WO2019037003A1 - Identity logic verification method and terminal - Google Patents

Identity logic verification method and terminal Download PDF

Info

Publication number
WO2019037003A1
WO2019037003A1 PCT/CN2017/098765 CN2017098765W WO2019037003A1 WO 2019037003 A1 WO2019037003 A1 WO 2019037003A1 CN 2017098765 W CN2017098765 W CN 2017098765W WO 2019037003 A1 WO2019037003 A1 WO 2019037003A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
information
contacts
contact
terminal
Prior art date
Application number
PCT/CN2017/098765
Other languages
French (fr)
Chinese (zh)
Inventor
苏红
Original Assignee
深圳双创科技发展有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳双创科技发展有限公司 filed Critical 深圳双创科技发展有限公司
Priority to PCT/CN2017/098765 priority Critical patent/WO2019037003A1/en
Publication of WO2019037003A1 publication Critical patent/WO2019037003A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • the present invention relates to terminal technologies, and in particular, to an identity verification method and a terminal.
  • a very important advantage of smart terminals and tablets is the touch operation. The way to see where to go is to let the elderly up to 3 years old, up to 80 years old, get started quickly. As more and more smart terminals and tablet PCs are loved by users, more and more manufacturers are beginning to exert their power on smart terminals.
  • Smart terminals More and more users have their own private information stored on smart terminals, such as privacy photos and contacts, etc. At the same time, more and more applications for designing personal assets have also been widely used on smart terminals. Applications such as social, shopping, banking, mobile payments and more.
  • the embodiment of the invention provides an identity verification method and a terminal, which can reduce the risk of user property loss and privacy leakage.
  • the embodiment of the invention provides an identity verification method, including:
  • the generating the identity verification logic according to the verification algorithm includes:
  • the method further includes:
  • the name of the interfering contact is displayed on the display.
  • the generating the identity verification logic according to the verification algorithm includes:
  • the information of the at least two applications and the information of the at least one interfering application are displayed on the display screen, prompting the user to select an application installed on the terminal.
  • the generating the identity verification logic according to the verification algorithm includes:
  • the interference travel information being similar to at least one of the at least two travel information centers;
  • the at least two travel information and the at least one interference travel information are displayed on the display screen to prompt the user to select the travel information.
  • the embodiment of the invention provides a terminal, including:
  • a determining unit configured to determine whether the user currently accesses the protected data
  • a generating unit configured to: when the determining unit determines that the user currently accesses protected data, the root The verification algorithm generates authentication logic;
  • a verification unit configured to verify whether the user passes the verification of the authentication logic
  • An access control unit configured to allow the user to access the protected data when the user passes the verification of the authentication logic; reject the user when the user does not pass the verification of the authentication logic Access the protected data.
  • the generating unit is specifically configured to:
  • the generating unit is further configured to:
  • the name of the interfering contact is displayed on the display.
  • the generating unit is specifically configured to:
  • the information of the at least two applications and the information of the at least one interfering application are displayed on the display screen, prompting the user to select an application installed on the terminal.
  • the generating unit is specifically configured to:
  • the interference travel information being similar to at least one of the at least two travel information centers;
  • the at least two travel information and the at least one interference travel information are displayed on the display screen to prompt the user to select the travel information.
  • the terminal in the embodiment of the present invention When the user currently accesses the protected data, the authentication algorithm is generated according to the verification algorithm to authenticate the user, and the user is allowed to access the protected data only when the user passes the authentication, thereby improving the security of the protected data. It can reduce the risk of user property loss and privacy leakage.
  • FIG. 1 is a flowchart of an identity verification method according to an embodiment of the present invention
  • FIG. 2 is a structural diagram of a terminal according to an embodiment of the present invention.
  • FIG. 1 is a flowchart of an identity verification method according to an embodiment of the present invention.
  • the embodiment describes a process flow of the terminal, and the terminal may be a smart terminal or a tablet computer.
  • the terminal has a display screen. As shown in FIG. 1, this embodiment includes:
  • step 101 Determine whether the user currently accesses the protected data; if the user currently accesses the protected data, go to step 102, and if the user is currently not accessing the protected data, go to step 106.
  • the protected data may be determined by the terminal according to a cloud policy.
  • an application related to user privacy and user property installed on the terminal may be determined as protected data, such as a shopping application (eg, Taobao, Tmall, Jingdong, Suning Yi). Purchase, No. 1 shop, etc.), mobile payment applications (such as UnionPay wallet, Alipay, WeChat payment, etc.), banking applications (such as Industrial and Commercial Bank of China, Bank of China, Agricultural Bank of China, China Construction Bank, China Merchants Bank, etc. ), fund online loan applications (such as Lu Jin, Renren, etc.).
  • the cloud can dynamically refresh the list of applications under various application types based on the application on the market.
  • the terminal can periodically obtain related policies from the cloud. Understandably, the user can also obtain the relevant policies from the cloud after the terminal obtains the relevant policies according to their needs. Have or like to adjust and modify the strategy.
  • the protected data can also be set by the user on the terminal according to his own needs.
  • the protected data set by the user can include not only the application but also the contact information, video, photos and the like of the contact.
  • generating the identity verification logic according to the verification algorithm may include: randomly selecting at least two contacts from the contact list; displaying the names of the at least two contacts and the at least on the display screen A portion of the contact of the two contacts prompting the user to connect the contact of the at least two contacts with the at least two contacts.
  • the range of the randomly selected contact may be preset by the user according to the situation of the contact that he or she remembers, if the user sets the randomly selected contact. The range is selected from the range set by the user when the contact is randomly selected. If the user does not set a range of randomly selected contacts, they can be randomly selected among all contacts in the phone address book.
  • the contact information of the contact also belongs to the user's private data
  • the contact information of the contact when the contact information of the contact is displayed on the display, it can be displayed as part of the contact information of the contact; for example, when the contact information of the contact is the mobile phone number 1234567890, You can display 123456****, or 123****890, or ****567890 on the display; when the contact information of the contact is email address dizhi@dizhi.com, you can display it on the display. Show di***@dizhi.com, or show **zhi@dizhi.com, or show diz**@**zhi.com and more.
  • the contact information of the contact and the contact needs to be displayed in an out-of-order manner on the display screen, thereby reducing the possibility of the user being matched.
  • the embodiment of the present invention describes randomly selecting at least two contacts, in practical applications, in order to improve the difficulty of verification, it is recommended to select more than four contacts; for example, only two contacts are selected.
  • the probability of being matched was 50%; when choosing three contacts, the probability of being matched was 16.7%; when choosing four contacts, the probability of being matched was only 4.2%.
  • generating the identity verification logic according to the verification algorithm may include: randomly selecting at least two contacts from the contact list; displaying the at least two contacts in an out-of-order manner on the display screen a name and a part of the contact manner of the at least two contacts, prompting the user to connect the contact manner of the at least two contacts with the at least two contacts; and simultaneously generating according to the at least two contacts At least one interfering contact, the interfering contact being similar to at least one of the at least two contacts; displaying the name of the interfering contact on the display screen.
  • the name of the contact displayed on the screen is one more than the contact of the contact.
  • the user not only needs to know which contacts are the real contacts, but also needs to know the contact information of the real contacts to be able to verify. by. Further reducing the possibility of user misconception.
  • the generated interfering contact is to be similar to at least one of the at least two contacts, thereby playing a role in confusing the user.
  • the similarity in the embodiment of the present invention is that most of the two are the same, and most of the characters may be more than 2/3 of Chinese characters, or letters, or the same numbers.
  • a contact name is Zhang Sansi
  • the generated interference contact can be Zhang Sansi, or Zhang Yisi, or Zhang Sanqi, etc.
  • the more the interference contact name is similar to the real contact, the more Play a role in interference.
  • the generating the identity verification logic according to the verification algorithm may include: selecting information of at least two applications installed on the terminal in the application list; generating at least one according to the information of the at least two applications Interfering with information of an application, the information of the interfering application being similar to information of at least one of the at least two applications; displaying information of the at least two applications and the at least one interfering application on a display screen
  • the program information prompts the user to select the application installed on the terminal.
  • the terminal can maintain a list of popular applications.
  • the application can be found from the list of popular applications without being installed on the terminal. Or if a less popular application is installed on the user terminal, you can avoid selection when you choose.
  • an interference application when generating an interference application, it can be generated similarly to the installation application. For example, if a popular application is selected, a popular application can be generated as an interference application, and if a popular application is selected, an unpopular application can be generated as an unpopular application. Interfering with the application, selecting the shopping application can generate the shopping application as the interference application, and selecting the game application can generate an application similar to the selected application game type as the interference application.
