WO2019232868A1 - User information authentication method and apparatus, and computer device and storage medium - Google Patents

User information authentication method and apparatus, and computer device and storage medium Download PDF

Info

Publication number
WO2019232868A1
WO2019232868A1 PCT/CN2018/094343 CN2018094343W WO2019232868A1 WO 2019232868 A1 WO2019232868 A1 WO 2019232868A1 CN 2018094343 W CN2018094343 W CN 2018094343W WO 2019232868 A1 WO2019232868 A1 WO 2019232868A1
Authority
WO
WIPO (PCT)
Prior art keywords
verification
user
information
target
request
Prior art date
Application number
PCT/CN2018/094343
Other languages
French (fr)
Chinese (zh)
Inventor
李云利
李辉
洪宇明
石宇
张文君
孙雄
张小敏
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2019232868A1 publication Critical patent/WO2019232868A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]

Definitions

  • the present application relates to the field of computer technology, and in particular, to a user information verification method, device, computer device, and storage medium.
  • a user when a user handles a business with high security requirements in an enterprise or platform, user information verification is usually required. For some user information, further authentication is required to implement the verification process, such as an ID card. Information and bank card information. However, when authenticating the user's identity card information and bank card information, both need to entrust a third-party platform for authentication, and corresponding fees must be paid to the third-party platform. Although this verification method can ensure the authenticity of user information, the verification process takes some time and the verification efficiency is low.
  • a user information verification method includes:
  • the user information verification request includes the target user identity and the target service type.
  • each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
  • a user information verification device includes:
  • a first obtaining module configured to obtain a user information verification request, where the user information verification request includes a target user identifier and a target service type;
  • a second obtaining module configured to obtain user authentication information based on the target user identifier
  • a third obtaining module configured to obtain the reference verification fields of the user information verification request based on the target service type, where the reference verification fields are at least two;
  • a first response module is configured to respond to the user information verification request if each of the benchmark verification fields queries matching verification data in the user verification information.
  • a computer device includes a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor.
  • the processor executes the computer-readable instructions, the following steps are implemented:
  • the user information verification request includes the target user identity and the target service type.
  • each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
  • One or more non-volatile readable storage media storing computer-readable instructions, which when executed by one or more processors, cause the one or more processors to perform the following steps:
  • the user information verification request includes the target user identity and the target service type.
  • each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
  • FIG. 1 is a schematic diagram of an application environment of a user information verification method according to an embodiment of the present application
  • FIG. 2 is a flowchart of a user information verification method according to an embodiment of the present application.
  • FIG. 3 is a flowchart of verifying login in a user information verification method according to an embodiment of the present application
  • FIG. 4 is a flowchart of integrating user authentication information in a user information authentication method according to an embodiment of the present application
  • step S22 is a flowchart of implementing step S22 in a user information verification method according to an embodiment of the present application
  • FIG. 6 is a flowchart of verifying mismatched verification data in a user information verification method according to an embodiment of the present application
  • FIG. 7 is a flowchart of a user information verification method according to an embodiment of the present application.
  • FIG. 8 is a principle block diagram of a user information verification device in an embodiment of the present application.
  • FIG. 9 is a schematic diagram of a computer device in an embodiment of the present application.
  • the user information verification method provided in this application can be applied in the application environment shown in FIG. 1, in which a client (computer device) communicates with a server through a network.
  • the client obtains the user information verification request and sends the user information verification request to the server.
  • the server After the server obtains the user information verification request, it processes it based on the user information verification request and responds to the user information verification request.
  • the computer device may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices.
  • the server can be implemented by an independent server or a server cluster composed of multiple servers.
  • a method for verifying user information is provided.
  • the method is applied to the server in FIG. 1 as an example, and includes the following steps:
  • the user information verification request includes a target user identity and a target service type.
  • the user information verification request refers to a request for verifying identity information triggered by a user's need to handle corresponding services.
  • the target user ID is a user ID corresponding to a user who authenticates user information.
  • the user ID is suitable for distinguishing different users.
  • the user ID may be a user's ID number or an account ID uniquely corresponding to the user.
  • the target service type refers to the type of target service that the user needs to handle. Different types of target services require different identity information to be verified.
  • S20 Acquire user authentication information based on the target user identity.
  • the target user ID is unique, the target user ID can be used as a search field to retrieve user authentication information of the target user ID.
  • user authentication information may be obtained in the big data platform based on the target user identification.
  • the user authentication information is authenticated user identity information.
  • the user may need to verify the user identity information when performing other services. After verification, the corresponding user authentication data is formed.
  • the user ’s The sum of the authentication data is its user authentication information.
  • obtaining the user authentication information based on the target user ID is to obtain the user authentication information corresponding to the target user ID in the business that has been processed in the past through the target user ID.
  • the user authentication information may include at least one of the user's name, ID card number, mobile phone number, bank card number, or fingerprint information.
  • the verification information corresponding to the mobile phone number, bank card number, and fingerprint information may be one or more.
  • the user verification information verified by the user when conducting a service is the first mobile phone number, the first bank card number, and the fingerprint of the left thumb
  • the user verification information verified by the other service is the second mobile phone number, the first Bank card number and right thumb fingerprint information. Therefore, the user authentication information of the user obtained based on the target user identification is the first mobile phone number, the second mobile phone number, the first bank card number, the left-hand thumb fingerprint information, and the right-hand thumb fingerprint information.
  • S30 Obtain a reference verification field of the user information verification request based on the target service type, where the reference verification field is at least two.
  • the benchmark verification field is a field corresponding to the user identity information that needs to be verified in the corresponding target service in the user information verification request.
  • the content to be verified will also be different. For example, for some general services, you may only need to verify the user ’s name, ID number, and mobile phone number, while for more core services, you may need to verify the user ’s name, ID number, mobile phone number, bank card number, and fingerprint information. Therefore, based on the target business type, a benchmark verification field of the target business type is obtained.
  • the user's name, ID number, mobile phone number, and bank card number need to be verified, and then the base verification field of the user information verification request is obtained based on the target business type Name, ID number, mobile number, and bank card number.
  • S40 Query user authentication information based on the benchmark authentication field.
  • the user authentication information is queried for user identity information that needs to be verified for the target service type.
  • the reference verification field is a name, an ID number, a mobile phone number, and a bank card number, based on the above reference verification field, query whether there is corresponding verification data in the user verification information.
  • matching verification data is found in the user verification information for each benchmark verification field, which means that there is verification data corresponding to the benchmark verification field in the user verification information. That is, if each benchmark verification field can successfully query the verification data matching the target service type in the user verification information, it responds to the user information verification request.
  • responding to the user information verification request may be a request to pass the user information verification.
  • the server after obtaining the user authentication request, the server obtains user authentication information based on the target user ID in the user authentication request, and queries the user authentication information through the reference authentication field obtained based on the target service type. If all the fields in the user authentication information match the authentication data, they will respond to the user information authentication request.
  • the user information verification method further includes the following steps:
  • the login request information includes a target user ID and a target user password.
  • the login request information refers to information that is processed by the client after obtaining the input information of the user on the login interface and is sent to the server.
  • the login request information includes the target user ID and the target user password. After the target user ID and the target user password constitute the login request information, the client sends the login request information to the server, and the server obtains the login request information.
  • the target user ID and the target user password may also be obtained by the client after encrypting the login information input by the user. Encryption processing can ensure the security of login request information during data transmission.
  • the user enters or selects account login information according to certain prompt information when registering, wherein the account login information includes the user's original user ID and registration password.
  • the server obtains the account login information, the server logs in to the account.
  • the information is stored in a registration record form.
  • the process of verifying the target user password based on the target user ID is specifically: the server finds the corresponding original user ID in the registration record table based on the target user ID, and performs the registration password and target user password corresponding to the original user ID. Comparison. If the two are the same, the verification is successful.
  • the server encrypts the registration password in the account login information in a preset manner, obtains the encrypted registration password, and stores it in the registration record table.
  • the login request information sent by the client to the server is also encrypted.
  • the way to encrypt the registration password is the same as the way to encrypt the login request information. Therefore, for the target user ID of the same user, if the entered login password is the same as the registered password, the encrypted target user password and encrypted registration password are also the same.
  • the server After obtaining the login request information, the server queries the encrypted registration password of the target user ID in the registration record table based on the target user ID. If the encrypted registration password is the same as the target user password in the login request information, the target user Password verification succeeded.
  • the existing service table includes an existing service and a corresponding service type.
  • S14 Obtain a target service type, and generate a user information verification request based on the target user identifier and the target service type.
  • the user selects a target service in the display interface of the client.
  • the client uses the service type corresponding to the target service as the target service type, and generates a user information verification request based on the target service type and the target user identifier.
  • the client then sends the user information verification request to the server, and the server obtains the user information verification request.
  • the user can perform login operations on different platforms by using the same target user ID and target user password, eliminating the need to repeatedly register an account, and reducing the number of accounts because there is only one account information for the same user ID.
  • the table capacity of the server registration record table saves storage space.
  • the user is authenticated with the login information before the user information is verified, thereby ensuring the security of the user information verification.
  • the security of the user's account information can be improved, and the risk of password leakage during data transmission can be effectively avoided.
  • the user information verification method further includes the following steps:
  • the user authentication data table is a table for storing authentication data when a user handles different services, and uses the user's original user ID to distinguish each user's user authentication data table.
  • the original user ID is a registered account set when the user is registered, and the user uniquely distinguishes different user IDs, such as an ID card number or an account ID.
  • corresponding interfaces are set in different services for data interaction. After obtaining the user information verification request, the user verification data table of each interface is obtained to facilitate subsequent integration of the verification data table.
  • a data extraction module may be added to each interface to extract a user authentication information data table.
  • the user authentication data table can be extracted from the database of each interface through the data extraction module and sent to the server.
  • the server obtains the user authentication data table for each interface.
  • the user authentication data table of the same original user ID at each interface may be extracted in units of the original user ID.
  • a data trigger may also be provided, which is used to record data change information when there is data change in the database of any interface.
  • a data trigger is used to send the changed user authentication data table to the big data platform through the data extraction module.
  • the big data platform updates and replaces the original Some user authentication data sheets.
  • duplicated verification data in the user authentication data table is combined or filtered, and the original user ID is used as a unit to form user authentication information of each original user ID.
  • the user authentication data tables sent by the data extraction module can be received through the big data platform, and these user authentication data tables can be collated and then sent to the server to improve data integration efficiency.
  • the user authentication data tables in each interface are obtained, and the user authentication data tables in each interface are integrated based on the same original user ID, so that the user authentication data of the same original user ID are in the same table. .
  • querying the corresponding authentication data in the user information verification it is not necessary to obtain the corresponding user authentication data table on each interface, which saves query time and improves query efficiency.
  • step S22 based on the same original user ID, the user authentication data table is integrated to obtain user authentication information, which specifically includes the following steps:
  • the corresponding user authentication data is obtained in the user authentication data table, and the user authentication data includes the original user ID, the verification content, and the verification date.
  • the original user ID is a user ID of a different user in the user authentication data table.
  • the verified content is the user identity information that the original user ID passed the verification.
  • the verification date is the date on which the verification content passed verification.
