以包括:只读存储器(ROM,Read Only Memory)、随机存取记忆体(RAM,Random Access Memory)、磁盘或光盘等。A person skilled in the art may understand that all or part of the various steps of the foregoing embodiments may be performed by a program to instruct related hardware. The program may be stored in a computer readable storage medium, and the storage medium may include: Read Only Memory (ROM), Random Access Memory (RAM), disk or optical disk.
以上对本发明实施例所提供的一种身份验证方法和装置进行了详细介绍,本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。 The foregoing describes an identity verification method and apparatus provided by the embodiments of the present invention. The principles and implementation manners of the present invention are described in detail herein. The description of the foregoing embodiments is only for helping to understand the present invention. The method and its core idea; at the same time, those skilled in the art, according to the idea of the present invention, there will be changes in the specific embodiments and application scope. In summary, the content of this specification should not be construed as Limitations of the invention.

Claims (21)

  1. 一种身份验证方法,其特征在于,包括:An authentication method, comprising:
    接收用户的身份验证请求,所述身份验证请求携带鉴权信息;Receiving an authentication request of the user, where the authentication request carries authentication information;
    根据所述身份验证请求生成验证码;Generating a verification code according to the identity verification request;
    确定用户需要输入验证码时,获取用户在触控板上的操作手势;When the user needs to input the verification code, the operation gesture of the user on the touch panel is obtained;
    根据所述操作手势生成对应的二进制字符串;Generating a corresponding binary string according to the operation gesture;
    按照预置规则将所述二进制字符串与所述验证码进行匹配;Matching the binary string with the verification code according to a preset rule;
    若匹配,则在确定所述鉴权信息正确时,确定身份验证通过;If it is matched, when it is determined that the authentication information is correct, it is determined that the identity verification is passed;
    若不匹配,则拒绝所述身份验证请求。If there is no match, the authentication request is rejected.
  2. 根据权利要求1所述的方法,其特征在于,所述根据所述操作手势生成对应的二进制字符串,包括:The method according to claim 1, wherein the generating a corresponding binary string according to the operation gesture comprises:
    确定所述操作手势为轻触时,生成字符1;Determining that the operation gesture is a tap, generating a character 1;
    确定所述操作手势为点按时,生成字符0;Determining that the operation gesture is a tap, generating a character 0;
    将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The generated characters are arranged in the order of the operation gestures to form a binary string.
  3. 根据权利要求1所述的方法,其特征在于,所述根据所述操作手势生成对应的二进制字符串,包括:The method according to claim 1, wherein the generating a corresponding binary string according to the operation gesture comprises:
    确定所述操作手势为轻触时,生成字符0;Determining that the operation gesture is a tap, generating a character 0;
    确定所述操作手势为点按时,生成字符1;Determining that the operation gesture is a tap, generating a character 1;
    将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The generated characters are arranged in the order of the operation gestures to form a binary string.
  4. 根据权利要求1至3任一项所述的方法,其特征在于,所述验证码为二进制字符串,则所述按照预置规则将所述二进制字符串与所述验证码进行匹配,包括:The method according to any one of claims 1 to 3, wherein the verification code is a binary character string, and the matching the binary character string with the verification code according to a preset rule comprises:
    确定所述操作手势对应的二进制字符串与所述验证码是否一致;Determining whether a binary string corresponding to the operation gesture is consistent with the verification code;
    若一致,则确定所述操作手势对应的二进制字符串与所述验证码匹 配;If they are consistent, determining a binary string corresponding to the operation gesture and the verification code Match
    若不一致,则确定所述操作手势对应的二进制字符串与所述验证码不匹配。If not, it is determined that the binary string corresponding to the operation gesture does not match the verification code.