  • the number of generated interference applications may be the same as the number of selected applications.
  • the generating the identity verification logic according to the verification algorithm may include: selecting at least two travel information from the terminal; generating at least one interference travel information according to the at least two travel information, the interference travel information and At least one of the at least two travel information centers is similar; displaying the at least two travel information and the at least one interference travel information on a display screen to prompt the user to select travel information.
  • the user's travel information is generally reflected on the terminal, for example, if the user sets a train ticket, the user will receive the relevant short message, including the date the user traveled, the train number taken, the destination, etc.; the user has booked the ticket. , will also receive relevant information, including the date the user traveled, the flight, the destination, etc.; when the user has booked the hotel, it will also be recorded on the terminal, including the name of the hotel, the time of stay, etc. .
  • step 103 determine whether the user is verified by the authentication logic; if yes, proceed to step 104; if not, proceed to step 105;
  • the authentication logic that did not pass the previous user verification is not used when generating the authentication logic, for example, the user does not pass the contact connection logic, the new identity
  • the verification logic can be application logic or travel information logic, etc., or it can still be contact connection logic, but the selected contacts and the generated interference contacts are different from before, thereby improving the accuracy of the verification.
  • the terminal when the terminal currently accesses the protected data, the terminal generates identity verification logic according to the verification algorithm to authenticate the user, and only allows the user to access the user when the user passes the identity verification.
  • Protecting data increases the security of protected data and reduces the risk of user property damage and privacy breaches.
  • Figure 2 illustrates the structure of a terminal provided by an embodiment of the present invention, including:
  • the determining unit 201 is configured to determine whether the user currently accesses the protected data.
  • the protected data may be determined by the terminal according to a cloud policy.
  • an application related to user privacy and user property installed on the terminal may be determined as protected data, such as a shopping application (eg, Taobao, Tmall, Jingdong, Suning Yi). Purchase, No. 1 shop, etc.), mobile payment applications (such as UnionPay wallet, Alipay, WeChat payment, etc.), banking applications (such as Industrial and Commercial Bank of China, Bank of China, Agricultural Bank of China, China Construction Bank, China Merchants Bank, etc. ), fund online loan applications (such as Lu Jin, Renren, etc.).
  • the cloud can dynamically refresh the list of applications under various application types based on the application on the market.
  • the terminal can periodically obtain related policies from the cloud. It can be understood that the user can also adjust and modify the policy according to his own needs or preferences after the terminal obtains the relevant policies from the cloud.
  • the protected data can also be set by the user on the terminal according to his own needs.
  • the protected data set by the user can include not only the application but also the contact information, video, photos and the like of the contact.
  • the generating unit 202 is configured to generate identity verification logic according to the verification algorithm when the determining unit 201 determines that the user is currently accessing the protected data.
  • the generating unit 202 may be specifically configured to: randomly select at least two contacts from the contact list; display the names of the at least two contacts and the at least two on the display screen in an out-of-order manner A portion of the contact information of the contacts prompting the user to connect the contact of the at least two contacts with the at least two contacts.
  • the range of the randomly selected contact may be preset by the user according to the situation of the contact that he or she remembers, if the user sets the randomly selected contact. The range is selected from the range set by the user when the contact is randomly selected. If the user does not set a range of randomly selected contacts, they can be randomly selected among all contacts in the phone address book.
  • the contact information of the contact also belongs to the user's private data
  • the contact information of the contact when the contact information of the contact is displayed on the display, it can be displayed as part of the contact information of the contact; for example, when the contact information of the contact is the mobile phone number 1234567890, You can display 123456****, or 123****890, or ****567890 on the display; the contact information of the contact is the email address.
  • dizhi@dizhi.com you can display di***@dizhi.com on the display, or show **zhi@dizhi.com, or display diz**@**zhi.com and so on.
  • the contact information of the contact and the contact needs to be displayed in an out-of-order manner on the display screen, thereby reducing the possibility of the user being matched.
  • the embodiment of the present invention describes randomly selecting at least two contacts, in practical applications, in order to improve the difficulty of verification, it is recommended to select more than four contacts; for example, only two contacts are selected.
  • the probability of being matched was 50%; when choosing three contacts, the probability of being matched was 16.7%; when choosing four contacts, the probability of being matched was only 4.2%.
  • the generating unit 202 may be specifically configured to: randomly select at least two contacts from the contact list; display the names of the at least two contacts and the at least a part of the contact manner of the two contacts, prompting the user to connect the contact manner of the at least two contacts with the at least two contacts; meanwhile, generating at least one interference contact according to the at least two contacts
  • the interfering contact is similar to at least one of the at least two contacts; the name of the interfering contact is displayed on the display screen.
  • the name of the contact displayed on the screen is one more than the contact of the contact.
  • the user not only needs to know which contacts are the real contacts, but also needs to know the contact information of the real contacts to be able to verify. by. Further reducing the possibility of user misconception.
  • the generated interfering contact is to be similar to at least one of the at least two contacts, thereby playing a role in confusing the user.
  • the similarity in the embodiment of the present invention is that most of the two are the same, and most of the characters may be more than 2/3 of Chinese characters, or letters, or the same numbers.
  • a contact name is Zhang Sansi
  • the generated interference contact can be Zhang Sansi, or Zhang Yisi, or Zhang Sanqi, etc.
  • the more the interference contact name is similar to the real contact, the more Play a role in interference.
  • the generating unit 202 may be specifically configured to: select information of at least two applications installed on the terminal in the application list; generate at least one interference application according to the information of the at least two applications.
  • Information of the program, the information of the interference application being similar to the information of at least one of the at least two applications; displaying information of the at least two applications and the at least one interference application on a display screen Information prompting the user to select the application installed on the terminal.
  • the terminal can maintain a list of popular applications.
  • the application can be found from the list of popular applications without being installed on the terminal. Or if a less popular application is installed on the user terminal, you can avoid selection when you choose.
  • an interference application when generating an interference application, it can be generated similarly to the installation application. For example, if a popular application is selected, a popular application can be generated as an interference application, and if a popular application is selected, an unpopular application can be generated as an unpopular application. Interfering with the application, selecting the shopping application can generate the shopping application as the interference application, and selecting the game application can generate an application similar to the selected application game type as the interference application.
  • the number of generated interference applications may be the same as the number of selected applications.
  • the generating unit 202 may be specifically configured to: select at least two travel information from the terminal; generate at least one interference travel information according to the at least two travel information, the interference travel information and the At least one of the at least two travel information centers is similar; displaying the at least two travel information and the at least one interference travel information on the display screen to prompt the user to select the travel information.
  • the user's travel information is generally reflected on the terminal, for example, if the user sets a train ticket, the user will receive the relevant short message, including the date the user traveled, the train number taken, the destination, etc.; the user has booked the ticket. , will also receive relevant information, including the date the user traveled, the flight, the destination, etc.; when the user has booked the hotel, it will also be recorded on the terminal, including the name of the hotel, the time of stay, etc. .
  • the verification unit 203 is configured to verify whether the user passes the verification of the identity verification logic generated by the generating unit 202.
  • the access control unit 204 is configured to allow the user to access the protected data when the verification unit 203 verifies the verification of the user by the authentication logic; and verify, at the verification unit 203, that the user does not pass the identity verification When the logic is verified, the user is denied access to the protected data.
  • the authentication logic that did not pass the previous user verification is not used when generating the authentication logic, for example, the user does not pass the contact connection logic, the new identity
  • the verification logic can be application logic or travel information logic, etc., or it can still be contact connection logic, but the selected contacts and the generated interference contacts are different from before, thereby improving the accuracy of the verification.
  • the terminal when the terminal currently accesses the protected data, the terminal generates identity verification logic according to the verification algorithm to authenticate the user, and only allows the user to access the user when the user passes the identity verification.
  • Protecting data increases the security of protected data and reduces the risk of user property damage and privacy breaches.
  • the content is based on the same concept as the method embodiment of the present invention.
  • the description in the method embodiment of the present invention and details are not described herein again.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Abstract