  • the verification content of the same original user ID query whether the same verification content exists, for example, the first mobile phone number of the same original user ID has been verified in both the first interface and the second interface, then In the user authentication data corresponding to the original user identifier, there will be two user authentication data whose authentication content is the first mobile phone number. If the same verification content exists, the verification date corresponding to the same verification content is obtained as the target verification date.
  • S223 Sort the target verification dates, obtain the latest target verification date and the verification content corresponding to the latest target verification date, and delete the user verification data corresponding to the non-latest target verification date.
  • the latest target verification date refers to a target verification date that is closest to the date when the user information verification request was obtained.
  • the target verification dates are sorted according to the time of the target verification date. After sorting the target verification dates, only the latest target verification date and the verification content corresponding to the latest target verification date are obtained, and the user verification data corresponding to the non-latest target verification date is deleted.
  • the user has verified the name, ID number and first mobile phone number on the first interface and the second interface, and the target verification date of the user's name, ID number and first mobile phone number on the first interface is 2017 On March 15, 2014, and the target verification date of the user ’s name, ID number, and first mobile phone number on the second interface is May 8, 2017, the user ’s name, ID number, and first ID on the second interface
  • the verification date of the mobile phone number is the latest target verification date
  • the target verification date of the user's first interface name, ID card number, and first mobile phone number is a non-latest target verification date.
  • the user authentication data of the verification content obtained from the first interface to be the name, the ID number, and the first mobile phone number will be deleted.
  • S224 Summarize user authentication data corresponding to the same original user ID to obtain user authentication information.
  • the same authentication content of the same original user ID is integrated, it is integrated with other authentication content of the same original user ID to obtain user authentication information of the original user ID.
  • the verification data in the user verification data table of Zhang San in the first interface is name, ID card number, first mobile phone number, first bank card number, right thumb fingerprint, and verification date of each verification content
  • the verification data in the user verification data table of the second interface is the name, ID card number, second mobile phone number and second bank card number, and the verification date of each verification content.
  • Zhang San ’s name and ID number are the same verification content. Therefore, it is judged that Zhang San ’s name and ID number are on the verification date of the first interface and the second interface, respectively, through the operations of steps S223 and S224. After that, Zhang San ’s user verification information was Zhang San ’s name, ID card number, first mobile phone number, second mobile phone number, first bank card number, second bank card number, right thumb thumbprint, and the verification date of each verification content. .
  • the same verification content is merged according to the target verification date, and the user verification data table is integrated to ensure the simplicity of the user verification information and improve the efficiency of subsequent queries.
  • the user information verification method further includes the following steps:
  • the existence of at least one reference verification field fails to query matching verification data in the user verification information, which means that there is at least one reference verification field, and corresponding verification data cannot be queried and obtained from the user verification information.
  • the reference verification field is name and fingerprint information, and there is no fingerprint information in the user verification information, no verification data matching the fingerprint information can be queried in the user verification information.
  • the reference verification field for which no matching verification data is obtained further includes verification data corresponding to the reference verification field in the user verification information, but the timeliness of the verification data does not satisfy the target service.
  • Type requirements When the user's verification content is verified, the time limit for verification content is set according to the type of business. Among them, the time limit refers to the date from the date of verification to the acquisition of the target business type, and the date of verification refers to the date when the verification content passes the verification.
  • the timeliness of the verification data does not meet the requirements of the target service type, which may mean that the timeliness corresponding to the verification data exceeds the timeliness requirement of the verification data of the target service type.
  • the target business type's time limit for verification data is half a year. If the verification date corresponding to the verification data in the user verification information is more than six months from the date of obtaining the target business type, it is determined that the time limit of the verification data does not meet The requirement of the target business type, that is, the verification data and the benchmark verification field do not match.
  • the reference verification field that does not obtain matching verification data is used as the target verification field to prompt the user to perform the target verification field verification.
  • S42 Send a target verification field verification request based on the target verification field.
  • the target verification field verification request is sent to the client to prompt the user to verify the verification content corresponding to the target verification field.
  • the target verification field verification request includes a target verification field.
  • S43 Obtain the target verification information corresponding to the target verification field verification request. If the verification of the target verification information passes, it responds to the user information verification request.
  • the user feeds back to the client the verification content contained in the verification request for the target verification field, and the client obtains the verification content and sends it to the server as the target verification information.
  • the server verifies the target authentication information sent by the client and verifies. If the verification succeeds, it responds to the user information verification request.
  • the corresponding reference verification field is verified to ensure the timeliness of user information verification, and at the same time, only the user is verified.
  • the benchmark verification field of the matching verification data is not obtained, which is beneficial to improving the efficiency of user information verification.
  • step S43 the user information verification request is responded. It includes the following steps:
  • S431 Obtain a service security level based on the target service type.
  • the business security level means that because of different target business types, the business security level of the target business type is also different. For example, you can set the service security level according to the service price of the target service type. If the service price is higher, the corresponding target service type is also higher. According to different business security levels, different levels of user authentication requests are sent.
  • S432 Send a corresponding user authentication request based on the service security level and the target user identity.
  • the user identity verification request may include but is not limited to: OTP (One-time Password), face recognition or short message verification, etc.
  • the specific verification method may be determined by the service security level, which is not limited here.
  • User authentication requests in different ways are sent according to different business security levels. Preferably, the higher the service security level, the stricter the corresponding user authentication request mode. For example, for ordinary business security levels, only text message verification is required, and for advanced business security levels, face recognition can be used for verification. Optionally, a combination of multiple verification methods may also be used for verification.
  • the user identity verification request may be a combination of face recognition and short message verification.
  • S433 Obtain user identity verification information. If the user identity verification information passes verification, the user information verification request verification passes.
  • the identity verification information refers to the verification information performed by the user according to the user authentication request. After the client obtains the identity verification information, it sends the identity verification information to the server. After the server obtains the user identity verification information, it performs verification. If the user identity verification information is verified, the user information verification request is verified.
  • the server verifies the user identity verification information based on the target user identity.
  • the user identity verification information may be compared with the user identity information stored in advance by the server. If the comparison result is a match, the user identity verification information is verified and the user information verification request is verified.
  • the user is authenticated based on the service security level of the target service type to ensure that the user performs operations and provides verification-free operations on the verification data, which improves the security of user information and reduces information leakage. risk.
  • a user information verification device is provided, and the user information verification device corresponds to the user information verification method in the above embodiment in a one-to-one correspondence.
  • the user information verification apparatus includes a first acquisition module 81, a second acquisition module 82, a third acquisition module 83, a query module 84, and a first response module 85.
  • the detailed description of each function module is as follows:
  • a first obtaining module 81 configured to obtain a user information verification request, where the user information verification request includes a target user identifier and a target service type;
  • a second obtaining module 82 configured to obtain user authentication information based on a target user identifier
  • a third obtaining module 83 configured to obtain a reference verification field of the user information verification request based on a target service type, where the reference verification field is at least two;
  • a query module 84 configured to query user authentication information based on the benchmark authentication field
  • a first response module 85 is configured to respond to a user information verification request if each reference verification field queries the user verification information for matching verification data.
  • the user information verification device further includes:
  • a login obtaining module 811 configured to obtain login request information, where the login request information includes a target user ID and a target user password;
  • a verification module 812 configured to verify a target user password based on the target user identifier
  • a sending module 813 is configured to send a list of service types if the password verification of the target user is successful
  • the request generating module 814 is configured to obtain a target service type, and generate a user information verification request based on the target user identifier and the target service type.
  • the user information verification device further includes:
  • the interface acquisition module 821 is configured to acquire a user authentication data table of each interface
  • the integration module 822 is configured to integrate the user authentication data table based on the same original user identifier to obtain user authentication information.
  • the integration module 822 further includes:
  • the verification data acquisition submodule 8221 is configured to obtain corresponding user verification data in a user verification data table based on the same original user identity, and the user verification data includes the original user identity, verification content, and verification date;
  • the verification date acquisition submodule 8222 is used to obtain the verification date in the user verification data of the same verification content as the target verification date if the user verification data of the same verification content exists in the same original user identification;
  • the verification date sorting submodule 8223 is used to sort the target verification dates, obtain the latest target verification date after the sort and the verification content corresponding to the latest target verification date, and delete the user verification data corresponding to the non-latest target verification date. ;
  • the verification information collating sub-module 8224 is configured to summarize user verification data corresponding to the same original user ID to obtain user verification information.
  • the user information verification device further includes:
  • a target verification field generating module 841 configured to use the corresponding benchmark verification field as a target verification field if at least one of the benchmark verification fields does not query matching verification data in the user verification information;
  • a sending module 842 configured to send a target verification field verification request based on the target verification field
  • the second response module 843 is configured to obtain target verification information corresponding to the target verification field verification request. If the verification of the target verification information passes, it responds to the user information verification request.
  • the second response module 843 includes:
  • a security level acquisition submodule 8431 configured to acquire a business security level based on a target service type
  • An identity verification sub-module 8432 configured to send a corresponding user identity verification request based on the service security level and the target user identity
  • a check submodule 8433 is configured to obtain user identity verification information. If the user identity verification information passes verification, the user information verification request verification passes.
  • Each module in the above-mentioned user information verification device may be implemented in whole or in part by software, hardware, and a combination thereof.
  • the above-mentioned modules may be embedded in the hardware in or independent of the processor in the computer device, or may be stored in the memory of the computer device in the form of software, so that the processor can call and execute the operations corresponding to the above modules.
  • a computer device is provided.
  • the computer device may be a server, and its internal structure diagram may be as shown in FIG. 9.
  • the computer device includes a processor, a memory, a network interface, and a database connected through a system bus.
  • the processor of the computer device is used to provide computing and control capabilities.
  • the memory of the computer device includes a non-volatile storage medium and an internal memory.
  • the non-volatile storage medium stores an operating system, computer-readable instructions, and a database.
  • the internal memory provides an environment for the operation of the operating system and computer-readable instructions in a non-volatile storage medium.
  • the computer equipment database is used to store user authentication information.
  • the network interface of the computer device is used to communicate with an external terminal through a network connection.
  • the computer-readable instructions are executed by a processor to implement a method for verifying user information.
  • a computer device including a memory, a processor, and computer-readable instructions stored on the memory and executable on the processor.
  • the processor executes the computer-readable instructions, the following steps are implemented:
  • the user information verification request includes the target user identity and the target service type.
  • each benchmark verification field finds matching verification data in the user verification information, it responds to the user information verification request.
  • one or more non-volatile readable storage media storing computer-readable instructions are provided, and when the computer-readable instructions are executed by one or more processors, the one or more Each processor performs the following steps:
  • the user information verification request includes the target user identity and the target service type.
  • each benchmark verification field finds matching verification data in the user verification information, it responds to the user information verification request.
  • Non-volatile memory may include read-only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
  • Volatile memory can include random access memory (RAM) or external cache memory.
  • RAM is available in various forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), dual data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).