  5. 根据权利要求1至3任一项所述的方法,其特征在于,所述验证码为十进制数字组合或十六进制数字组合,则所述按照预置规则将所述二进制字符串与所述验证码进行匹配,包括:The method according to any one of claims 1 to 3, wherein the verification code is a combination of a decimal number or a hexadecimal number, and the binary string and the The verification code is matched, including:
    将所述十进制数字组合或十六进制数字组合转换为二进制字符串;Converting the decimal number combination or a hexadecimal number combination into a binary string;
    确定所述操作手势对应的二进制字符串与转换得到的二进制字符串是否一致;Determining whether the binary string corresponding to the operation gesture is consistent with the converted binary string;
    若一致,则确定所述操作手势对应的二进制字符串与所述验证码匹配;If yes, determining that the binary string corresponding to the operation gesture matches the verification code;
    若不一致,则确定所述操作手势对应的二进制字符串与所述验证码不匹配。If not, it is determined that the binary string corresponding to the operation gesture does not match the verification code.
  6. 根据权利要求1至3任一项所述的方法,其特征在于,在确定所述二进制字符串与所述验证码匹配时,还包括:The method according to any one of claims 1 to 3, further comprising: when determining that the binary string matches the verification code, further comprising:
    若确定所述鉴权信息不正确,则拒绝所述身份验证请求。If it is determined that the authentication information is incorrect, the identity verification request is rejected.
  7. 根据权利要求1至3任一项所述的方法,其特征在于,所述根据所述身份验证请求生成验证码时,还包括:The method according to any one of claims 1 to 3, wherein when the verification code is generated according to the identity verification request, the method further includes:
    生成提示信息,所述提示信息用于指示操作手势与二进制字符的对应关系;Generating prompt information, where the prompt information is used to indicate a correspondence between the operation gesture and the binary character;
    所述获取用户在触控板上的操作手势,包括:获取用户根据所述提示信息在触控板上的操作手势。The obtaining an operation gesture of the user on the touch panel includes: acquiring an operation gesture of the user on the touch panel according to the prompt information.
  8. 一种身份验证装置,其特征在于,包括:An identity verification device, comprising:
    接收单元,用于接收用户的身份验证请求,所述身份验证请求携带鉴权信息; a receiving unit, configured to receive an authentication request of the user, where the identity verification request carries authentication information;
    验证码生成单元,用于根据所述身份验证请求生成验证码;a verification code generating unit, configured to generate a verification code according to the identity verification request;
    获取单元,用于确定用户需要输入验证码时,获取用户在触控板上的操作手势;An obtaining unit, configured to obtain an operation gesture of the user on the touch panel when the user needs to input the verification code;
    字符串生成单元,用于根据所述操作手势生成对应的二进制字符串;a string generating unit, configured to generate a corresponding binary string according to the operation gesture;
    处理单元,用于按照预置规则将所述二进制字符串与所述验证码进行匹配,若匹配,则在确定所述鉴权信息正确时,确定身份验证通过,若不匹配,则拒绝所述身份验证请求。a processing unit, configured to match the binary string with the verification code according to a preset rule, and if yes, determine that the authentication is valid when determining that the authentication information is correct, and if not, reject the Authentication request.
  9. 根据权利要求8所述的身份验证装置,其特征在于,The identity verification device according to claim 8, wherein
    所述字符串生成单元,具体用于确定所述操作手势为轻触时,生成字符1;确定所述操作手势为点按时,生成字符0;将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The character string generating unit is specifically configured to: when the operation gesture is determined to be a tap, generate a character 1; when the operation gesture is determined to be a tap, generate a character 0; and the generated characters are arranged in the order of the operation gesture, and Binary string.
  10. 根据权利要求8所述的身份验证装置,其特征在于,The identity verification device according to claim 8, wherein
    所述字符串生成单元,具体用于确定所述操作手势为轻触时,生成字符0;确定所述操作手势为点按时,生成字符1;将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The character string generating unit is specifically configured to: when the operation gesture is determined to be a tap, generate a character 0; when the operation gesture is determined to be a tap, generate a character 1; and the generated characters are arranged according to an operation gesture sequence, and Binary string.