An identity verification method comprises: determining whether data currently accessed by a user is protected data; if the data currently accessed by the user is the protected data, generating an identity verification logic according to a verification algorithm; if the verification of the identity verification logic on the user succeeds, allowing the user to access the protected data; and if the verification of the identity verification logic on the user does not succeed, rejecting access to the protected data by the user. By using the present invention, risks of property loss and privacy leakage of users can be reduced.

Description

身份逻辑验证方法和终端Identity logic verification method and terminal 技术领域Technical field
本发明涉及终端技术,具体涉及一种身份验证方法及终端。The present invention relates to terminal technologies, and in particular, to an identity verification method and a terminal.
背景技术Background technique
随着智能终端和平板电脑的飞速发展,越来越多的用户会使用智能终端和平板电脑来获取资讯,玩游戏甚至工作。With the rapid development of smart terminals and tablets, more and more users will use smart terminals and tablets to get information, play games and even work.
智能终端和平板电脑的一个很重要的优势就是触摸操作,想看哪里点哪里的操作方式让下至3岁小孩,上至80岁的老年人都能够很快的上手操作。由于智能终端和平板电脑越来越多的得到用户的喜爱,越来越多的厂商开始在智能终端上发力。A very important advantage of smart terminals and tablets is the touch operation. The way to see where to go is to let the elderly up to 3 years old, up to 80 years old, get started quickly. As more and more smart terminals and tablet PCs are loved by users, more and more manufacturers are beginning to exert their power on smart terminals.
越来越多的用户将自己的隐私信息存放到了智能终端上,例如隐私照片和联系人的联系方式等等;同时,越来越多的设计个人财产的应用软件也在智能终端上得到了大量的应用,如社交,购物,银行,移动支付等等应用软件。More and more users have their own private information stored on smart terminals, such as privacy photos and contacts, etc. At the same time, more and more applications for designing personal assets have also been widely used on smart terminals. Applications such as social, shopping, banking, mobile payments and more.
这些应用软件和隐私信息存放在智能终端上,很多用户都不会对其进行隐私保护,或者有些用户会使用固定的密码对其进行保护。如果别有用心的人拿到了用户的智能终端,对于没有保护的信息和软件可以毫无限制地进行访问,而固定密码也很容易被攻破,很容易造成用户的财产损失和隐私泄露。These applications and private information are stored on smart terminals, and many users will not protect them, or some users will use a fixed password to protect them. If the person with ulterior motives gets the user's smart terminal, the unprotected information and software can be accessed without restriction, and the fixed password can be easily broken, which can easily cause the user's property loss and privacy leakage.
发明内容Summary of the invention
本发明实施例提供了一种身份验证方法及终端,可以降低用户财产损失和隐私泄露的风险。The embodiment of the invention provides an identity verification method and a terminal, which can reduce the risk of user property loss and privacy leakage.
本发明实施例的目的是通过以下技术方案实现的:The purpose of the embodiment of the present invention is achieved by the following technical solutions:
本发明实施例提供了一种身份验证方法,包括:The embodiment of the invention provides an identity verification method, including:
判断用户当前访问的是否为受保护数据;Determine whether the user is currently accessing protected data;
如果所述用户当前访问的是受保护数据,根据验证算法生成身份验证逻辑;If the user is currently accessing protected data, generating authentication logic according to the verification algorithm;
如果所述用户通过所述身份验证逻辑的验证,则允许所述用户访问所述受保护数据; Allowing the user to access the protected data if the user passes the verification of the authentication logic;
如果所述用户没有通过所述身份验证逻辑的验证,则拒绝所述用户访问所述受保护数据。If the user does not pass the verification of the authentication logic, the user is denied access to the protected data.
可选的,所述根据验证算法生成身份验证逻辑包括:Optionally, the generating the identity verification logic according to the verification algorithm includes:
从联系人列表中随机选择至少两个联系人;Select at least two contacts randomly from the contact list;
在显示屏上乱序显示所述至少两个联系人的名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来。Displaying, on the display screen, the names of the at least two contacts and a portion of the contact manner of the at least two contacts, prompting the user to contact the at least two contacts with the at least two contacts Ways to connect.
可选的,所述从联系人列表中随机选择至少两个联系人后,所述方法还包括:Optionally, after the at least two contacts are randomly selected from the contact list, the method further includes:
根据所述至少两个联系人生成至少一个干扰联系人,所述干扰联系人与所述至少两个联系人中的至少一个类似;Generating at least one interfering contact according to the at least two contacts, the interfering contact being similar to at least one of the at least two contacts;
在所述显示屏上显示所述干扰联系人的名称。The name of the interfering contact is displayed on the display.
可选的,所述根据验证算法生成身份验证逻辑包括:Optionally, the generating the identity verification logic according to the verification algorithm includes:
在应用程序列表中选择终端上安装的至少两个应用程序的信息;Select information for at least two applications installed on the terminal in the application list;
根据所述至少两个应用程序的信息生成至少一个干扰应用程序的信息,所述干扰应用程序的信息与所述至少两个应用程序中的至少一个的信息类似;Generating at least one information of the interference application according to the information of the at least two applications, the information of the interference application being similar to the information of at least one of the at least two applications;
在显示屏上显示所述至少两个应用程序的信息以及所述至少一个干扰应用程序的信息,提示用户将终端上安装的应用程序选择出来。The information of the at least two applications and the information of the at least one interfering application are displayed on the display screen, prompting the user to select an application installed on the terminal.
可选的,所述根据验证算法生成身份验证逻辑包括:Optionally, the generating the identity verification logic according to the verification algorithm includes:
从终端上选择至少两次出行信息;Select at least two travel information from the terminal;
根据所述至少两次出行信息生成至少一个干扰出行信息,所述干扰出行信息与所述至少两次出行信息中心的至少一个类似;Generating at least one interference travel information according to the at least two travel information, the interference travel information being similar to at least one of the at least two travel information centers;
在显示屏上显示所述至少两次出行信息和所述至少一个干扰出行信息,提示用户选择出行信息。The at least two travel information and the at least one interference travel information are displayed on the display screen to prompt the user to select the travel information.
本发明实施例提供了一种终端,包括:The embodiment of the invention provides a terminal, including:
判断单元,用于判断用户当前访问的是否为受保护数据;a determining unit, configured to determine whether the user currently accesses the protected data;
生成单元,用于在所述判断单元判断用户当前访问的是受保护数据时,根 据验证算法生成身份验证逻辑;a generating unit, configured to: when the determining unit determines that the user currently accesses protected data, the root The verification algorithm generates authentication logic;
验证单元,用于验证所述用户是否通过所述身份验证逻辑的验证;a verification unit, configured to verify whether the user passes the verification of the authentication logic;
访问控制单元,用于在所述用户通过所述身份验证逻辑的验证时,允许所述用户访问所述受保护数据;在所述用户没有通过所述身份验证逻辑的验证时,拒绝所述用户访问所述受保护数据。An access control unit configured to allow the user to access the protected data when the user passes the verification of the authentication logic; reject the user when the user does not pass the verification of the authentication logic Access the protected data.
可选的,所述生成单元具体用于:Optionally, the generating unit is specifically configured to:
从联系人列表中随机选择至少两个联系人;Select at least two contacts randomly from the contact list;
在显示屏上乱序显示所述至少两个联系人的名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来。Displaying, on the display screen, the names of the at least two contacts and a portion of the contact manner of the at least two contacts, prompting the user to contact the at least two contacts with the at least two contacts Ways to connect.
可选的,所述生成单元还用于:Optionally, the generating unit is further configured to:
根据所述至少两个联系人生成至少一个干扰联系人,所述干扰联系人与所述至少两个联系人中的至少一个类似;Generating at least one interfering contact according to the at least two contacts, the interfering contact being similar to at least one of the at least two contacts;
在所述显示屏上显示所述干扰联系人的名称。The name of the interfering contact is displayed on the display.
可选的,所述生成单元具体用于:Optionally, the generating unit is specifically configured to:
在应用程序列表中选择终端上安装的至少两个应用程序的信息;Select information for at least two applications installed on the terminal in the application list;
根据所述至少两个应用程序的信息生成至少一个干扰应用程序的信息,所述干扰应用程序的信息与所述至少两个应用程序中的至少一个的信息类似;Generating at least one information of the interference application according to the information of the at least two applications, the information of the interference application being similar to the information of at least one of the at least two applications;
在显示屏上显示所述至少两个应用程序的信息以及所述至少一个干扰应用程序的信息,提示用户将终端上安装的应用程序选择出来。The information of the at least two applications and the information of the at least one interfering application are displayed on the display screen, prompting the user to select an application installed on the terminal.
可选的,所述生成单元具体用于:Optionally, the generating unit is specifically configured to:
从终端上选择至少两次出行信息;Select at least two travel information from the terminal;
根据所述至少两次出行信息生成至少一个干扰出行信息,所述干扰出行信息与所述至少两次出行信息中心的至少一个类似;Generating at least one interference travel information according to the at least two travel information, the interference travel information being similar to at least one of the at least two travel information centers;
在显示屏上显示所述至少两次出行信息和所述至少一个干扰出行信息,提示用户选择出行信息。The at least two travel information and the at least one interference travel information are displayed on the display screen to prompt the user to select the travel information.
从本发明实施例提供的以上技术方案可以看出,由于本发明实施例中终端 可以在用户当前访问的是受保护数据时,根据验证算法生成身份验证逻辑来对用户进行身份验证,只有在用户通过了身份验证时才允许用户访问受保护数据,提高了受保护数据的安全,能够降低用户财产损失和隐私泄露的风险。It can be seen from the above technical solutions provided by the embodiments of the present invention that the terminal in the embodiment of the present invention When the user currently accesses the protected data, the authentication algorithm is generated according to the verification algorithm to authenticate the user, and the user is allowed to access the protected data only when the user passes the authentication, thereby improving the security of the protected data. It can reduce the risk of user property loss and privacy leakage.