Abstract

Disclosed are a user information authentication method and apparatus, and a computer device and a storage medium. The user information authentication method comprises: obtaining a user information authentication request, the user information authentication request comprising a target user identification and a target service type; obtaining user authentication information based on the target user identification; obtaining reference authentication fields of the user information authentication request based on the target service type, wherein there are at least two reference authentication fields; querying user authentication information based on the reference authentication fields; and if each of the reference authentication fields queries the user authentication information for matching authentication data, responding to the user information authentication request. The method improves the efficiency of user information authentication.

Description

用户信息验证方法、装置、计算机设备及存储介质User information verification method, device, computer equipment and storage medium
本申请以2018年06月08日提交的申请号为201810585016.1,名称为“用户信息验证方法、装置、计算机设备及存储介质”的中国发明专利申请为基础,并要求其优先权。This application is based on a Chinese invention patent application filed on June 08, 2018 with application number 201810585016.1 and entitled "User Information Verification Method, Device, Computer Equipment and Storage Medium" and claims its priority.
技术领域Technical field
本申请涉及计算机技术领域,尤其涉及一种用户信息验证方法、装置、计算机设备及存储介质。The present application relates to the field of computer technology, and in particular, to a user information verification method, device, computer device, and storage medium.
背景技术Background technique
目前,用户在一个企业或者平台中办理安全性要求较高的业务时,通常都需要进行用户信息的验证,而对于部分用户信息还需要进行进一步的鉴权而实现验证的过程,例如,身份证信息和银行卡信息。然而,在对用户的身份证信息和银行卡信息进行鉴权时,均需要委托第三方平台进行鉴权,并且需要向第三方平台支付相应的费用。虽然这种验证方式可以保证用户信息的真实性,但是验证环节需要花费一定的时间,验证效率较低。At present, when a user handles a business with high security requirements in an enterprise or platform, user information verification is usually required. For some user information, further authentication is required to implement the verification process, such as an ID card. Information and bank card information. However, when authenticating the user's identity card information and bank card information, both need to entrust a third-party platform for authentication, and corresponding fees must be paid to the third-party platform. Although this verification method can ensure the authenticity of user information, the verification process takes some time and the verification efficiency is low.
发明内容Summary of the Invention
基于此,有必要针对上述技术问题,提供一种可以提高用户信息验证效率的用户信息验证方法、装置、计算机设备及存储介质。Based on this, it is necessary to provide a user information verification method, device, computer equipment, and storage medium that can improve the efficiency of user information verification in response to the above technical problems.
一种用户信息验证方法,包括:A user information verification method includes:
获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型;Obtain a user information verification request. The user information verification request includes the target user identity and the target service type.
基于目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
基于基准验证字段查询用户验证信息;Query user authentication information based on the benchmark authentication field;
若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。If each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
一种用户信息验证装置,包括:A user information verification device includes:
第一获取模块,用于获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型;A first obtaining module, configured to obtain a user information verification request, where the user information verification request includes a target user identifier and a target service type;
第二获取模块,用于基于目标用户标识获取用户验证信息;A second obtaining module, configured to obtain user authentication information based on the target user identifier;
第三获取模块,用于基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;A third obtaining module, configured to obtain the reference verification fields of the user information verification request based on the target service type, where the reference verification fields are at least two;
查询模块,用于基于基准验证字段查询用户验证信息;A query module for querying user authentication information based on the benchmark authentication field;
第一响应模块,用于若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。A first response module is configured to respond to the user information verification request if each of the benchmark verification fields queries matching verification data in the user verification information.
一种计算机设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如下步骤:A computer device includes a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor. When the processor executes the computer-readable instructions, the following steps are implemented:
获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型;Obtain a user information verification request. The user information verification request includes the target user identity and the target service type.
基于目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
基于基准验证字段查询用户验证信息;Query user authentication information based on the benchmark authentication field;
若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。If each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
一个或多个存储有计算机可读指令的非易失性可读存储介质,所述计算机可读指令被一个或多个处理器执行时,使得所述一个或多个处理器执行如下步骤:One or more non-volatile readable storage media storing computer-readable instructions, which when executed by one or more processors, cause the one or more processors to perform the following steps:
获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型;Obtain a user information verification request. The user information verification request includes the target user identity and the target service type.
基于目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
基于基准验证字段查询用户验证信息;Query user authentication information based on the benchmark authentication field;
若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。If each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
本申请的一个或多个实施例的细节在下面的附图和描述中提出,本申请的其他特征和优点将从说明书、附图以及权利要求变得明显。Details of one or more embodiments of the present application are set forth in the accompanying drawings and description below, and other features and advantages of the present application will become apparent from the description, the drawings, and the claims.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本申请实施例的技术方案,下面将对本申请实施例的描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例, 对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to explain the technical solutions of the embodiments of the present application more clearly, the drawings used in the description of the embodiments of the application will be briefly introduced below. Obviously, the drawings in the following description are just some embodiments of the application. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without paying creative labor.
图1是本申请一实施例中用户信息验证方法的一应用环境示意图;FIG. 1 is a schematic diagram of an application environment of a user information verification method according to an embodiment of the present application; FIG.
图2是本申请一实施例中用户信息验证方法的一流程图;2 is a flowchart of a user information verification method according to an embodiment of the present application;
图3是本申请一实施例中用户信息验证方法中对登录进行验证的一流程图;3 is a flowchart of verifying login in a user information verification method according to an embodiment of the present application;
图4是本申请一实施例中用户信息验证方法中对用户验证信息进行整合的一流程图;4 is a flowchart of integrating user authentication information in a user information authentication method according to an embodiment of the present application;
图5是本申请一实施例中用户信息验证方法中步骤S22的实现流程图;5 is a flowchart of implementing step S22 in a user information verification method according to an embodiment of the present application;
图6是本申请一实施例中用户信息验证方法中对不匹配的验证数据进行验证的一流程图;6 is a flowchart of verifying mismatched verification data in a user information verification method according to an embodiment of the present application;
图7是本申请一实施例中用户信息验证方法的一流程图;7 is a flowchart of a user information verification method according to an embodiment of the present application;
图8是本申请一实施例中用户信息验证装置的一原理框图;FIG. 8 is a principle block diagram of a user information verification device in an embodiment of the present application; FIG.
图9是本申请一实施例中计算机设备的一示意图。FIG. 9 is a schematic diagram of a computer device in an embodiment of the present application.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。In the following, the technical solutions in the embodiments of the present application will be clearly and completely described with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of this application.
本申请提供的用户信息验证方法,可应用在如图1的应用环境中,其中,客户端(计算机设备)通过网络与服务端进行通信。客户端获取用户信息验证请求,并将用户信息验证请求发送至服务器。服务端获取到用户信息验证请求后,基于用户信息验证请求进行相应地处理,并响应该用户信息验证请求。其中,计算机设备可以但不限于各种个人计算机、笔记本电脑、智能手机、平板电脑和便携式可穿戴设备。服务端可以用独立的服务器或者是多个服务器组成的服务器集群来实现。The user information verification method provided in this application can be applied in the application environment shown in FIG. 1, in which a client (computer device) communicates with a server through a network. The client obtains the user information verification request and sends the user information verification request to the server. After the server obtains the user information verification request, it processes it based on the user information verification request and responds to the user information verification request. Among them, the computer device may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices. The server can be implemented by an independent server or a server cluster composed of multiple servers.
在一实施例中,如图2所示,提供一种用户信息验证方法,以该方法应用在图1中的服务端为例进行说明,包括如下步骤:In an embodiment, as shown in FIG. 2, a method for verifying user information is provided. The method is applied to the server in FIG. 1 as an example, and includes the following steps:
S10:获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型。S10: Acquire a user information verification request. The user information verification request includes a target user identity and a target service type.
用户信息验证请求是指用户需要办理对应业务而触发的需要对身份信息进行验证的请求。目标用户标识为进行用户信息验证的用户对应的用户标识,用户标识适用于区分不同用户的标识,例如,用户标识可以是用户的身份证号码,或者是与用户唯一对应的账号 ID等。目标业务类型是指用户需要办理的目标业务对应的类型,其中不同类型的目标业务需要验证的身份信息不同。The user information verification request refers to a request for verifying identity information triggered by a user's need to handle corresponding services. The target user ID is a user ID corresponding to a user who authenticates user information. The user ID is suitable for distinguishing different users. For example, the user ID may be a user's ID number or an account ID uniquely corresponding to the user. The target service type refers to the type of target service that the user needs to handle. Different types of target services require different identity information to be verified.
S20:基于目标用户标识获取用户验证信息。S20: Acquire user authentication information based on the target user identity.
由于目标用户标识具有唯一性,因此可以将目标用户标识作为检索字段,检索该目标用户标识的用户验证信息。可选地,可以基于目标用户标识在大数据平台中获取用户验证信息。Because the target user ID is unique, the target user ID can be used as a search field to retrieve user authentication information of the target user ID. Optionally, user authentication information may be obtained in the big data platform based on the target user identification.
用户验证信息为已通过验证的用户身份信息,该用户在办理其他业务时,有可能需要对用户身份信息进行验证,而经过验证之后就会形成对应用户的验证数据,该用户在不同业务中的验证数据的总和就是其用户验证信息。而在该步骤中,基于目标用户标识获取用户验证信息,即是通过目标用户标识,获取该目标用户标识在以往办理过的业务中对应的用户验证信息。可选地,用户验证信息可以包括用户的姓名、身份证号、手机号、银行卡号或指纹信息等至少一项。其中,手机号、银行卡号和指纹信息对应的验证信息可以是一项或者是多项。The user authentication information is authenticated user identity information. The user may need to verify the user identity information when performing other services. After verification, the corresponding user authentication data is formed. The user ’s The sum of the authentication data is its user authentication information. In this step, obtaining the user authentication information based on the target user ID is to obtain the user authentication information corresponding to the target user ID in the business that has been processed in the past through the target user ID. Optionally, the user authentication information may include at least one of the user's name, ID card number, mobile phone number, bank card number, or fingerprint information. The verification information corresponding to the mobile phone number, bank card number, and fingerprint information may be one or more.
例如:用户在办理一个业务时通过验证的用户验证信息为第一手机号、第一银行卡号和左手拇指指纹信息,在办理另一个业务时通过验证的用户验证信息为第二手机号、第一银行卡号和右手拇指指纹信息。因此,基于目标用户标识获取的该用户的用户验证信息为第一手机号、第二手机号、第一银行卡号、左手拇指指纹信息和右手拇指指纹信息。For example, the user verification information verified by the user when conducting a service is the first mobile phone number, the first bank card number, and the fingerprint of the left thumb, and the user verification information verified by the other service is the second mobile phone number, the first Bank card number and right thumb fingerprint information. Therefore, the user authentication information of the user obtained based on the target user identification is the first mobile phone number, the second mobile phone number, the first bank card number, the left-hand thumb fingerprint information, and the right-hand thumb fingerprint information.
S30:基于目标业务类型获取用户信息验证请求的基准验证字段,其中,基准验证字段为至少两个。S30: Obtain a reference verification field of the user information verification request based on the target service type, where the reference verification field is at least two.
其中,基准验证字段为用户信息验证请求中对应的目标业务中,需要进行验证的用户身份信息对应的字段。具体地,基准验证字段为至少两个,例如,在对用户身份信息进行验证时,都会在验证用户的姓名的基础上再验证至少一个字段(例如:银行卡、身份证或者手机号)。因此,基准验证字段为至少两个。对于不同的目标业务类型,需要进行验证的内容也会存在不同。例如,对于一些普通业务,可能只需要验证用户的姓名、身份证号和手机号即可,而对于较为核心业务,可能需要验证用户的姓名、身份证号、手机号、银行卡号和指纹信息。因此通过基于目标业务类型,获取该目标业务类型的基准验证字段。The benchmark verification field is a field corresponding to the user identity information that needs to be verified in the corresponding target service in the user information verification request. Specifically, there are at least two benchmark verification fields. For example, when the user identity information is verified, at least one field (for example, a bank card, an ID card, or a mobile phone number) is verified based on the name of the user. Therefore, there are at least two benchmark verification fields. For different target business types, the content to be verified will also be different. For example, for some general services, you may only need to verify the user ’s name, ID number, and mobile phone number, while for more core services, you may need to verify the user ’s name, ID number, mobile phone number, bank card number, and fingerprint information. Therefore, based on the target business type, a benchmark verification field of the target business type is obtained.