  11. 根据权利要求8至10任一项所述的身份验证装置,其特征在于,所述验证码为二进制字符串,则:The identity verification apparatus according to any one of claims 8 to 10, wherein the verification code is a binary character string, then:
    所述处理单元,具体用于确定所述操作手势对应的二进制字符串与所述验证码是否一致;若一致,则确定所述操作手势对应的二进制字符串与所述验证码匹配;若不一致,则确定所述操作手势对应的二进制字符串与所述验证码不匹配。The processing unit is configured to determine whether the binary string corresponding to the operation gesture is consistent with the verification code; if yes, determining that the binary string corresponding to the operation gesture matches the verification code; Then determining that the binary string corresponding to the operation gesture does not match the verification code.
  12. 根据权利要求8至10任一项所述的身份验证装置,其特征在于,所述验证码为十进制数字组合或十六进制数字组合,则:The identity verification device according to any one of claims 8 to 10, wherein the verification code is a combination of a decimal number or a combination of hexadecimal numbers, then:
    所述处理单元,具体用于将所述十进制数字组合或十六进制数字组合转换为二进制字符串;确定所述操作手势对应的二进制字符串与转换 得到的二进制字符串是否一致;若一致,则确定所述操作手势对应的二进制字符串与所述验证码匹配;若不一致,则确定所述操作手势对应的二进制字符串与所述验证码不匹配。The processing unit is specifically configured to convert the decimal number combination or a hexadecimal number combination into a binary character string; determine a binary string and a conversion corresponding to the operation gesture Whether the obtained binary string is consistent; if it is consistent, it is determined that the binary string corresponding to the operation gesture matches the verification code; if not, it is determined that the binary string corresponding to the operation gesture does not match the verification code .
  13. 根据权利要求8至10任一项所述的身份验证装置,其特征在于,An identity verification device according to any one of claims 8 to 10, characterized in that
    所述处理单元,还用于在确定所述二进制字符串与所述验证码匹配时,若确定所述鉴权信息不正确,则拒绝所述身份验证请求。The processing unit is further configured to: when determining that the binary string matches the verification code, if it is determined that the authentication information is incorrect, reject the identity verification request.
  14. 根据权利要求8至10任一项所述的身份验证装置,其特征在于,An identity verification device according to any one of claims 8 to 10, characterized in that
    所述验证码生成单元,还用于生成提示信息,所述提示信息用于指示操作手势与二进制字符的对应关系;The verification code generating unit is further configured to generate prompt information, where the prompt information is used to indicate a correspondence between the operation gesture and the binary character;
    所述获取单元,具体用于确定用户需要输入验证码时,获取用户根据所述提示信息在触控板上的操作手势。The obtaining unit is specifically configured to: when determining that the user needs to input the verification code, obtain an operation gesture of the user on the touch panel according to the prompt information.
  15. 一种非易失性计算机可读存储介质,其特征在于,存储有程序,所述程序能够使计算机执行如下步骤:A non-transitory computer readable storage medium characterized by storing a program capable of causing a computer to perform the following steps:
    接收用户的身份验证请求,所述身份验证请求携带鉴权信息;Receiving an authentication request of the user, where the authentication request carries authentication information;
    根据所述身份验证请求生成验证码;Generating a verification code according to the identity verification request;
    确定用户需要输入验证码时,获取用户在触控板上的操作手势;When the user needs to input the verification code, the operation gesture of the user on the touch panel is obtained;
    根据所述操作手势生成对应的二进制字符串;Generating a corresponding binary string according to the operation gesture;
    按照预置规则将所述二进制字符串与所述验证码进行匹配;Matching the binary string with the verification code according to a preset rule;
    若匹配,则在确定所述鉴权信息正确时,确定身份验证通过;If it is matched, when it is determined that the authentication information is correct, it is determined that the identity verification is passed;
    若不匹配,则拒绝所述身份验证请求。If there is no match, the authentication request is rejected.
  16. 根据权利要求15所述的非易失性计算机可读存储介质,其特征在于,所述根据所述操作手势生成对应的二进制字符串,包括:The non-transitory computer readable storage medium according to claim 15, wherein the generating a corresponding binary character string according to the operation gesture comprises:
    确定所述操作手势为轻触时,生成字符1;Determining that the operation gesture is a tap, generating a character 1;
    确定所述操作手势为点按时,生成字符0;Determining that the operation gesture is a tap, generating a character 0;
    将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。 The generated characters are arranged in the order of the operation gestures to form a binary string.
  17. 根据权利要求15所述的非易失性计算机可读存储介质,其特征在于,所述根据所述操作手势生成对应的二进制字符串,包括:The non-transitory computer readable storage medium according to claim 15, wherein the generating a corresponding binary character string according to the operation gesture comprises:
    确定所述操作手势为轻触时,生成字符0;Determining that the operation gesture is a tap, generating a character 0;
    确定所述操作手势为点按时,生成字符1;Determining that the operation gesture is a tap, generating a character 1;
    将生成的字符按照操作手势的顺序进行排列,组成二进制字符串。The generated characters are arranged in the order of the operation gestures to form a binary string.
  18. 根据权利要求15至17任一项所述的非易失性计算机可读存储介质,其特征在于,所述验证码为二进制字符串,则所述按照预置规则将所述二进制字符串与所述验证码进行匹配,包括:The non-transitory computer readable storage medium according to any one of claims 15 to 17, wherein the verification code is a binary character string, and the binary character string is The verification code is matched, including:
    确定所述操作手势对应的二进制字符串与所述验证码是否一致;Determining whether a binary string corresponding to the operation gesture is consistent with the verification code;
    若一致,则确定所述操作手势对应的二进制字符串与所述验证码匹配;If yes, determining that the binary string corresponding to the operation gesture matches the verification code;
    若不一致,则确定所述操作手势对应的二进制字符串与所述验证码不匹配。If not, it is determined that the binary string corresponding to the operation gesture does not match the verification code.
  19. 根据权利要求15至17任一项所述的非易失性计算机可读存储介质,其特征在于,所述验证码为十进制数字组合或十六进制数字组合,则所述按照预置规则将所述二进制字符串与所述验证码进行匹配,包括:The non-transitory computer readable storage medium according to any one of claims 15 to 17, wherein the verification code is a decimal number combination or a hexadecimal number combination, then the according to a preset rule The binary string is matched with the verification code, including:
    将所述十进制数字组合或十六进制数字组合转换为二进制字符串;Converting the decimal number combination or a hexadecimal number combination into a binary string;
    确定所述操作手势对应的二进制字符串与转换得到的二进制字符串是否一致;Determining whether the binary string corresponding to the operation gesture is consistent with the converted binary string;
    若一致,则确定所述操作手势对应的二进制字符串与所述验证码匹配;If yes, determining that the binary string corresponding to the operation gesture matches the verification code;
    若不一致,则确定所述操作手势对应的二进制字符串与所述验证码不匹配。If not, it is determined that the binary string corresponding to the operation gesture does not match the verification code.
  20. 根据权利要求15至17任一项所述的非易失性计算机可读存储 介质,其特征在于,在确定所述二进制字符串与所述验证码匹配时,还包括:Non-volatile computer readable storage according to any one of claims 15 to The medium is characterized in that: when determining that the binary string matches the verification code, the method further includes:
    若确定所述鉴权信息不正确,则拒绝所述身份验证请求。If it is determined that the authentication information is incorrect, the identity verification request is rejected.
  21. 根据权利要求15至17任一项所述的方法,其特征在于,所述根据所述身份验证请求生成验证码时,还包括:The method according to any one of claims 15 to 17, wherein when the verification code is generated according to the identity verification request, the method further includes:
    生成提示信息,所述提示信息用于指示操作手势与二进制字符的对应关系;Generating prompt information, where the prompt information is used to indicate a correspondence between the operation gesture and the binary character;
    所述获取用户在触控板上的操作手势,包括:获取用户根据所述提示信息在触控板上的操作手势。 The obtaining an operation gesture of the user on the touch panel includes: acquiring an operation gesture of the user on the touch panel according to the prompt information.
PCT/CN2016/083105 2015-10-26 2016-05-24 Identity verification method and apparatus WO2017071192A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/817,014 US10657244B2 (en) 2015-10-26 2017-11-17 Identity authentication method and apparatus