附图说明DRAWINGS
为了更清楚地说明本发明实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention, Those skilled in the art can also obtain other drawings based on these drawings without paying for creative labor.
图1为本发明一个实施例提供的身份验证方法的流程图;FIG. 1 is a flowchart of an identity verification method according to an embodiment of the present invention;
图2为本发明一个实施例提供的终端的结构图。FIG. 2 is a structural diagram of a terminal according to an embodiment of the present invention.
具体实施方式Detailed ways
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
先介绍本发明实施例提供的视频通话方法,图1描述了本发明一个实施例提供的身份验证方法的流程,该实施例描述的是终端的处理流程,该终端可以是智能终端或平板电脑等,该终端具有显示屏。如图1所示,该实施例包括:The video call method provided by the embodiment of the present invention is described first. FIG. 1 is a flowchart of an identity verification method according to an embodiment of the present invention. The embodiment describes a process flow of the terminal, and the terminal may be a smart terminal or a tablet computer. The terminal has a display screen. As shown in FIG. 1, this embodiment includes:
101、判断用户当前访问的是否为受保护数据;如果用户当前访问的是受保护数据,进入步骤102,如果用户当前访问的不是受保护数据,进入步骤106。101. Determine whether the user currently accesses the protected data; if the user currently accesses the protected data, go to step 102, and if the user is currently not accessing the protected data, go to step 106.
其中,受保护数据可以由终端根据云端策略确定,例如可以将终端上安装的涉及用户隐私和用户财产的应用程序确定为受保护数据,如购物应用程序(如淘宝,天猫,京东,苏宁易购,1号店等等),移动支付应用程序(如银联钱包,支付宝,微信支付等等),银行应用程序(如中国工商银行,中国银行,中国农业银行,中国建设银行,招商银行等等),基金网贷应用程序(如陆金所,人人贷等等)等。云端可以根据市面上应用程序的情况动态地刷新各种应用程序类型下的应用程序列表。终端可以周期性地从云端获取相关的策略。可以理解的是,用户也可以在终端从云端获取了相关的策略后,根据自己的需 要或者喜好对策略进行调整和修改。The protected data may be determined by the terminal according to a cloud policy. For example, an application related to user privacy and user property installed on the terminal may be determined as protected data, such as a shopping application (eg, Taobao, Tmall, Jingdong, Suning Yi). Purchase, No. 1 shop, etc.), mobile payment applications (such as UnionPay wallet, Alipay, WeChat payment, etc.), banking applications (such as Industrial and Commercial Bank of China, Bank of China, Agricultural Bank of China, China Construction Bank, China Merchants Bank, etc. ), fund online loan applications (such as Lu Jin, Renren, etc.). The cloud can dynamically refresh the list of applications under various application types based on the application on the market. The terminal can periodically obtain related policies from the cloud. Understandably, the user can also obtain the relevant policies from the cloud after the terminal obtains the relevant policies according to their needs. Have or like to adjust and modify the strategy.
受保护数据也可以由用户根据自己的需要在终端上进行设置,用户设置的受保护数据不仅可以包括应用程序,还可以包括联系人的联系方式,视频,和照片等等。The protected data can also be set by the user on the terminal according to his own needs. The protected data set by the user can include not only the application but also the contact information, video, photos and the like of the contact.
102、根据验证算法生成身份验证逻辑。102. Generate identity verification logic according to the verification algorithm.
在一种实施方式中,根据验证算法生成身份验证逻辑可以包括:从联系人列表中随机选择至少两个联系人;在显示屏上乱序显示所述至少两个联系人的名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来。In an embodiment, generating the identity verification logic according to the verification algorithm may include: randomly selecting at least two contacts from the contact list; displaying the names of the at least two contacts and the at least on the display screen A portion of the contact of the two contacts prompting the user to connect the contact of the at least two contacts with the at least two contacts.
其中,考虑到用户不一定能够记住所有联系人的联系方式,因此也可以由用户根据自己记住的联系人的情况预先设定随机选择联系人的范围,如果用户设定了随机选择联系人的范围,则在随机选择联系人时从用户设定的范围内选择。如果用户没有设定随机选择联系人的范围,则可以在手机通讯录的所有联系人中随机进行选择。Wherein, considering that the user may not be able to remember the contact information of all the contacts, the range of the randomly selected contact may be preset by the user according to the situation of the contact that he or she remembers, if the user sets the randomly selected contact. The range is selected from the range set by the user when the contact is randomly selected. If the user does not set a range of randomly selected contacts, they can be randomly selected among all contacts in the phone address book.
由于联系人的联系方式也属于用户的隐私数据,因此在显示屏上显示联系人的联系方式时,可以至显示联系人的联系方式的一部分;例如在联系人的联系方式是手机号码1234567890时,可以在显示屏上显示123456****,或者123****890,或者****567890等等;在联系人的联系方式是Email地址dizhi@dizhi.com时,可以在显示屏上显示di***@dizhi.com,或者显示**zhi@dizhi.com,或者显示diz**@**zhi.com等等。Since the contact information of the contact also belongs to the user's private data, when the contact information of the contact is displayed on the display, it can be displayed as part of the contact information of the contact; for example, when the contact information of the contact is the mobile phone number 1234567890, You can display 123456****, or 123****890, or ****567890 on the display; when the contact information of the contact is email address dizhi@dizhi.com, you can display it on the display. Show di***@dizhi.com, or show **zhi@dizhi.com, or show diz**@**zhi.com and more.
其中,为了提高验证的难度,在显示屏上需要乱序显示联系人和联系人的联系方式,从而降低用户蒙对的可能。Among them, in order to improve the difficulty of verification, the contact information of the contact and the contact needs to be displayed in an out-of-order manner on the display screen, thereby reducing the possibility of the user being matched.
可以理解的是,虽然本发明实施例描述的是随机选择至少两个联系人,但是在实际应用中,为了提高验证的难度,建议选择四个以上的联系人;例如,在只有两个联系人时,蒙对的可能性是50%;在选择三个联系人时,蒙对的可能性16.7%;而在选择四个联系人时,蒙对的可能性就只有4.2%了。It can be understood that although the embodiment of the present invention describes randomly selecting at least two contacts, in practical applications, in order to improve the difficulty of verification, it is recommended to select more than four contacts; for example, only two contacts are selected. At the time, the probability of being matched was 50%; when choosing three contacts, the probability of being matched was 16.7%; when choosing four contacts, the probability of being matched was only 4.2%.
在另一个实施例中,根据验证算法生成身份验证逻辑可以包括:从联系人列表中随机选择至少两个联系人;在显示屏上乱序显示所述至少两个联系人的 名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来;同时,根据所述至少两个联系人生成至少一个干扰联系人,所述干扰联系人与所述至少两个联系人中的至少一个类似;在所述显示屏上显示所述干扰联系人的名称。In another embodiment, generating the identity verification logic according to the verification algorithm may include: randomly selecting at least two contacts from the contact list; displaying the at least two contacts in an out-of-order manner on the display screen a name and a part of the contact manner of the at least two contacts, prompting the user to connect the contact manner of the at least two contacts with the at least two contacts; and simultaneously generating according to the at least two contacts At least one interfering contact, the interfering contact being similar to at least one of the at least two contacts; displaying the name of the interfering contact on the display screen.
在这种情况下,屏幕上显示的联系人的名称比联系人的联系方式要多一个,用户不仅要知道哪些联系人是真正的联系人,还需要知道真正的联系人的联系方式才能够验证通过。进一步降低了用户蒙对的可能性。In this case, the name of the contact displayed on the screen is one more than the contact of the contact. The user not only needs to know which contacts are the real contacts, but also needs to know the contact information of the real contacts to be able to verify. by. Further reducing the possibility of user misconception.
其中,在根据至少两个联系人生成至少一个干扰联系人时,生成的干扰联系人要和至少两个联系人中的至少一个类似,从而对用户起到混淆的作用。其中,本发明实施例中的类似说的是两者之间大部分都相同,所述的大部分可以是2/3以上的汉字,或字母,或数字相同。例如,一个联系的,名字是张三四,则生成的干扰联系人可以是章三四,或者张叁四,或者张三肆等等,干扰联系人的名称与真正联系人越相似就越可以起到干扰的作用。Wherein, when at least one interfering contact is generated according to at least two contacts, the generated interfering contact is to be similar to at least one of the at least two contacts, thereby playing a role in confusing the user. The similarity in the embodiment of the present invention is that most of the two are the same, and most of the characters may be more than 2/3 of Chinese characters, or letters, or the same numbers. For example, if a contact name is Zhang Sansi, the generated interference contact can be Zhang Sansi, or Zhang Yisi, or Zhang Sanqi, etc. The more the interference contact name is similar to the real contact, the more Play a role in interference.
在另一个实施例中,所述根据验证算法生成身份验证逻辑可以包括:在应用程序列表中选择终端上安装的至少两个应用程序的信息;根据所述至少两个应用程序的信息生成至少一个干扰应用程序的信息,所述干扰应用程序的信息与所述至少两个应用程序中的至少一个的信息类似;在显示屏上显示所述至少两个应用程序的信息以及所述至少一个干扰应用程序的信息,提示用户将终端上安装的应用程序选择出来。In another embodiment, the generating the identity verification logic according to the verification algorithm may include: selecting information of at least two applications installed on the terminal in the application list; generating at least one according to the information of the at least two applications Interfering with information of an application, the information of the interfering application being similar to information of at least one of the at least two applications; displaying information of the at least two applications and the at least one interfering application on a display screen The program information prompts the user to select the application installed on the terminal.
由于用户对自己终端上安装的应用程序是比较清楚的,因此终端的真正用户能够很容易地通过验证。其中,为了减低用户蒙对的可能性,终端可以维护热门应用程序的列表,在生成干扰应用程序的信息时,可以从热门应用程序列表中查找终端上并没有安装的应用程序。或者如果用户终端上安装了比较冷门的应用程序,在选择时可以尽量避免选择。Since the user is more clear about the application installed on his terminal, the real user of the terminal can easily pass the verification. In order to reduce the possibility of user misconception, the terminal can maintain a list of popular applications. When generating information that interferes with the application, the application can be found from the list of popular applications without being installed on the terminal. Or if a less popular application is installed on the user terminal, you can avoid selection when you choose.