例如,对于一目标业务类型,在办理该类型的目标业务时,需要对用户的姓名、身份证号、手机号码和银行卡号进行验证,则基于该目标业务类型获取用户信息验证请求的基准验证字段为姓名、身份证号、手机号码和银行卡号。For example, for a target business type, when processing a target business of this type, the user's name, ID number, mobile phone number, and bank card number need to be verified, and then the base verification field of the user information verification request is obtained based on the target business type Name, ID number, mobile number, and bank card number.
S40:基于基准验证字段查询用户验证信息。S40: Query user authentication information based on the benchmark authentication field.
具体地,根据获取的基准验证字段,在用户验证信息中查询该目标业务类型所需要进行验证的用户身份信息。例如,若基准验证字段为姓名、身份证号、手机号码和银行卡号,则基于上述基准验证字段在用户验证信息中查询是否存在相对应的验证数据。Specifically, according to the obtained reference verification field, the user authentication information is queried for user identity information that needs to be verified for the target service type. For example, if the reference verification field is a name, an ID number, a mobile phone number, and a bank card number, based on the above reference verification field, query whether there is corresponding verification data in the user verification information.
S50:若每一基准验证字段都在用户验证信息中查询到相匹配的验证数据,则响应用户信息验证请求。S50: If each benchmark verification field finds matching verification data in the user verification information, it responds to the user information verification request.
具体地,每一基准验证字段都在用户验证信息中查询到相匹配的验证数据,是指在用户验证信息中存在和基准验证字段对应的验证数据。即若每一个基准验证字段都能够在用户验证信息中,成功查询到该目标业务类型相匹配的验证数据,则响应该用户信息验证请求。可选地,响应该用户信息验证请求可以为通过该用户信息验证请求。Specifically, matching verification data is found in the user verification information for each benchmark verification field, which means that there is verification data corresponding to the benchmark verification field in the user verification information. That is, if each benchmark verification field can successfully query the verification data matching the target service type in the user verification information, it responds to the user information verification request. Optionally, responding to the user information verification request may be a request to pass the user information verification.
在本实施例中,服务器在获取到用户验证请求之后,基于用户验证请求中的目标用户标识获取用户验证信息,并且通过基于目标业务类型获取的基准验证字段查询用户验证信息,若每一基准验证字段都在用户验证信息中查询到相匹配的验证数据,则响应用户信息验证请求。通过上述步骤可以避免对已经在办理其他业务时已通过验证的用户信息进行重复验证,提高了用户信息验证的效率。In this embodiment, after obtaining the user authentication request, the server obtains user authentication information based on the target user ID in the user authentication request, and queries the user authentication information through the reference authentication field obtained based on the target service type. If all the fields in the user authentication information match the authentication data, they will respond to the user information authentication request. Through the above steps, repeated verification of user information that has already been verified when handling other services can be avoided, and the efficiency of user information verification is improved.
在一实施例中,如图3所示,在步骤S10之前,该用户信息验证方法还包括如下步骤:In an embodiment, as shown in FIG. 3, before step S10, the user information verification method further includes the following steps:
S11:获取登录请求信息,登录请求信息包括目标用户标识和目标用户密码。S11: Obtain login request information. The login request information includes a target user ID and a target user password.
在本申请实施例中,登录请求信息是指客户端在获取到用户在登录界面的输入信息之后经过处理,并发送到服务端中的信息。登录请求信息包括目标用户标识和目标用户密码。该目标用户标识和目标用户密码组成登录请求信息之后,客户端将该登录请求信息发送至服务端,服务端获取该登录请求信息。In the embodiment of the present application, the login request information refers to information that is processed by the client after obtaining the input information of the user on the login interface and is sent to the server. The login request information includes the target user ID and the target user password. After the target user ID and the target user password constitute the login request information, the client sends the login request information to the server, and the server obtains the login request information.
可选地,目标用户标识和目标用户密码也可以是客户端在获取到用户输入的登录信息之后进行加密得到的。通过加密处理可以保证登录请求信息在数据传输过程中的安全性。Optionally, the target user ID and the target user password may also be obtained by the client after encrypting the login information input by the user. Encryption processing can ensure the security of login request information during data transmission.
S12:基于目标用户标识对目标用户密码进行验证。S12: Verify the target user password based on the target user ID.
具体地,用户在注册之时会按照一定的提示信息输入或选择账户登录信息,其中,账户登录信息包括用户的原始用户标识和注册密码,服务端在获取该账户登录信息之后,将该账户登录信息存储在注册记录表中。而基于目标用户标识对目标用户密码进行验证的过程具体为:服务端基于目标用户标识在注册记录表中查找到对应的原始用户标识,并将该原始用户标识对应的注册密码和目标用户密码进行比对,若两者相同,则验证成功。Specifically, the user enters or selects account login information according to certain prompt information when registering, wherein the account login information includes the user's original user ID and registration password. After the server obtains the account login information, the server logs in to the account. The information is stored in a registration record form. The process of verifying the target user password based on the target user ID is specifically: the server finds the corresponding original user ID in the registration record table based on the target user ID, and performs the registration password and target user password corresponding to the original user ID. Comparison. If the two are the same, the verification is successful.
可选地,服务端将该账户登录信息中的注册密码按照预设的方式进行加密,得到加密注册密码后,再存储在注册记录表中。此时,客户端发送至服务端的登录请求信息也是经 过加密处理的。需要说明的是,对注册密码进行加密的方式与对登录请求信息加密的方式相同。因此,对于同一个用户的目标用户标识,若输入的登录密码与注册密码相同,则加密后得到的目标用户密码和加密注册密码也相同。Optionally, the server encrypts the registration password in the account login information in a preset manner, obtains the encrypted registration password, and stores it in the registration record table. At this time, the login request information sent by the client to the server is also encrypted. It should be noted that the way to encrypt the registration password is the same as the way to encrypt the login request information. Therefore, for the target user ID of the same user, if the entered login password is the same as the registered password, the encrypted target user password and encrypted registration password are also the same.
进一步地,服务端在获取登录请求信息之后,基于目标用户标识在注册记录表中查询该目标用户标识的加密注册密码,若该加密注册密码与登录请求信息中的目标用户密码相同,则目标用户密码验证成功。Further, after obtaining the login request information, the server queries the encrypted registration password of the target user ID in the registration record table based on the target user ID. If the encrypted registration password is the same as the target user password in the login request information, the target user Password verification succeeded.
S13:若目标用户密码验证成功,则发送业务类型列表。S13: If the password verification of the target user is successful, the service type list is sent.
在目标用户密码验证成功,则用户登录成功。在用户登录成功后,则获取该平台中的已有业务,并生成已有业务表,发送到客户端,以供用户选择。可选地,已有业务表包括已有业务和对应的业务类型。If the target user password is successfully verified, the user logs in successfully. After the user successfully logs in, the existing services in the platform are obtained, and the existing business table is generated and sent to the client for the user to choose. Optionally, the existing service table includes an existing service and a corresponding service type.
S14:获取目标业务类型,基于目标用户标识和目标业务类型生成用户信息验证请求。S14: Obtain a target service type, and generate a user information verification request based on the target user identifier and the target service type.
具体地,用户在客户端的显示界面中选择一个目标业务,客户端将该目标业务对应的业务类型作为目标业务类型,并基于该目标业务类型和目标用户标识生成用户信息验证请求。然后客户端将该用户信息验证请求发送至服务端,服务端获取到该用户信息验证请求。Specifically, the user selects a target service in the display interface of the client. The client uses the service type corresponding to the target service as the target service type, and generates a user information verification request based on the target service type and the target user identifier. The client then sends the user information verification request to the server, and the server obtains the user information verification request.
本实施例中,用户可以通过同一个目标用户标识和目标用户密码在不同的平台中进行登录操作,省去了重复注册账号的操作,同时也因为同一个用户标识只有一个账号信息,而减少了服务器注册记录表的表格容量,节省了存储空间。进一步地,在用户信息验证之前对用户进行登录信息的验证,保证了用户信息验证的安全性。而且,通过在客户端对用户的登录信息进行加密,再传输到服务端进行登录验证,能够提高用户的账号信息的安全性,有效地避免在数据传输的过程中出现密码泄露的风险。In this embodiment, the user can perform login operations on different platforms by using the same target user ID and target user password, eliminating the need to repeatedly register an account, and reducing the number of accounts because there is only one account information for the same user ID. The table capacity of the server registration record table saves storage space. Further, the user is authenticated with the login information before the user information is verified, thereby ensuring the security of the user information verification. Furthermore, by encrypting the user's login information on the client and transmitting it to the server for login verification, the security of the user's account information can be improved, and the risk of password leakage during data transmission can be effectively avoided.
在一实施例中,如图4所示,在步骤S20之前且在步骤S10之后,该用户信息验证方法还包括如下步骤:In an embodiment, as shown in FIG. 4, before step S20 and after step S10, the user information verification method further includes the following steps:
S21:获取各个接口的用户验证数据表。S21: Obtain a user authentication data table for each interface.
用户验证数据表是用于存储用户办理不同业务时的验证数据的表格,并使用该用户的原始用户标识区分每个用户的用户验证数据表。其中,原始用户标识为用户注册时设置的注册账号,用户唯一区分不同用户的标识,例如,身份证号或账号ID等。The user authentication data table is a table for storing authentication data when a user handles different services, and uses the user's original user ID to distinguish each user's user authentication data table. The original user ID is a registered account set when the user is registered, and the user uniquely distinguishes different user IDs, such as an ID card number or an account ID.
具体地,在不同业务中设置对应的接口,用于进行数据的交互。在获取到该用户信息验证请求后,通过获取各个接口的用户验证数据表,以便于后续进行验证数据表的整合。Specifically, corresponding interfaces are set in different services for data interaction. After obtaining the user information verification request, the user verification data table of each interface is obtained to facilitate subsequent integration of the verification data table.
可选地,可以在各个接口中加入数据抽取模块,用于抽取用户验证信息数据表。可选地,可以通过数据抽取模块,从各个接口的数据库中抽取用户验证数据表,并发送至服务 端。服务端获取到各个接口的用户验证数据表。具体地,可以以原始用户标识为单位,抽取同一原始用户标识在各个接口的用户验证数据表。Optionally, a data extraction module may be added to each interface to extract a user authentication information data table. Optionally, the user authentication data table can be extracted from the database of each interface through the data extraction module and sent to the server. The server obtains the user authentication data table for each interface. Specifically, the user authentication data table of the same original user ID at each interface may be extracted in units of the original user ID.
优选地,还可以设置有数据触发器,用于当任一接口的数据库中有数据发生变更时,记录数据变更信息。当检测到任一接口的用户验证数据表发生增加、删除或者修改的变更时,采用数据触发器将变更后的用户验证数据表,通过数据抽取模块发送至大数据平台,大数据平台更新替换原有的用户验证数据表。Preferably, a data trigger may also be provided, which is used to record data change information when there is data change in the database of any interface. When the user authentication data table of any interface is detected to be added, deleted, or modified, a data trigger is used to send the changed user authentication data table to the big data platform through the data extraction module. The big data platform updates and replaces the original Some user authentication data sheets.
S22:基于同一原始用户标识,整合用户验证数据表,得到用户验证信息。S22: Based on the same original user ID, the user authentication data table is integrated to obtain user authentication information.
具体地,基于同一原始用户标识,对用户验证数据表中,内容重复的验证数据进行合并或筛选,以原始用户标识为单位,组成各个原始用户标识的用户验证信息。Specifically, based on the same original user ID, duplicated verification data in the user authentication data table is combined or filtered, and the original user ID is used as a unit to form user authentication information of each original user ID.
可选地,可以通过大数据平台,接收由数据抽取模块发送的用户验证数据表,并将这些用户验证数据表进行整理,之后再发送到服务端,以提高数据整合效率。Optionally, the user authentication data tables sent by the data extraction module can be received through the big data platform, and these user authentication data tables can be collated and then sent to the server to improve data integration efficiency.
在本实施例中,通过获取各个接口中的用户验证数据表,通过基于同一原始用户标识,对各个接口的用户验证数据表进行整合,使得同一原始用户标识的用户验证数据都在同一张表格中。在用户信息验证中查询对应的验证数据时,不需要到各个接口上获取对应的用户验证数据表,节省了查询时间,提高了查询效率。In this embodiment, the user authentication data tables in each interface are obtained, and the user authentication data tables in each interface are integrated based on the same original user ID, so that the user authentication data of the same original user ID are in the same table. . When querying the corresponding authentication data in the user information verification, it is not necessary to obtain the corresponding user authentication data table on each interface, which saves query time and improves query efficiency.
在一实施例中,如图5所示,步骤S22中,即基于同一原始用户标识,整合用户验证数据表,得到用户验证信息,具体包括如下步骤:In an embodiment, as shown in FIG. 5, in step S22, based on the same original user ID, the user authentication data table is integrated to obtain user authentication information, which specifically includes the following steps:
S221:基于同一原始用户标识,在用户验证数据表中获取对应的用户验证数据,用户验证数据包括原始用户标识、验证内容和验证日期。S221: Based on the same original user ID, the corresponding user authentication data is obtained in the user authentication data table, and the user authentication data includes the original user ID, the verification content, and the verification date.