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510703867.8A CN106612181A (en) 2015-10-26 2015-10-26 Identity verification method and device
CN201510703867.8 2015-10-26

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/083305 Continuation-In-Part WO2017084288A1 (en) 2015-10-26 2016-05-25 Method and device for verifying identity

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/817,014 Continuation-In-Part US10657244B2 (en) 2015-10-26 2017-11-17 Identity authentication method and apparatus

Publications (1)

Publication Number Publication Date
WO2017071192A1 true WO2017071192A1 (en) 2017-05-04

Family

ID=58614027

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/083105 WO2017071192A1 (en) 2015-10-26 2016-05-24 Identity verification method and apparatus

Country Status (2)

Country Link
CN (1) CN106612181A (en)
WO (1) WO2017071192A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111160369A (en) * 2019-12-25 2020-05-15 携程旅游信息技术(上海)有限公司 Method, system, electronic device and storage medium for cracking Chinese character verification code

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104023029A (en) * 2014-06-19 2014-09-03 百度在线网络技术(北京)有限公司 Method and device for verifying verification codes
CN104580117A (en) * 2013-10-28 2015-04-29 深圳市腾讯计算机系统有限公司 Authentication method, device and system
US9147058B2 (en) * 2012-10-12 2015-09-29 Apple Inc. Gesture entry techniques

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9594893B2 (en) * 2014-01-15 2017-03-14 Lenovo (Singapore) Pte. Ltd. Multi-touch local device authentication
CN105184126A (en) * 2015-08-27 2015-12-23 广东欧珀移动通信有限公司 Password setting method, authentication method and terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9147058B2 (en) * 2012-10-12 2015-09-29 Apple Inc. Gesture entry techniques
CN104580117A (en) * 2013-10-28 2015-04-29 深圳市腾讯计算机系统有限公司 Authentication method, device and system
CN104023029A (en) * 2014-06-19 2014-09-03 百度在线网络技术(北京)有限公司 Method and device for verifying verification codes

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111160369A (en) * 2019-12-25 2020-05-15 携程旅游信息技术(上海)有限公司 Method, system, electronic device and storage medium for cracking Chinese character verification code
CN111160369B (en) * 2019-12-25 2024-03-05 携程旅游信息技术(上海)有限公司 Method, system, electronic equipment and storage medium for cracking Chinese character verification code

Also Published As

Publication number Publication date
CN106612181A (en) 2017-05-03

Similar Documents

Publication Publication Date Title
US20220058655A1 (en) Authentication system
TWI728261B (en) Query system, method and non-transitory machine-readable medium to determine authentication capabilities
US9787654B2 (en) Resolving authenticating issues with a second device
JP6472513B2 (en) Method and terminal for transmitting verification information
WO2016145992A1 (en) Method and corresponding device for starting service through voice in communication software
US9942223B2 (en) Automated device discovery of pairing-eligible devices for authentication
US10454912B2 (en) Method and system for user authentication
US9979725B1 (en) Two-way authentication using two-dimensional codes
US9077713B1 (en) Typeless secure login to web-based services
US20150312240A1 (en) Wireless automatic pairing method, method of establishing connection, and wireless access point device
WO2015161565A1 (en) Password verification device and password verification method
WO2014012476A1 (en) Method and system of login authentication
US11120453B2 (en) Tap card to securely generate card data to copy to clipboard
CN105656850B (en) Data processing method, related device and system
CN104202163A (en) Password system based on mobile terminal
CN110730441A (en) Bluetooth device and working method thereof
CN104079413A (en) Enhancement type one-time dynamic password authentication method and system
WO2015032281A1 (en) Method and system for generating and processing challenge-response tests
US10657244B2 (en) Identity authentication method and apparatus
WO2020220694A1 (en) Router, network connection method and mobile terminal
TWI499933B (en) Electronic device and login method therefore
WO2017071498A1 (en) Identity authentication method and device
WO2016086708A1 (en) Payment verification method, apparatus and system
WO2017071192A1 (en) Identity verification method and apparatus
CN105376067A (en) Method and system for digital signatures

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16858636

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 17.09.18)

122 Ep: pct application non-entry in european phase

Ref document number: 16858636

Country of ref document: EP

Kind code of ref document: A1