其中,在生成干扰应用程序时可以生成与安装应用程序在热门程度上类似的,例如选择了热门应用程序则可以生成热门应用程序作为干扰应用程序,选择了冷门应用程序则可以生成冷门应用程序作为干扰应用程序,选择了购物应用程序就可以生成购物应用程序作为干扰应用程序,选择了游戏应用程序就可以生成与选择的应用程序游戏类型上类似的应用程序作为干扰应用程序。 Among them, when generating an interference application, it can be generated similarly to the installation application. For example, if a popular application is selected, a popular application can be generated as an interference application, and if a popular application is selected, an unpopular application can be generated as an unpopular application. Interfering with the application, selecting the shopping application can generate the shopping application as the interference application, and selecting the game application can generate an application similar to the selected application game type as the interference application.
其中,为了进一步提高验证的准确性,即降低用户蒙对的可能性,生成的干扰应用程序的数量可以和选择的应用程序的数量一致。In order to further improve the accuracy of the verification, that is, reduce the possibility of the user being matched, the number of generated interference applications may be the same as the number of selected applications.
在另一个实施例中,所述根据验证算法生成身份验证逻辑可以包括:从终端上选择至少两次出行信息;根据所述至少两次出行信息生成至少一个干扰出行信息,所述干扰出行信息与所述至少两次出行信息中心的至少一个类似;在显示屏上显示所述至少两次出行信息和所述至少一个干扰出行信息,提示用户选择出行信息。In another embodiment, the generating the identity verification logic according to the verification algorithm may include: selecting at least two travel information from the terminal; generating at least one interference travel information according to the at least two travel information, the interference travel information and At least one of the at least two travel information centers is similar; displaying the at least two travel information and the at least one interference travel information on a display screen to prompt the user to select travel information.
由于用户的出行信息一般都会在终端上有所体现,例如用户定了火车票则会收到相关的短息,包括用户出行的日期,搭乘的列车班次,以及目的地等等;用户预定了机票,也会收到相关的信息,包括用户出行的日期,搭乘的航班,以及目的地等等;用户预订了酒店,也会在终端上有所记录,包括酒店的名称,以及入住的时间等等。Since the user's travel information is generally reflected on the terminal, for example, if the user sets a train ticket, the user will receive the relevant short message, including the date the user traveled, the train number taken, the destination, etc.; the user has booked the ticket. , will also receive relevant information, including the date the user traveled, the flight, the destination, etc.; when the user has booked the hotel, it will also be recorded on the terminal, including the name of the hotel, the time of stay, etc. .
可以理解的是,上述各种身份验证逻辑也可以组合使用,进一步提高验证的准确性。It can be understood that the above various authentication logics can also be used in combination to further improve the accuracy of the verification.
103、判断用户是否通过身份验证逻辑的验证;如果是,进入步骤104;如果否,进入步骤105;103, determine whether the user is verified by the authentication logic; if yes, proceed to step 104; if not, proceed to step 105;
104、允许所述用户访问所述受保护数据。104. Allow the user to access the protected data.
105、拒绝所述用户访问所述受保护数据。105. Refusing the user to access the protected data.
其中,在拒绝用户访问受保护的数据后,如果用户选择再一次验证,则在生成身份验证逻辑时不使用之前用户验证没通过的验证逻辑,例如用户没通过联系人连接逻辑,则新的身份验证逻辑可以是应用程序逻辑或者出行信息逻辑等等,或者也可以仍然是联系人连接逻辑,但是选择的联系人和生成的干扰联系人与之前均不同,从而提高验证的准确性。After the user is denied access to the protected data, if the user chooses to verify again, the authentication logic that did not pass the previous user verification is not used when generating the authentication logic, for example, the user does not pass the contact connection logic, the new identity The verification logic can be application logic or travel information logic, etc., or it can still be contact connection logic, but the selected contacts and the generated interference contacts are different from before, thereby improving the accuracy of the verification.
106、允许用户访问当前访问的数据。106. Allow the user to access the currently accessed data.
从上可知,由于本发明实施例中终端可以在用户当前访问的是受保护数据时,根据验证算法生成身份验证逻辑来对用户进行身份验证,只有在用户通过了身份验证时才允许用户访问受保护数据,提高了受保护数据的安全,能够降低用户财产损失和隐私泄露的风险。 As can be seen from the above, in the embodiment of the present invention, when the terminal currently accesses the protected data, the terminal generates identity verification logic according to the verification algorithm to authenticate the user, and only allows the user to access the user when the user passes the identity verification. Protecting data increases the security of protected data and reduces the risk of user property damage and privacy breaches.
图2描述了本发明一个实施例提供的终端的结构,包括:Figure 2 illustrates the structure of a terminal provided by an embodiment of the present invention, including:
判断单元201,用于判断用户当前访问的是否为受保护数据。The determining unit 201 is configured to determine whether the user currently accesses the protected data.
其中,受保护数据可以由终端根据云端策略确定,例如可以将终端上安装的涉及用户隐私和用户财产的应用程序确定为受保护数据,如购物应用程序(如淘宝,天猫,京东,苏宁易购,1号店等等),移动支付应用程序(如银联钱包,支付宝,微信支付等等),银行应用程序(如中国工商银行,中国银行,中国农业银行,中国建设银行,招商银行等等),基金网贷应用程序(如陆金所,人人贷等等)等。云端可以根据市面上应用程序的情况动态地刷新各种应用程序类型下的应用程序列表。终端可以周期性地从云端获取相关的策略。可以理解的是,用户也可以在终端从云端获取了相关的策略后,根据自己的需要或者喜好对策略进行调整和修改。The protected data may be determined by the terminal according to a cloud policy. For example, an application related to user privacy and user property installed on the terminal may be determined as protected data, such as a shopping application (eg, Taobao, Tmall, Jingdong, Suning Yi). Purchase, No. 1 shop, etc.), mobile payment applications (such as UnionPay wallet, Alipay, WeChat payment, etc.), banking applications (such as Industrial and Commercial Bank of China, Bank of China, Agricultural Bank of China, China Construction Bank, China Merchants Bank, etc. ), fund online loan applications (such as Lu Jin, Renren, etc.). The cloud can dynamically refresh the list of applications under various application types based on the application on the market. The terminal can periodically obtain related policies from the cloud. It can be understood that the user can also adjust and modify the policy according to his own needs or preferences after the terminal obtains the relevant policies from the cloud.
受保护数据也可以由用户根据自己的需要在终端上进行设置,用户设置的受保护数据不仅可以包括应用程序,还可以包括联系人的联系方式,视频,和照片等等。The protected data can also be set by the user on the terminal according to his own needs. The protected data set by the user can include not only the application but also the contact information, video, photos and the like of the contact.
生成单元202,用于在所述判断单元201判断用户当前访问的是受保护数据时,根据验证算法生成身份验证逻辑。The generating unit 202 is configured to generate identity verification logic according to the verification algorithm when the determining unit 201 determines that the user is currently accessing the protected data.
在一个实施例中,所述生成单元202可以具体用于:从联系人列表中随机选择至少两个联系人;在显示屏上乱序显示所述至少两个联系人的名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来。In an embodiment, the generating unit 202 may be specifically configured to: randomly select at least two contacts from the contact list; display the names of the at least two contacts and the at least two on the display screen in an out-of-order manner A portion of the contact information of the contacts prompting the user to connect the contact of the at least two contacts with the at least two contacts.
其中,考虑到用户不一定能够记住所有联系人的联系方式,因此也可以由用户根据自己记住的联系人的情况预先设定随机选择联系人的范围,如果用户设定了随机选择联系人的范围,则在随机选择联系人时从用户设定的范围内选择。如果用户没有设定随机选择联系人的范围,则可以在手机通讯录的所有联系人中随机进行选择。Wherein, considering that the user may not be able to remember the contact information of all the contacts, the range of the randomly selected contact may be preset by the user according to the situation of the contact that he or she remembers, if the user sets the randomly selected contact. The range is selected from the range set by the user when the contact is randomly selected. If the user does not set a range of randomly selected contacts, they can be randomly selected among all contacts in the phone address book.
由于联系人的联系方式也属于用户的隐私数据,因此在显示屏上显示联系人的联系方式时,可以至显示联系人的联系方式的一部分;例如在联系人的联系方式是手机号码1234567890时,可以在显示屏上显示123456****,或者123****890,或者****567890等等;在联系人的联系方式是Email地址 dizhi@dizhi.com时,可以在显示屏上显示di***@dizhi.com,或者显示**zhi@dizhi.com,或者显示diz**@**zhi.com等等。Since the contact information of the contact also belongs to the user's private data, when the contact information of the contact is displayed on the display, it can be displayed as part of the contact information of the contact; for example, when the contact information of the contact is the mobile phone number 1234567890, You can display 123456****, or 123****890, or ****567890 on the display; the contact information of the contact is the email address. When dizhi@dizhi.com, you can display di***@dizhi.com on the display, or show **zhi@dizhi.com, or display diz**@**zhi.com and so on.
其中,为了提高验证的难度,在显示屏上需要乱序显示联系人和联系人的联系方式,从而降低用户蒙对的可能。Among them, in order to improve the difficulty of verification, the contact information of the contact and the contact needs to be displayed in an out-of-order manner on the display screen, thereby reducing the possibility of the user being matched.
可以理解的是,虽然本发明实施例描述的是随机选择至少两个联系人,但是在实际应用中,为了提高验证的难度,建议选择四个以上的联系人;例如,在只有两个联系人时,蒙对的可能性是50%;在选择三个联系人时,蒙对的可能性16.7%;而在选择四个联系人时,蒙对的可能性就只有4.2%了。It can be understood that although the embodiment of the present invention describes randomly selecting at least two contacts, in practical applications, in order to improve the difficulty of verification, it is recommended to select more than four contacts; for example, only two contacts are selected. At the time, the probability of being matched was 50%; when choosing three contacts, the probability of being matched was 16.7%; when choosing four contacts, the probability of being matched was only 4.2%.