其中,原始用户标识是用户验证数据表中不同用户的用户标识。验证内容是该原始用户标识通过验证的用户身份信息。验证日期是指该验证内容通过验证的日期。The original user ID is a user ID of a different user in the user authentication data table. The verified content is the user identity information that the original user ID passed the verification. The verification date is the date on which the verification content passed verification.
S222:若同一原始用户标识中存在相同验证内容的用户验证数据,则获取相同验证内容的用户验证数据中的验证日期,作为目标验证日期。S222: If user authentication data of the same authentication content exists in the same original user ID, obtain the authentication date in the user authentication data of the same authentication content as the target authentication date.
具体地,在获取到同一原始用户标识的验证内容后,查询是否存在相同的验证内容,例如,同一原始用户标识的第一手机号码,在第一接口和第二接口中均已验证过,则该原始用户标识对应的用户验证数据中,会存在两条验证内容为第一手机号码的用户验证数据。若存在相同的验证内容,则分别获取相同验证内容对应的验证日期,作为目标验证日期。Specifically, after obtaining the verification content of the same original user ID, query whether the same verification content exists, for example, the first mobile phone number of the same original user ID has been verified in both the first interface and the second interface, then In the user authentication data corresponding to the original user identifier, there will be two user authentication data whose authentication content is the first mobile phone number. If the same verification content exists, the verification date corresponding to the same verification content is obtained as the target verification date.
S223:对目标验证日期进行排序,获取排序后最新的目标验证日期和该最新的目标验证日期对应的验证内容,并将非最新的目标验证日期对应的用户验证数据删除。S223: Sort the target verification dates, obtain the latest target verification date and the verification content corresponding to the latest target verification date, and delete the user verification data corresponding to the non-latest target verification date.
在本实施例中,该最新的目标验证日期是指与获取到该用户信息验证请求的日期最接近的目标验证日期。In this embodiment, the latest target verification date refers to a target verification date that is closest to the date when the user information verification request was obtained.
具体地,获取到目标验证日期后,对目标验证日期,按照目标验证日期的时间先后进行排序。在对目标验证日期进行排序后,只获取最新的目标验证日期和该最新的目标验证日期对应的验证内容,并将非最新的目标验证日期对应的用户验证数据删除。Specifically, after the target verification date is obtained, the target verification dates are sorted according to the time of the target verification date. After sorting the target verification dates, only the latest target verification date and the verification content corresponding to the latest target verification date are obtained, and the user verification data corresponding to the non-latest target verification date is deleted.
例如:用户在第一接口和第二接口均对姓名,身份证号和第一手机号进行过验证,且用户在第一接口的姓名,身份证号和第一手机号的目标验证日期为2017年3月15日,而用户在第二接口的姓名、身份证号和第一手机号的目标验证日期为2017年5月8日,则用户在第二接口的姓名、身份证号和第一手机号的验证日期为最新的目标验证日期,用户在第一接口的姓名、身份证号和第一手机号的目标验证日期为非最新的目标验证日期。此时会将从第一接口获取的验证内容为姓名、身份证号和第一手机号的用户验证数据删除。For example: The user has verified the name, ID number and first mobile phone number on the first interface and the second interface, and the target verification date of the user's name, ID number and first mobile phone number on the first interface is 2017 On March 15, 2014, and the target verification date of the user ’s name, ID number, and first mobile phone number on the second interface is May 8, 2017, the user ’s name, ID number, and first ID on the second interface The verification date of the mobile phone number is the latest target verification date, and the target verification date of the user's first interface name, ID card number, and first mobile phone number is a non-latest target verification date. At this time, the user authentication data of the verification content obtained from the first interface to be the name, the ID number, and the first mobile phone number will be deleted.
S224:汇总同一原始用户标识对应的用户验证数据,得到用户验证信息。S224: Summarize user authentication data corresponding to the same original user ID to obtain user authentication information.
进一步地,在对同一原始用户标识的相同的验证内容进行整合后,与该同一原始用户标识的其他验证内容进行整合,得到该原始用户标识的用户验证信息。Further, after the same authentication content of the same original user ID is integrated, it is integrated with other authentication content of the same original user ID to obtain user authentication information of the original user ID.
为了更好的理解本实施例的技术方案,下面通过一个具体地例子说明整合用户验证数据表过程,详述如下:In order to better understand the technical solution of this embodiment, the following describes a process of integrating the user authentication data table with a specific example, as follows:
例如,张三在第一接口的用户验证数据表中的验证数据为姓名、身份证号、第一手机号、第一银行卡号和右手拇指指纹以及各项验证内容的验证日期;张三在第二接口的用户验证数据表中的验证数据为姓名、身份证号、第二手机号和第二银行卡号以及各项验证内容的验证日期。For example, the verification data in the user verification data table of Zhang San in the first interface is name, ID card number, first mobile phone number, first bank card number, right thumb fingerprint, and verification date of each verification content; The verification data in the user verification data table of the second interface is the name, ID card number, second mobile phone number and second bank card number, and the verification date of each verification content.
其中,张三的姓名和身份证号为相同的验证内容,因此判断张三的姓名和身份证号分别在第一接口和第二接口的验证日期的时间先后,通过步骤S223和步骤S224的操作后,得到张三的用户验证信息为张三的姓名、身份证号、第一手机号、第二手机号、第一银行卡号、第二银行卡号和右手拇指指纹以及各项验证内容的验证日期。Among them, Zhang San ’s name and ID number are the same verification content. Therefore, it is judged that Zhang San ’s name and ID number are on the verification date of the first interface and the second interface, respectively, through the operations of steps S223 and S224. After that, Zhang San ’s user verification information was Zhang San ’s name, ID card number, first mobile phone number, second mobile phone number, first bank card number, second bank card number, right thumb thumbprint, and the verification date of each verification content. .
在本实施例中,通过根据目标验证日期对相同验证内容进行合并,并对用户验证数据表进行整合,保证用户验证信息的简洁,提高后续查询的效率。In this embodiment, the same verification content is merged according to the target verification date, and the user verification data table is integrated to ensure the simplicity of the user verification information and improve the efficiency of subsequent queries.
在一实施例中,如图6所示,在步骤S40之后,该用户信息验证方法还包括如下步骤:In an embodiment, as shown in FIG. 6, after step S40, the user information verification method further includes the following steps:
S41:若存在至少一个基准验证字段在用户验证信息中查询不到相匹配的验证数据,则将对应的基准验证字段作为目标验证字段。S41: If there is at least one reference verification field and no matching verification data is found in the user verification information, the corresponding reference verification field is used as the target verification field.
可选地,存在至少一个基准验证字段在用户验证信息中查询不到相匹配的验证数据, 是指在至少有一个基准验证字段,不能从用户验证信息中查询并获取到相对应的验证数据。例如,若基准验证字段为姓名和指纹信息,而用户验证信息中并不存在指纹信息,则在用户验证信息中查询不到和指纹信息相匹配的验证数据。Optionally, the existence of at least one reference verification field fails to query matching verification data in the user verification information, which means that there is at least one reference verification field, and corresponding verification data cannot be queried and obtained from the user verification information. For example, if the reference verification field is name and fingerprint information, and there is no fingerprint information in the user verification information, no verification data matching the fingerprint information can be queried in the user verification information.
优选地,在用户验证信息中,未获取到相匹配的验证数据的基准验证字段还包括该用户验证信息中存在和基准验证字段相对应的的验证数据,但是验证数据的时效不满足该目标业务类型要求。在对用户的验证内容进行验证的时候,会根据业务类型设置验证内容的时效。其中,时效是指从验证日期到获取目标业务类型的日期,验证日期是指该验证内容通过验证的日期。具体地,验证数据的时效不满足该目标业务类型要求,可以是指该验证数据对应的时效超过该目标业务类型的对验证数据的时效的要求。Preferably, in the user verification information, the reference verification field for which no matching verification data is obtained further includes verification data corresponding to the reference verification field in the user verification information, but the timeliness of the verification data does not satisfy the target service. Type requirements. When the user's verification content is verified, the time limit for verification content is set according to the type of business. Among them, the time limit refers to the date from the date of verification to the acquisition of the target business type, and the date of verification refers to the date when the verification content passes the verification. Specifically, the timeliness of the verification data does not meet the requirements of the target service type, which may mean that the timeliness corresponding to the verification data exceeds the timeliness requirement of the verification data of the target service type.
例如:目标业务类型对验证数据的时效要求为在半年,若用户验证信息中的验证数据对应的验证日期,到获取目标业务类型的日期超过六个月,则判定该验证数据的时效不满足该目标业务类型的要求,即该验证数据和基准验证字段是不匹配的。For example: the target business type's time limit for verification data is half a year. If the verification date corresponding to the verification data in the user verification information is more than six months from the date of obtaining the target business type, it is determined that the time limit of the verification data does not meet The requirement of the target business type, that is, the verification data and the benchmark verification field do not match.
因此,若存在在用户验证信息中,未获取到相匹配的验证数据的基准验证字段,则将未获取到相匹配的验证数据的基准验证字段作为目标验证字段,以提示用户对目标验证字段进行验证。Therefore, if there is a reference verification field in the user verification information that does not obtain matching verification data, the reference verification field that does not obtain matching verification data is used as the target verification field to prompt the user to perform the target verification field verification.
S42:基于目标验证字段发送目标验证字段验证请求。S42: Send a target verification field verification request based on the target verification field.
具体地,将该目标验证字段验证请求送至客户端,以提示用户对该目标验证字段对应的验证内容进行验证。优选地,该目标验证字段验证请求包括目标验证字段。Specifically, the target verification field verification request is sent to the client to prompt the user to verify the verification content corresponding to the target verification field. Preferably, the target verification field verification request includes a target verification field.
S43:获取目标验证字段验证请求对应的目标验证信息,若目标验证信息验证通过,则响应用户信息验证请求。S43: Obtain the target verification information corresponding to the target verification field verification request. If the verification of the target verification information passes, it responds to the user information verification request.
进一步地,用户向客户端反馈目标验证字段验证请求中包含的验证内容,客户端获取该验证内容,作为目标验证信息发送至服务端。服务端对接收到客户端发送的目标验证信息并进行验证,若验证通过,则响应用户信息验证请求。Further, the user feeds back to the client the verification content contained in the verification request for the target verification field, and the client obtains the verification content and sends it to the server as the target verification information. The server verifies the target authentication information sent by the client and verifies. If the verification succeeds, it responds to the user information verification request.
在本实施例中,若存在用户验证信息中未获取到相匹配的验证数据的基准验证字段,则对对应的基准验证字段进行验证,保证了用户信息验证的及时性,同时,仅验证在用户验证信息中,未获取到相匹配的验证数据的基准验证字段,有利于提高用户信息验证的效率。In this embodiment, if there is a reference verification field for which no matching verification data is obtained in the user verification information, the corresponding reference verification field is verified to ensure the timeliness of user information verification, and at the same time, only the user is verified. In the verification information, the benchmark verification field of the matching verification data is not obtained, which is beneficial to improving the efficiency of user information verification.
在一实施例中,如图7所示,步骤S43中,即响应用户信息验证请求。具体包括如下步骤:In an embodiment, as shown in FIG. 7, in step S43, the user information verification request is responded. It includes the following steps:
S431:基于目标业务类型获取业务安全等级。S431: Obtain a service security level based on the target service type.
具体地,业务安全等级是指由于目标业务类型的不同,因此目标业务类型的业务安全等级也不同。例如:可以按照目标业务类型的业务价格,进行业务安全等级的设置,若该业务价格越高,则对应的目标业务类型也越高。根据不同的业务安全等级,发送不同等级的用户身份验证请求。Specifically, the business security level means that because of different target business types, the business security level of the target business type is also different. For example, you can set the service security level according to the service price of the target service type. If the service price is higher, the corresponding target service type is also higher. According to different business security levels, different levels of user authentication requests are sent.
S432:基于业务安全等级和目标用户标识发送对应的用户身份验证请求。S432: Send a corresponding user authentication request based on the service security level and the target user identity.
进一步地,用户身份验证请求中可以包括但不限于:OTP(动态口令,One-time Password),人脸识别或者短信验证等,具体验证方式可以由业务安全等级确定,此处不做限制。根据不同业务安全等级,发送不同方式的用户身份验证请求。优选地,业务安全等级越高,对应的用户身份验证请求的方式越严格。例如,对于普通的业务安全等级,可以仅通过短信验证即可,对于高级的业务安全等级,可以通过人脸识别进行验证。可选地,也可以采用多种验证方式结合来进行验证,例如,用户身份验证请求可以是人脸识别和短信验证结合的方式。Further, the user identity verification request may include but is not limited to: OTP (One-time Password), face recognition or short message verification, etc. The specific verification method may be determined by the service security level, which is not limited here. User authentication requests in different ways are sent according to different business security levels. Preferably, the higher the service security level, the stricter the corresponding user authentication request mode. For example, for ordinary business security levels, only text message verification is required, and for advanced business security levels, face recognition can be used for verification. Optionally, a combination of multiple verification methods may also be used for verification. For example, the user identity verification request may be a combination of face recognition and short message verification.
S433:获取用户身份校验信息,若用户身份校验信息验证通过,则用户信息验证请求验证通过。S433: Obtain user identity verification information. If the user identity verification information passes verification, the user information verification request verification passes.
身份校验信息是指用户根据用户身份验证请求进行的验证信息。客户端在获取到身份校验信息之后,将身份校验信息发送至服务端。服务端获取该用户身份校验信息之后,进行验证。若用户身份校验信息验证通过,则用户信息验证请求验证通过。The identity verification information refers to the verification information performed by the user according to the user authentication request. After the client obtains the identity verification information, it sends the identity verification information to the server. After the server obtains the user identity verification information, it performs verification. If the user identity verification information is verified, the user information verification request is verified.