在另一个实施例中,所述生成单元202可以具体用于:从联系人列表中随机选择至少两个联系人;在显示屏上乱序显示所述至少两个联系人的名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来;同时,根据所述至少两个联系人生成至少一个干扰联系人,所述干扰联系人与所述至少两个联系人中的至少一个类似;在所述显示屏上显示所述干扰联系人的名称。In another embodiment, the generating unit 202 may be specifically configured to: randomly select at least two contacts from the contact list; display the names of the at least two contacts and the at least a part of the contact manner of the two contacts, prompting the user to connect the contact manner of the at least two contacts with the at least two contacts; meanwhile, generating at least one interference contact according to the at least two contacts The interfering contact is similar to at least one of the at least two contacts; the name of the interfering contact is displayed on the display screen.
在这种情况下,屏幕上显示的联系人的名称比联系人的联系方式要多一个,用户不仅要知道哪些联系人是真正的联系人,还需要知道真正的联系人的联系方式才能够验证通过。进一步降低了用户蒙对的可能性。In this case, the name of the contact displayed on the screen is one more than the contact of the contact. The user not only needs to know which contacts are the real contacts, but also needs to know the contact information of the real contacts to be able to verify. by. Further reducing the possibility of user misconception.
其中,在根据至少两个联系人生成至少一个干扰联系人时,生成的干扰联系人要和至少两个联系人中的至少一个类似,从而对用户起到混淆的作用。其中,本发明实施例中的类似说的是两者之间大部分都相同,所述的大部分可以是2/3以上的汉字,或字母,或数字相同。例如,一个联系的,名字是张三四,则生成的干扰联系人可以是章三四,或者张叁四,或者张三肆等等,干扰联系人的名称与真正联系人越相似就越可以起到干扰的作用。Wherein, when at least one interfering contact is generated according to at least two contacts, the generated interfering contact is to be similar to at least one of the at least two contacts, thereby playing a role in confusing the user. The similarity in the embodiment of the present invention is that most of the two are the same, and most of the characters may be more than 2/3 of Chinese characters, or letters, or the same numbers. For example, if a contact name is Zhang Sansi, the generated interference contact can be Zhang Sansi, or Zhang Yisi, or Zhang Sanqi, etc. The more the interference contact name is similar to the real contact, the more Play a role in interference.
在另一个实施例中,所述生成单元202可以具体用于:在应用程序列表中选择终端上安装的至少两个应用程序的信息;根据所述至少两个应用程序的信息生成至少一个干扰应用程序的信息,所述干扰应用程序的信息与所述至少两个应用程序中的至少一个的信息类似;在显示屏上显示所述至少两个应用程序的信息以及所述至少一个干扰应用程序的信息,提示用户将终端上安装的应用程序选择出来。 In another embodiment, the generating unit 202 may be specifically configured to: select information of at least two applications installed on the terminal in the application list; generate at least one interference application according to the information of the at least two applications. Information of the program, the information of the interference application being similar to the information of at least one of the at least two applications; displaying information of the at least two applications and the at least one interference application on a display screen Information prompting the user to select the application installed on the terminal.
由于用户对自己终端上安装的应用程序是比较清楚的,因此终端的真正用户能够很容易地通过验证。其中,为了减低用户蒙对的可能性,终端可以维护热门应用程序的列表,在生成干扰应用程序的信息时,可以从热门应用程序列表中查找终端上并没有安装的应用程序。或者如果用户终端上安装了比较冷门的应用程序,在选择时可以尽量避免选择。Since the user is more clear about the application installed on his terminal, the real user of the terminal can easily pass the verification. In order to reduce the possibility of user misconception, the terminal can maintain a list of popular applications. When generating information that interferes with the application, the application can be found from the list of popular applications without being installed on the terminal. Or if a less popular application is installed on the user terminal, you can avoid selection when you choose.
其中,在生成干扰应用程序时可以生成与安装应用程序在热门程度上类似的,例如选择了热门应用程序则可以生成热门应用程序作为干扰应用程序,选择了冷门应用程序则可以生成冷门应用程序作为干扰应用程序,选择了购物应用程序就可以生成购物应用程序作为干扰应用程序,选择了游戏应用程序就可以生成与选择的应用程序游戏类型上类似的应用程序作为干扰应用程序。Among them, when generating an interference application, it can be generated similarly to the installation application. For example, if a popular application is selected, a popular application can be generated as an interference application, and if a popular application is selected, an unpopular application can be generated as an unpopular application. Interfering with the application, selecting the shopping application can generate the shopping application as the interference application, and selecting the game application can generate an application similar to the selected application game type as the interference application.
其中,为了进一步提高验证的准确性,即降低用户蒙对的可能性,生成的干扰应用程序的数量可以和选择的应用程序的数量一致。In order to further improve the accuracy of the verification, that is, reduce the possibility of the user being matched, the number of generated interference applications may be the same as the number of selected applications.
在另一个实施例中,所述生成单元202可以具体用于:从终端上选择至少两次出行信息;根据所述至少两次出行信息生成至少一个干扰出行信息,所述干扰出行信息与所述至少两次出行信息中心的至少一个类似;在显示屏上显示所述至少两次出行信息和所述至少一个干扰出行信息,提示用户选择出行信息。In another embodiment, the generating unit 202 may be specifically configured to: select at least two travel information from the terminal; generate at least one interference travel information according to the at least two travel information, the interference travel information and the At least one of the at least two travel information centers is similar; displaying the at least two travel information and the at least one interference travel information on the display screen to prompt the user to select the travel information.
由于用户的出行信息一般都会在终端上有所体现,例如用户定了火车票则会收到相关的短息,包括用户出行的日期,搭乘的列车班次,以及目的地等等;用户预定了机票,也会收到相关的信息,包括用户出行的日期,搭乘的航班,以及目的地等等;用户预订了酒店,也会在终端上有所记录,包括酒店的名称,以及入住的时间等等。Since the user's travel information is generally reflected on the terminal, for example, if the user sets a train ticket, the user will receive the relevant short message, including the date the user traveled, the train number taken, the destination, etc.; the user has booked the ticket. , will also receive relevant information, including the date the user traveled, the flight, the destination, etc.; when the user has booked the hotel, it will also be recorded on the terminal, including the name of the hotel, the time of stay, etc. .
可以理解的是,上述各种身份验证逻辑也可以组合使用,进一步提高验证的准确性。It can be understood that the above various authentication logics can also be used in combination to further improve the accuracy of the verification.
验证单元203,用于验证所述用户是否通过所述生成单元202生成的身份验证逻辑的验证。The verification unit 203 is configured to verify whether the user passes the verification of the identity verification logic generated by the generating unit 202.
访问控制单元204,用于在所述验证单元203验证用户通过所述身份验证逻辑的验证时,允许所述用户访问所述受保护数据;在所述验证单元203验证用户没有通过所述身份验证逻辑的验证时,拒绝所述用户访问所述受保护数据。 The access control unit 204 is configured to allow the user to access the protected data when the verification unit 203 verifies the verification of the user by the authentication logic; and verify, at the verification unit 203, that the user does not pass the identity verification When the logic is verified, the user is denied access to the protected data.
其中,在拒绝用户访问受保护的数据后,如果用户选择再一次验证,则在生成身份验证逻辑时不使用之前用户验证没通过的验证逻辑,例如用户没通过联系人连接逻辑,则新的身份验证逻辑可以是应用程序逻辑或者出行信息逻辑等等,或者也可以仍然是联系人连接逻辑,但是选择的联系人和生成的干扰联系人与之前均不同,从而提高验证的准确性。After the user is denied access to the protected data, if the user chooses to verify again, the authentication logic that did not pass the previous user verification is not used when generating the authentication logic, for example, the user does not pass the contact connection logic, the new identity The verification logic can be application logic or travel information logic, etc., or it can still be contact connection logic, but the selected contacts and the generated interference contacts are different from before, thereby improving the accuracy of the verification.
从上可知,由于本发明实施例中终端可以在用户当前访问的是受保护数据时,根据验证算法生成身份验证逻辑来对用户进行身份验证,只有在用户通过了身份验证时才允许用户访问受保护数据,提高了受保护数据的安全,能够降低用户财产损失和隐私泄露的风险。As can be seen from the above, in the embodiment of the present invention, when the terminal currently accesses the protected data, the terminal generates identity verification logic according to the verification algorithm to authenticate the user, and only allows the user to access the user when the user passes the identity verification. Protecting data increases the security of protected data and reduces the risk of user property damage and privacy breaches.
上述装置和系统内的各模块之间的信息交互、执行过程等内容,由于与本发明方法实施例基于同一构思,具体内容可参见本发明方法实施例中的叙述,此处不再赘述。For the information exchange, the execution process, and the like between the above-mentioned devices and the modules in the system, the content is based on the same concept as the method embodiment of the present invention. For details, refer to the description in the method embodiment of the present invention, and details are not described herein again.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,上述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,上述的存储介质可为磁碟、光盘、只读存储记忆体(ROM:Read-Only Memory)或随机存储记忆体(RAM:Random Access Memory)等。A person skilled in the art can understand that all or part of the process of implementing the above embodiment method can be completed by a computer program to instruct related hardware, and the above program can be stored in a computer readable storage medium. When executed, the flow of an embodiment of the methods as described above may be included. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).
本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。 The principles and embodiments of the present invention have been described herein with reference to specific examples. The foregoing description of the embodiments are merely for the purpose of understanding the method of the present invention and the concept thereof. Also, those skilled in the art in accordance with the present invention The present invention is not limited by the scope of the present invention.

Claims (10)

  1. 一种身份验证方法,其特征在于,包括:An authentication method, comprising:
    判断用户当前访问的是否为受保护数据;Determine whether the user is currently accessing protected data;
    如果所述用户当前访问的是受保护数据,根据验证算法生成身份验证逻辑;If the user is currently accessing protected data, generating authentication logic according to the verification algorithm;
    如果所述用户通过所述身份验证逻辑的验证,则允许所述用户访问所述受保护数据;Allowing the user to access the protected data if the user passes the verification of the authentication logic;
    如果所述用户没有通过所述身份验证逻辑的验证,则拒绝所述用户访问所述受保护数据。If the user does not pass the verification of the authentication logic, the user is denied access to the protected data.
  2. 如权利要求1所述的方法,其特征在于,所述根据验证算法生成身份验证逻辑包括:The method of claim 1, wherein the generating the identity verification logic according to the verification algorithm comprises:
    从联系人列表中随机选择至少两个联系人;Select at least two contacts randomly from the contact list;
    在显示屏上乱序显示所述至少两个联系人的名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来。Displaying, on the display screen, the names of the at least two contacts and a portion of the contact manner of the at least two contacts, prompting the user to contact the at least two contacts with the at least two contacts Ways to connect.
  3. 如权利要求2所述的方法,其特征在于,所述从联系人列表中随机选择至少两个联系人后,所述方法还包括:The method of claim 2, wherein after the randomly selecting at least two contacts from the contact list, the method further comprises:
    根据所述至少两个联系人生成至少一个干扰联系人,所述干扰联系人与所述至少两个联系人中的至少一个类似;Generating at least one interfering contact according to the at least two contacts, the interfering contact being similar to at least one of the at least two contacts;
    在所述显示屏上显示所述干扰联系人的名称。The name of the interfering contact is displayed on the display.
  4. 如权利要求1至3任一所述的方法,其特征在于,所述根据验证算法生成身份验证逻辑包括:The method according to any one of claims 1 to 3, wherein the generating the identity verification logic according to the verification algorithm comprises:
    在应用程序列表中选择终端上安装的至少两个应用程序的信息;Select information for at least two applications installed on the terminal in the application list;
    根据所述至少两个应用程序的信息生成至少一个干扰应用程序的信息,所述干扰应用程序的信息与所述至少两个应用程序中的至少一个的信息类似;Generating at least one information of the interference application according to the information of the at least two applications, the information of the interference application being similar to the information of at least one of the at least two applications;
    在显示屏上显示所述至少两个应用程序的信息以及所述至少一个干扰应用程序的信息,提示用户将终端上安装的应用程序选择出来。The information of the at least two applications and the information of the at least one interfering application are displayed on the display screen, prompting the user to select an application installed on the terminal.
  5. 如权利要求1至3任一所述的方法,其特征在于,所述根据验证算法 生成身份验证逻辑包括:The method according to any one of claims 1 to 3, characterized in that said verification algorithm Generating authentication logic includes:
    从终端上选择至少两次出行信息;Select at least two travel information from the terminal;
    根据所述至少两次出行信息生成至少一个干扰出行信息,所述干扰出行信息与所述至少两次出行信息中心的至少一个类似;Generating at least one interference travel information according to the at least two travel information, the interference travel information being similar to at least one of the at least two travel information centers;
    在显示屏上显示所述至少两次出行信息和所述至少一个干扰出行信息,提示用户选择出行信息。The at least two travel information and the at least one interference travel information are displayed on the display screen to prompt the user to select the travel information.
  6. 一种终端,其特征在于,包括:A terminal, comprising:
    判断单元,用于判断用户当前访问的是否为受保护数据;a determining unit, configured to determine whether the user currently accesses the protected data;
    生成单元,用于在所述判断单元判断用户当前访问的是受保护数据时,根据验证算法生成身份验证逻辑;a generating unit, configured to generate identity verification logic according to the verification algorithm when the determining unit determines that the user currently accesses the protected data;
    验证单元,用于验证所述用户是否通过所述身份验证逻辑的验证;a verification unit, configured to verify whether the user passes the verification of the authentication logic;
    访问控制单元,用于在所述用户通过所述身份验证逻辑的验证时,允许所述用户访问所述受保护数据;在所述用户没有通过所述身份验证逻辑的验证时,拒绝所述用户访问所述受保护数据。An access control unit configured to allow the user to access the protected data when the user passes the verification of the authentication logic; reject the user when the user does not pass the verification of the authentication logic Access the protected data.
  7. 如权利要求6所述的终端,其特征在于,所述生成单元具体用于:The terminal according to claim 6, wherein the generating unit is specifically configured to:
    从联系人列表中随机选择至少两个联系人;Select at least two contacts randomly from the contact list;
    在显示屏上乱序显示所述至少两个联系人的名称以及所述至少两个联系人的联系方式的一部分,提示用户将所述至少两个联系人与所述至少两个联系人的联系方式连接起来。Displaying, on the display screen, the names of the at least two contacts and a portion of the contact manner of the at least two contacts, prompting the user to contact the at least two contacts with the at least two contacts Ways to connect.
  8. 如权利要求7所述的终端,其特征在于,所述生成单元还用于:The terminal according to claim 7, wherein the generating unit is further configured to:
    根据所述至少两个联系人生成至少一个干扰联系人,所述干扰联系人与所述至少两个联系人中的至少一个类似;Generating at least one interfering contact according to the at least two contacts, the interfering contact being similar to at least one of the at least two contacts;
    在所述显示屏上显示所述干扰联系人的名称。The name of the interfering contact is displayed on the display.
  9. 如权利要求6至8任一所述的终端,其特征在于,所述生成单元具体用于:The terminal according to any one of claims 6 to 8, wherein the generating unit is specifically configured to:
    在应用程序列表中选择终端上安装的至少两个应用程序的信息;Select information for at least two applications installed on the terminal in the application list;
    根据所述至少两个应用程序的信息生成至少一个干扰应用程序的信息,所 述干扰应用程序的信息与所述至少两个应用程序中的至少一个的信息类似;Generating at least one information of the interference application according to the information of the at least two applications, The information of the interference application is similar to the information of at least one of the at least two applications;
    在显示屏上显示所述至少两个应用程序的信息以及所述至少一个干扰应用程序的信息,提示用户将终端上安装的应用程序选择出来。The information of the at least two applications and the information of the at least one interfering application are displayed on the display screen, prompting the user to select an application installed on the terminal.
  10. 如权利要求6至8任一所述的终端,其特征在于,所述生成单元具体用于:The terminal according to any one of claims 6 to 8, wherein the generating unit is specifically configured to:
    从终端上选择至少两次出行信息;Select at least two travel information from the terminal;
    根据所述至少两次出行信息生成至少一个干扰出行信息,所述干扰出行信息与所述至少两次出行信息中心的至少一个类似;Generating at least one interference travel information according to the at least two travel information, the interference travel information being similar to at least one of the at least two travel information centers;
    在显示屏上显示所述至少两次出行信息和所述至少一个干扰出行信息,提示用户选择出行信息。 The at least two travel information and the at least one interference travel information are displayed on the display screen to prompt the user to select the travel information.
PCT/CN2017/098765 2017-08-24 2017-08-24 Identity logic verification method and terminal WO2019037003A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/098765 WO2019037003A1 (en) 2017-08-24 2017-08-24 Identity logic verification method and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/098765 WO2019037003A1 (en) 2017-08-24 2017-08-24 Identity logic verification method and terminal