优选地,服务端在获取到用户身份校验信息后,基于该目标用户标识,对用户身份校验信息进行验证。可选地,可以将用户身份校验信息和服务端预先存储的用户身份信息进行比对。若比对结果为匹配,则用户身份校验信息验证通过,且用户信息验证请求验证通过。Preferably, after obtaining the user identity verification information, the server verifies the user identity verification information based on the target user identity. Optionally, the user identity verification information may be compared with the user identity information stored in advance by the server. If the comparison result is a match, the user identity verification information is verified and the user information verification request is verified.
在本实施例中,基于目标业务类型的业务安全等级对用户进行身份验证,确保是用户本人进行办理业务和对验证数据提供免验证的操作,提高了用户信息的安全性,降低了信息泄漏的风险。In this embodiment, the user is authenticated based on the service security level of the target service type to ensure that the user performs operations and provides verification-free operations on the verification data, which improves the security of user information and reduces information leakage. risk.
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。It should be understood that the size of the sequence numbers of the steps in the above embodiments does not mean the order of execution. The execution order of each process should be determined by its function and internal logic, and should not constitute any limitation on the implementation process of the embodiments of this application.
在一实施例中,提供一种用户信息验证装置,该用户信息验证装置与上述实施例中用户信息验证方法一一对应。如图8所示,该用户信息验证装置包括第一获取模块81、第二获取模块82、第三获取模块83、查询模块84和第一响应模块85。各功能模块详细说明如下:In one embodiment, a user information verification device is provided, and the user information verification device corresponds to the user information verification method in the above embodiment in a one-to-one correspondence. As shown in FIG. 8, the user information verification apparatus includes a first acquisition module 81, a second acquisition module 82, a third acquisition module 83, a query module 84, and a first response module 85. The detailed description of each function module is as follows:
第一获取模块81,用于获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型;A first obtaining module 81, configured to obtain a user information verification request, where the user information verification request includes a target user identifier and a target service type;
第二获取模块82,用于基于目标用户标识获取用户验证信息;A second obtaining module 82, configured to obtain user authentication information based on a target user identifier;
第三获取模块83,用于基于目标业务类型获取所述用户信息验证请求的基准验证字段,其中,基准验证字段为至少两个;A third obtaining module 83, configured to obtain a reference verification field of the user information verification request based on a target service type, where the reference verification field is at least two;
查询模块84,用于基于基准验证字段查询用户验证信息;A query module 84, configured to query user authentication information based on the benchmark authentication field;
第一响应模块85,用于若每一基准验证字段都在用户验证信息中查询到相匹配的验证数据,则响应用户信息验证请求。A first response module 85 is configured to respond to a user information verification request if each reference verification field queries the user verification information for matching verification data.
优选地,该用户信息验证装置还包括:Preferably, the user information verification device further includes:
登录获取模块811,用于获取登录请求信息,登录请求信息包括目标用户标识和目标用户密码;A login obtaining module 811, configured to obtain login request information, where the login request information includes a target user ID and a target user password;
验证模块812,用于基于目标用户标识对目标用户密码进行验证;A verification module 812, configured to verify a target user password based on the target user identifier;
发送模块813,用于若目标用户密码验证成功,则发送业务类型列表;A sending module 813 is configured to send a list of service types if the password verification of the target user is successful;
请求生成模块814,用于获取目标业务类型,基于目标用户标识和目标业务类型生成用户信息验证请求。The request generating module 814 is configured to obtain a target service type, and generate a user information verification request based on the target user identifier and the target service type.
优选地,该用户信息验证装置还包括:Preferably, the user information verification device further includes:
接口获取模块821,用于获取各个接口的用户验证数据表;The interface acquisition module 821 is configured to acquire a user authentication data table of each interface;
整合模块822,用于基于同一原始用户标识,整合用户验证数据表,得到用户验证信息。The integration module 822 is configured to integrate the user authentication data table based on the same original user identifier to obtain user authentication information.
优选地,该整合模块822还包括:Preferably, the integration module 822 further includes:
验证数据获取子模块8221,用于基于同一原始用户标识,在用户验证数据表中获取对应的用户验证数据,用户验证数据包括原始用户标识、验证内容和验证日期;The verification data acquisition submodule 8221 is configured to obtain corresponding user verification data in a user verification data table based on the same original user identity, and the user verification data includes the original user identity, verification content, and verification date;
验证日期获取子模块8222,用于若同一原始用户标识中存在相同验证内容的用户验证数据,则获取相同验证内容的用户验证数据中的验证日期,作为目标验证日期;The verification date acquisition submodule 8222 is used to obtain the verification date in the user verification data of the same verification content as the target verification date if the user verification data of the same verification content exists in the same original user identification;
验证日期整理子模块8223,用于对目标验证日期进行排序,获取排序后最新的目标验证日期和该最新的目标验证日期对应的验证内容,并将非最新的目标验证日期对应的用户验证数据删除;The verification date sorting submodule 8223 is used to sort the target verification dates, obtain the latest target verification date after the sort and the verification content corresponding to the latest target verification date, and delete the user verification data corresponding to the non-latest target verification date. ;
验证信息整理子模块8224,用于汇总同一原始用户标识对应的用户验证数据,得到用户验证信息。The verification information collating sub-module 8224 is configured to summarize user verification data corresponding to the same original user ID to obtain user verification information.
优选地,该用户信息验证装置还包括:Preferably, the user information verification device further includes:
目标验证字段生成模块841,用于若存在至少一个所述基准验证字段在所述用户验证信息中查询不到相匹配的验证数据,则将对应的基准验证字段作为目标验证字段;A target verification field generating module 841, configured to use the corresponding benchmark verification field as a target verification field if at least one of the benchmark verification fields does not query matching verification data in the user verification information;
发送模块842,用于基于目标验证字段发送目标验证字段验证请求;A sending module 842, configured to send a target verification field verification request based on the target verification field;
第二响应模块843,用于获取目标验证字段验证请求对应的目标验证信息,若目标验证信息验证通过,则响应用户信息验证请求。The second response module 843 is configured to obtain target verification information corresponding to the target verification field verification request. If the verification of the target verification information passes, it responds to the user information verification request.
优选地,该第二响应模块843包括:Preferably, the second response module 843 includes:
安全等级获取子模块8431,用于基于目标业务类型获取业务安全等级;A security level acquisition submodule 8431, configured to acquire a business security level based on a target service type;
身份验证子模块8432,用于基于业务安全等级和目标用户标识发送对应的用户身份验证请求;An identity verification sub-module 8432, configured to send a corresponding user identity verification request based on the service security level and the target user identity;
校验子模块8433,用于获取用户身份校验信息,若用户身份校验信息验证通过,则用户信息验证请求验证通过。A check submodule 8433 is configured to obtain user identity verification information. If the user identity verification information passes verification, the user information verification request verification passes.
关于用户信息验证装置的具体限定可以参见上文中对于用户信息验证方法的限定,在此不再赘述。上述用户信息验证装置中的各个模块可全部或部分通过软件、硬件及其组合来实现。上述各模块可以硬件形式内嵌于或独立于计算机设备中的处理器中,也可以以软件形式存储于计算机设备中的存储器中,以便于处理器调用执行以上各个模块对应的操作。For the specific limitation of the user information verification device, reference may be made to the limitation on the user information verification method described above, and details are not described herein again. Each module in the above-mentioned user information verification device may be implemented in whole or in part by software, hardware, and a combination thereof. The above-mentioned modules may be embedded in the hardware in or independent of the processor in the computer device, or may be stored in the memory of the computer device in the form of software, so that the processor can call and execute the operations corresponding to the above modules.
在一个实施例中,提供了一种计算机设备,该计算机设备可以是服务器,其内部结构图可以如图9所示。该计算机设备包括通过系统总线连接的处理器、存储器、网络接口和数据库。其中,该计算机设备的处理器用于提供计算和控制能力。该计算机设备的存储器包括非易失性存储介质、内存储器。该非易失性存储介质存储有操作系统、计算机可读指令和数据库。该内存储器为非易失性存储介质中的操作系统和计算机可读指令的运行提供环境。该计算机设备的数据库用于存储用户验证信息。该计算机设备的网络接口用于与外部的终端通过网络连接通信。该计算机可读指令被处理器执行时以实现一种用户信息验证方法。In one embodiment, a computer device is provided. The computer device may be a server, and its internal structure diagram may be as shown in FIG. 9. The computer device includes a processor, a memory, a network interface, and a database connected through a system bus. The processor of the computer device is used to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer-readable instructions, and a database. The internal memory provides an environment for the operation of the operating system and computer-readable instructions in a non-volatile storage medium. The computer equipment database is used to store user authentication information. The network interface of the computer device is used to communicate with an external terminal through a network connection. The computer-readable instructions are executed by a processor to implement a method for verifying user information.
在一个实施例中,提供了一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机可读指令,处理器执行计算机可读指令时实现以下步骤:In one embodiment, a computer device is provided, including a memory, a processor, and computer-readable instructions stored on the memory and executable on the processor. When the processor executes the computer-readable instructions, the following steps are implemented:
获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型;Obtain a user information verification request. The user information verification request includes the target user identity and the target service type.
基于目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
基于目标业务类型获取用户信息验证请求的基准验证字段,其中,基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
基于基准验证字段查询用户验证信息;Query user authentication information based on the benchmark authentication field;
若每一基准验证字段都在用户验证信息中查询到相匹配的验证数据,则响应用户信息验证请求。If each benchmark verification field finds matching verification data in the user verification information, it responds to the user information verification request.
在一个实施例中,提供了一个或多个存储有计算机可读指令的非易失性可读存储介质,所述计算机可读指令被一个或多个处理器执行时,使得所述一个或多个处理器执行如下步骤:In one embodiment, one or more non-volatile readable storage media storing computer-readable instructions are provided, and when the computer-readable instructions are executed by one or more processors, the one or more Each processor performs the following steps:
获取用户信息验证请求,用户信息验证请求包括目标用户标识和目标业务类型;Obtain a user information verification request. The user information verification request includes the target user identity and the target service type.
基于目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
基于目标业务类型获取用户信息验证请求的基准验证字段,其中,基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
基于基准验证字段查询用户验证信息;Query user authentication information based on the benchmark authentication field;
若每一基准验证字段都在用户验证信息中查询到相匹配的验证数据,则响应用户信息验证请求。If each benchmark verification field finds matching verification data in the user verification information, it responds to the user information verification request.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机可读指令来指令相关的硬件来完成,所述的计算机可读指令可存储于一非易失性计算机可读取存储介质中,该计算机可读指令在执行时,可包括如上述各方法的实施例的流程。其中,本申请所提供的各实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink)DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。A person of ordinary skill in the art can understand that all or part of the processes in the methods of the foregoing embodiments can be implemented by using computer-readable instructions to instruct related hardware. The computer-readable instructions can be stored in a non-volatile computer. In the readable storage medium, the computer-readable instructions, when executed, may include the processes of the embodiments of the methods described above. Wherein, any reference to the storage, storage, database, or other media used in the embodiments provided in this application may include non-volatile and / or volatile storage. Non-volatile memory may include read-only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. Volatile memory can include random access memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in various forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), dual data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,仅以上述各功能单元、模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能单元、模块完成,即将所述装置的内部结构划分成不同的功能单元或模块,以完成以上描述的全部或者部分功能。Those skilled in the art can clearly understand that, for the convenience and brevity of the description, only the above-mentioned division of functional units and modules is used as an example. In practical applications, the above functions can be assigned by different functional units, Module completion, that is, dividing the internal structure of the device into different functional units or modules to complete all or part of the functions described above.
以上所述实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例 对本申请进行了详细的说明,本领域的普通技术人员应当理解,其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围,均应包含在本申请的保护范围之内。The above-mentioned embodiments are only used to describe the technical solution of the present application, but are not limited thereto. Although the present application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that they can still implement the foregoing implementations. The technical solutions described in the examples are modified, or some of the technical features are equivalently replaced; and these modifications or replacements do not deviate the essence of the corresponding technical solutions from the spirit and scope of the technical solutions of the embodiments of the application, and should be included in Within the scope of this application.