Publications (1)

Publication Number Publication Date
WO2019037003A1 true WO2019037003A1 (en) 2019-02-28

Family

ID=65439705

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/098765 WO2019037003A1 (en) 2017-08-24 2017-08-24 Identity logic verification method and terminal

Country Status (1)

Country Link
WO (1) WO2019037003A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101964789A (en) * 2010-09-26 2011-02-02 北京飞天诚信科技有限公司 Method and system for safely accessing protected resources
CN103067612A (en) * 2013-01-30 2013-04-24 广东欧珀移动通信有限公司 Private information viewing method and system based on mobile terminal equipment
CN103294941A (en) * 2012-02-22 2013-09-11 腾讯科技(深圳)有限公司 Method for accessing private space and mobile device
CN104239804A (en) * 2013-06-07 2014-12-24 腾讯科技(深圳)有限公司 Data protecting method and device
CN107609361A (en) * 2017-08-24 2018-01-19 深圳双创科技发展有限公司 Identity logic verification method and terminal
CN107633161A (en) * 2017-08-24 2018-01-26 深圳双创科技发展有限公司 The terminal and Related product of the access control of protected data

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101964789A (en) * 2010-09-26 2011-02-02 北京飞天诚信科技有限公司 Method and system for safely accessing protected resources
CN103294941A (en) * 2012-02-22 2013-09-11 腾讯科技(深圳)有限公司 Method for accessing private space and mobile device
CN103067612A (en) * 2013-01-30 2013-04-24 广东欧珀移动通信有限公司 Private information viewing method and system based on mobile terminal equipment
CN104239804A (en) * 2013-06-07 2014-12-24 腾讯科技(深圳)有限公司 Data protecting method and device
CN107609361A (en) * 2017-08-24 2018-01-19 深圳双创科技发展有限公司 Identity logic verification method and terminal
CN107633161A (en) * 2017-08-24 2018-01-26 深圳双创科技发展有限公司 The terminal and Related product of the access control of protected data

Similar Documents

Publication Publication Date Title
US8621209B1 (en) Confidence-based authentication
US10621577B2 (en) Controlling access to data
BR112018007449B1 (en) COMPUTING DEVICE, COMPUTER IMPLEMENTED METHOD AND COMPUTER READABLE MEMORY DEVICE
US20130246272A1 (en) Secure mobile transactions
US20130067551A1 (en) Multilevel Authentication
US10567375B1 (en) Systems and methods for data access control and account management
ES2802924T3 (en) Method and system for the authentication of a service
Cook Selfie banking: is it a reality?
TW202009834A (en) Core-body product push and core-body method and system
US20230237490A1 (en) Authentication transaction
US8433288B2 (en) Multilevel authentication
TW201248447A (en) Method and apparatus for dynamic modification of authentication requirements of a processing system
US20190354669A1 (en) 3d virtual interactive digital user authentication security
US20230097001A1 (en) Microtransaction detection and authorization systems and methods
US11902275B2 (en) Context-based authentication of a user
Stanislav Two-factor authentication
US11315107B2 (en) Automated purchase card disable system and method
TWI697860B (en) Information sharing method, device and electronic equipment
Domingo et al. Digital Identity: the current state of affairs
US20210217024A1 (en) System and Method of Consolidating Identity Services
US20140215592A1 (en) Method, apparatus and system for user authentication
WO2019037003A1 (en) Identity logic verification method and terminal
WO2014117563A1 (en) Method, apparatus and system for user authentication
WO2020082833A1 (en) Transfer method and apparatus, and device
US10491391B1 (en) Feedback-based data security

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17922430

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17922430

Country of ref document: EP

Kind code of ref document: A1