Claims (20)

  1. 一种用户信息验证方法,其特征在于,所述用户信息验证方法包括:A user information verification method, characterized in that the user information verification method includes:
    获取用户信息验证请求,所述用户信息验证请求包括目标用户标识和目标业务类型;Obtaining a user information verification request, where the user information verification request includes a target user identity and a target service type;
    基于所述目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
    基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
    基于所述基准验证字段查询所述用户验证信息;Querying the user authentication information based on the benchmark authentication field;
    若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。If each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
  2. 如权利要求1所述的用户信息验证方法,其特征在于,在所述获取用户信息验证请求的步骤之前,所述用户信息验证方法还包括:The user information verification method according to claim 1, wherein before the step of obtaining a user information verification request, the user information verification method further comprises:
    获取登录请求信息,所述登录请求信息包括目标用户标识和目标用户密码;Obtaining login request information, where the login request information includes a target user ID and a target user password;
    基于所述目标用户标识对所述目标用户密码进行验证;Verifying the target user password based on the target user identifier;
    若所述目标用户密码验证成功,则发送业务类型列表;If the password verification of the target user is successful, sending a service type list;
    获取所述目标业务类型,基于所述目标用户标识和所述目标业务类型生成所述用户信息验证请求。Acquiring the target service type, and generating the user information verification request based on the target user identifier and the target service type.
  3. 如权利要求1所述的用户信息验证方法,其特征在于,在所述基于所述目标用户标识获取用户验证信息的步骤之前且在所述获取用户信息验证请求的步骤之后,所述用户信息验证方法还包括:The user information verification method according to claim 1, wherein before the step of obtaining user verification information based on the target user ID and after the step of obtaining user information verification request, the user information verification The method also includes:
    获取各个接口的用户验证数据表;Obtain user authentication data tables for each interface;
    基于同一原始用户标识,整合所述用户验证数据表,得到所述用户验证信息。Based on the same original user identification, the user authentication data table is integrated to obtain the user authentication information.
  4. 如权利要求3所述的用户信息验证方法,其特征在于,所述基于同一原始用户标识,整合所述用户验证数据表,得到所述用户验证信息,包括:The user information verification method according to claim 3, wherein the integrating the user verification data table based on the same original user identification to obtain the user verification information comprises:
    基于所述同一原始用户标识,在所述用户验证数据表中获取对应的用户验证数据,所述用户验证数据包括原始用户标识、验证内容和验证日期;Obtaining corresponding user verification data in the user verification data table based on the same original user identification, the user verification data including the original user identification, verification content and verification date;
    若所述同一原始用户标识中存在相同验证内容的所述用户验证数据,则获取相同验证内容的所述用户验证数据中的所述验证日期,作为目标验证日期;If the user verification data of the same verification content exists in the same original user identifier, obtaining the verification date in the user verification data of the same verification content as a target verification date;
    对目标验证日期进行排序,获取排序后最新的目标验证日期和该最新的目标验证日期对应的验证内容,并将非最新的目标验证日期对应的用户验证数据删除;Sort the target verification dates, obtain the latest target verification date and the verification content corresponding to the latest target verification date, and delete the user verification data corresponding to the non-latest target verification date;
    汇总所述同一原始用户标识对应的所述用户验证数据,得到所述用户验证信息。Summarizing the user authentication data corresponding to the same original user identifier to obtain the user authentication information.
  5. 如权利要求1所述的用户信息验证方法,其特征在于,在基于所述基准验证字段查询用户验证信息的步骤之后,所述用户信息验证方法还包括:The user information verification method according to claim 1, wherein after the step of querying user verification information based on the benchmark verification field, the user information verification method further comprises:
    若存在至少一个所述基准验证字段在所述用户验证信息中查询不到相匹配的验证数据,则将对应的所述基准验证字段作为目标验证字段;If at least one of the benchmark verification fields does not query for matching verification data in the user verification information, the corresponding benchmark verification field is used as the target verification field;
    基于所述目标验证字段发送目标验证字段验证请求;Sending a target verification field verification request based on the target verification field;
    获取所述目标验证字段验证请求对应的目标验证信息,若所述目标验证信息验证通过,则响应所述用户信息验证请求。Acquire the target verification information corresponding to the target verification field verification request, and if the target verification information verification is passed, respond to the user information verification request.
  6. 如权利要求5所述的用户信息验证方法,其特征在于,所述响应所述用户信息验证请求,包括:The user information verification method according to claim 5, wherein the response to the user information verification request comprises:
    基于所述目标业务类型获取业务安全等级;Obtaining a service security level based on the target service type;
    基于所述业务安全等级和所述目标用户标识发送对应的用户身份验证请求;Sending a corresponding user identity verification request based on the service security level and the target user identity;
    获取用户身份校验信息,若所述用户身份校验信息验证通过,则通过所述用户信息验证请求验证。Acquire user identity verification information, and if the user identity verification information is verified, request verification through the user information verification request.
  7. 一种用户信息验证装置,其特征在于,包括:A user information verification device, comprising:
    第一获取模块,用于获取用户信息验证请求,所述用户信息验证请求包括目标用户标识和目标业务类型;A first obtaining module, configured to obtain a user information verification request, where the user information verification request includes a target user identifier and a target service type;
    第二获取模块,用于基于所述目标用户标识获取用户验证信息;A second obtaining module, configured to obtain user authentication information based on the target user identifier;
    第三获取模块,用于基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;A third obtaining module, configured to obtain the reference verification fields of the user information verification request based on the target service type, where the reference verification fields are at least two;
    查询模块,用于基于所述基准验证字段查询用户验证信息;A query module, configured to query user verification information based on the benchmark verification field;
    第一响应模块,用于若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。A first response module is configured to respond to the user information verification request if each of the benchmark verification fields queries matching verification data in the user verification information.
  8. 如权利要求7所述的用户信息验证装置,其特征在于,所述用户信息验证还包括:The user information verification device according to claim 7, wherein the user information verification further comprises:
    登录获取模块,用于获取登录请求信息,所述登录请求信息包括目标用户标识和目标用户密码;A login obtaining module, configured to obtain login request information, where the login request information includes a target user ID and a target user password;
    验证模块,用于基于所述目标用户标识对所述目标用户密码进行验证;A verification module, configured to verify the target user password based on the target user identifier;
    发送模块,用于若所述目标用户密码验证成功,则发送业务类型列表;A sending module, configured to send a list of service types if the target user password verification succeeds;
    请求生成模块,用于获取目标业务类型,基于所述目标用户标识和目标业务类型生成用户信息验证请求。The request generating module is configured to obtain a target service type, and generate a user information verification request based on the target user identifier and the target service type.
  9. 一种计算机设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,其特征在于,所述处理器执行所述计算机可读指令时实现如下步骤:A computer device includes a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, and is characterized in that the processor implements the computer-readable instructions as follows step:
    获取用户信息验证请求,所述用户信息验证请求包括目标用户标识和目标业务类型;Obtaining a user information verification request, where the user information verification request includes a target user identity and a target service type;
    基于所述目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
    基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
    基于所述基准验证字段查询所述用户验证信息;Querying the user authentication information based on the benchmark authentication field;
    若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。If each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
  10. 如权利要求9所述的计算机设备,其特征在于,在所述获取用户信息验证请求的步骤之前,所述处理器执行所述计算机可读指令时还实现如下步骤:The computer device according to claim 9, wherein before the step of obtaining a user information verification request, the processor further implements the following steps when executing the computer-readable instructions:
    获取登录请求信息,所述登录请求信息包括目标用户标识和目标用户密码;Obtaining login request information, where the login request information includes a target user ID and a target user password;
    基于所述目标用户标识对所述目标用户密码进行验证;Verifying the target user password based on the target user identifier;
    若所述目标用户密码验证成功,则发送业务类型列表;If the password verification of the target user is successful, sending a service type list;
    获取所述目标业务类型,基于所述目标用户标识和所述目标业务类型生成所述用户信息验证请求。Acquiring the target service type, and generating the user information verification request based on the target user identifier and the target service type.
  11. 如权利要求9所述的计算机设备,其特征在于,在所述基于所述目标用户标识获取用户验证信息的步骤之前且在所述获取用户信息验证请求的步骤之后,所述处理器执行所述计算机可读指令时还实现如下步骤:The computer device according to claim 9, wherein before the step of obtaining user authentication information based on the target user identifier and after the step of obtaining user information authentication request, the processor executes the step The computer-readable instructions also implement the following steps:
    获取各个接口的用户验证数据表;Obtain user authentication data tables for each interface;
    基于同一原始用户标识,整合所述用户验证数据表,得到所述用户验证信息。Based on the same original user identification, the user authentication data table is integrated to obtain the user authentication information.
  12. 如权利要求11所述的计算机设备,其特征在于,所述基于同一原始用户标识,整合所述用户验证数据表,得到所述用户验证信息,具体包括以下步骤:The computer device according to claim 11, wherein the integrating the user authentication data table based on the same original user identification to obtain the user authentication information specifically includes the following steps:
    基于所述同一原始用户标识,在所述用户验证数据表中获取对应的用户验证数据,所述用户验证数据包括原始用户标识、验证内容和验证日期;Obtaining corresponding user verification data in the user verification data table based on the same original user identification, the user verification data including the original user identification, verification content, and verification date;
    若所述同一原始用户标识中存在相同验证内容的所述用户验证数据,则获取相同验证内容的所述用户验证数据中的所述验证日期,作为目标验证日期;If the user verification data of the same verification content exists in the same original user identifier, obtaining the verification date in the user verification data of the same verification content as a target verification date;
    对目标验证日期进行排序,获取排序后最新的目标验证日期和该最新的目标验证日期对应的验证内容,并将非最新的目标验证日期对应的用户验证数据删除;Sort the target verification date, obtain the latest target verification date and the verification content corresponding to the latest target verification date, and delete the user verification data corresponding to the latest target verification date;
    汇总所述同一原始用户标识对应的所述用户验证数据,得到所述用户验证信息。Summarizing the user authentication data corresponding to the same original user identifier to obtain the user authentication information.
  13. 如权利要求9所述的计算机设备,其特征在于,在基于所述基准验证字段查询用户验证信息的步骤之后,所述处理器执行所述计算机可读指令时还实现如下步骤:The computer device according to claim 9, wherein after the step of querying user authentication information based on the benchmark authentication field, the processor further implements the following steps when executing the computer-readable instructions:
    若存在至少一个所述基准验证字段在所述用户验证信息中查询不到相匹配的验证数据,则将对应的所述基准验证字段作为目标验证字段;If at least one of the benchmark verification fields does not query for matching verification data in the user verification information, the corresponding benchmark verification field is used as the target verification field;
    基于所述目标验证字段发送目标验证字段验证请求;Sending a target verification field verification request based on the target verification field;
    获取所述目标验证字段验证请求对应的目标验证信息,若所述目标验证信息验证通过,则响应所述用户信息验证请求。Acquire the target verification information corresponding to the target verification field verification request, and if the target verification information verification is passed, respond to the user information verification request.
  14. 如权利要求13所述的计算机设备,其特征在于,所述响应所述用户信息验证请求,具体包括以下步骤:The computer device according to claim 13, wherein the responding to the user information verification request specifically comprises the following steps:
    基于所述目标业务类型获取业务安全等级;Obtaining a service security level based on the target service type;
    基于所述业务安全等级和所述目标用户标识发送对应的用户身份验证请求;Sending a corresponding user identity verification request based on the service security level and the target user identity;
    获取用户身份校验信息,若所述用户身份校验信息验证通过,则通过所述用户信息验证请求验证。Acquire user identity verification information, and if the user identity verification information is verified, request verification through the user information verification request.
  15. 一个或多个存储有计算机可读指令的非易失性可读存储介质,所述计算机可读指令被一个或多个处理器执行时,使得所述一个或多个处理器执行如下步骤:One or more non-volatile readable storage media storing computer-readable instructions, which when executed by one or more processors, cause the one or more processors to perform the following steps:
    获取用户信息验证请求,所述用户信息验证请求包括目标用户标识和目标业务类型;Obtaining a user information verification request, where the user information verification request includes a target user identity and a target service type;
    基于所述目标用户标识获取用户验证信息;Obtaining user authentication information based on the target user identity;
    基于所述目标业务类型获取所述用户信息验证请求的基准验证字段,其中,所述基准验证字段为至少两个;Obtaining the reference verification fields of the user information verification request based on the target service type, wherein the reference verification fields are at least two;
    基于所述基准验证字段查询所述用户验证信息;Querying the user authentication information based on the benchmark authentication field;
    若每一所述基准验证字段都在所述用户验证信息中查询到相匹配的验证数据,则响应所述用户信息验证请求。If each of the benchmark verification fields finds matching verification data in the user verification information, it responds to the user information verification request.
  16. 如权利要求15所述的非易失性可读存储介质,其特征在于,在所述获取用户信息验证请求的步骤之前,所述计算机可读指令被一个或多个处理器执行时,使得所述一个或多个处理器还执行如下步骤:The non-volatile readable storage medium according to claim 15, wherein before the step of obtaining a user information verification request, the computer-readable instructions are executed by one or more processors to cause all The one or more processors also perform the following steps:
    获取登录请求信息,所述登录请求信息包括目标用户标识和目标用户密码;Obtaining login request information, where the login request information includes a target user ID and a target user password;
    基于所述目标用户标识对所述目标用户密码进行验证;Verifying the target user password based on the target user identifier;
    若所述目标用户密码验证成功,则发送业务类型列表;If the password verification of the target user is successful, sending a service type list;
    获取所述目标业务类型,基于所述目标用户标识和所述目标业务类型生成所述用户信 息验证请求。Acquiring the target service type, and generating the user information verification request based on the target user identifier and the target service type.
  17. 如权利要求15所述的非易失性可读存储介质,其特征在于,在所述基于所述目标用户标识获取用户验证信息的步骤之前且在所述获取用户信息验证请求的步骤之后,所述计算机可读指令被一个或多个处理器执行时,使得所述一个或多个处理器还执行如下步骤:The non-volatile readable storage medium according to claim 15, wherein before the step of obtaining user authentication information based on the target user identity and after the step of obtaining user information authentication request, all When the computer-readable instructions are executed by one or more processors, the one or more processors further perform the following steps:
    获取各个接口的用户验证数据表;Obtain user authentication data tables for each interface;
    基于同一原始用户标识,整合所述用户验证数据表,得到所述用户验证信息。Based on the same original user identification, the user authentication data table is integrated to obtain the user authentication information.
  18. 如权利要求17所述的非易失性可读存储介质,其特征在于,所述基于同一原始用户标识,整合所述用户验证数据表,得到所述用户验证信息,具体包括以下步骤:The non-volatile readable storage medium according to claim 17, wherein the integrating the user authentication data table based on the same original user identification to obtain the user authentication information, specifically comprises the following steps:
    基于所述同一原始用户标识,在所述用户验证数据表中获取对应的用户验证数据,所述用户验证数据包括原始用户标识、验证内容和验证日期;Obtaining corresponding user verification data in the user verification data table based on the same original user identification, the user verification data including the original user identification, verification content, and verification date;
    若所述同一原始用户标识中存在相同验证内容的所述用户验证数据,则获取相同验证内容的所述用户验证数据中的所述验证日期,作为目标验证日期;If the user verification data of the same verification content exists in the same original user identifier, obtaining the verification date in the user verification data of the same verification content as a target verification date;
    对目标验证日期进行排序,获取排序后最新的目标验证日期和该最新的目标验证日期对应的验证内容,并将非最新的目标验证日期对应的用户验证数据删除;Sort the target verification dates, obtain the latest target verification date and the verification content corresponding to the latest target verification date, and delete the user verification data corresponding to the non-latest target verification date;
    汇总所述同一原始用户标识对应的所述用户验证数据,得到所述用户验证信息。Summarizing the user authentication data corresponding to the same original user identifier to obtain the user authentication information.
  19. 如权利要求15所述的非易失性可读存储介质,其特征在于,在基于所述基准验证字段查询用户验证信息的步骤之后,所述计算机可读指令被一个或多个处理器执行时,使得所述一个或多个处理器还执行如下步骤:The non-volatile readable storage medium of claim 15, wherein after the step of querying user authentication information based on the benchmark authentication field, the computer-readable instructions are executed by one or more processors. So that the one or more processors further perform the following steps:
    若存在至少一个所述基准验证字段在所述用户验证信息中查询不到相匹配的验证数据,则将对应的所述基准验证字段作为目标验证字段;If at least one of the benchmark verification fields does not query for matching verification data in the user verification information, the corresponding benchmark verification field is used as the target verification field;
    基于所述目标验证字段发送目标验证字段验证请求;Sending a target verification field verification request based on the target verification field;
    获取所述目标验证字段验证请求对应的目标验证信息,若所述目标验证信息验证通过,则响应所述用户信息验证请求。Acquire the target verification information corresponding to the target verification field verification request, and if the target verification information verification is passed, respond to the user information verification request.
  20. 如权利要求19所述的非易失性可读存储介质,其特征在于,所述响应所述用户信息验证请求,具体包括以下步骤:The non-volatile readable storage medium according to claim 19, wherein the response to the user information verification request specifically comprises the following steps:
    基于所述目标业务类型获取业务安全等级;Obtaining a service security level based on the target service type;
    基于所述业务安全等级和所述目标用户标识发送对应的用户身份验证请求;Sending a corresponding user identity verification request based on the service security level and the target user identity;
    获取用户身份校验信息,若所述用户身份校验信息验证通过,则通过所述用户信息验证请求验证。Acquire user identity verification information, and if the user identity verification information is verified, request verification through the user information verification request.
PCT/CN2018/094343 2018-06-08 2018-07-03 User information authentication method and apparatus, and computer device and storage medium WO2019232868A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810585016.1 2018-06-08
CN201810585016.1A CN109034816A (en) 2018-06-08 2018-06-08 User information verification method, device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
WO2019232868A1 true WO2019232868A1 (en) 2019-12-12

Family

ID=64612290

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/094343 WO2019232868A1 (en) 2018-06-08 2018-07-03 User information authentication method and apparatus, and computer device and storage medium

Country Status (2)

Country Link
CN (1) CN109034816A (en)
WO (1) WO2019232868A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109858210A (en) * 2019-01-07 2019-06-07 平安科技(深圳)有限公司 Information Authentication method, apparatus, computer equipment and storage medium
CN110009386B (en) * 2019-01-28 2024-02-13 平安科技(深圳)有限公司 User classification method, device, computer equipment and storage medium
CN110505198A (en) * 2019-07-05 2019-11-26 中国平安财产保险股份有限公司 A kind of checking request method, apparatus, computer equipment and storage medium
CN111143395B (en) * 2019-11-28 2024-04-09 招银云创信息技术有限公司 Identity verification method, device, computer equipment and storage medium
CN111212075B (en) * 2020-01-02 2022-06-03 腾讯云计算(北京)有限责任公司 Service request processing method and device, electronic equipment and computer storage medium
CN111598122B (en) * 2020-04-01 2022-02-08 深圳壹账通智能科技有限公司 Data verification method and device, electronic equipment and storage medium
CN111541703B (en) * 2020-04-27 2023-04-07 平安银行股份有限公司 Terminal equipment authentication method and device, computer equipment and storage medium
CN111709803B (en) * 2020-06-12 2023-09-05 北京思特奇信息技术股份有限公司 Method and system for preventing unauthorized business handling

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104219050A (en) * 2014-08-08 2014-12-17 腾讯科技(深圳)有限公司 Voiceprint verification method and system, voiceprint verification server and voiceprint verification client side
CN105450582A (en) * 2014-06-24 2016-03-30 华为技术有限公司 Business processing method, terminal, server and system
US9317673B2 (en) * 2014-02-07 2016-04-19 Bank Of America Corporation Providing authentication using previously-validated authentication credentials
CN107018119A (en) * 2016-08-30 2017-08-04 阿里巴巴集团控股有限公司 Authentication system, method and platform

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106034123B (en) * 2015-03-17 2019-06-11 中国移动通信集团湖北有限公司 Authentication method, application system server and client
CN106888446B (en) * 2015-12-15 2019-07-23 中国电信股份有限公司 Methods, devices and systems for verification information recipient's property right identity
CN109328348B (en) * 2016-09-30 2023-03-03 华为技术有限公司 Service authentication method, system and related equipment
CN107993058A (en) * 2016-10-27 2018-05-04 阿里巴巴集团控股有限公司 A kind of Information Authentication method and system and server

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9317673B2 (en) * 2014-02-07 2016-04-19 Bank Of America Corporation Providing authentication using previously-validated authentication credentials
CN105450582A (en) * 2014-06-24 2016-03-30 华为技术有限公司 Business processing method, terminal, server and system
CN104219050A (en) * 2014-08-08 2014-12-17 腾讯科技(深圳)有限公司 Voiceprint verification method and system, voiceprint verification server and voiceprint verification client side
CN107018119A (en) * 2016-08-30 2017-08-04 阿里巴巴集团控股有限公司 Authentication system, method and platform

Also Published As

Publication number Publication date
CN109034816A (en) 2018-12-18

Similar Documents

Publication Publication Date Title
WO2019232868A1 (en) User information authentication method and apparatus, and computer device and storage medium
US11936789B1 (en) Biometric reference template record
US10771459B2 (en) Terminal apparatus, server apparatus, blockchain and method for FIDO universal authentication using the same
WO2020087778A1 (en) Multiple system login method, apparatus, computer device and storage medium
US10963867B2 (en) Hardware wallet and hardware wallet holder identity verification method
KR102370529B1 (en) Method and device for obtaining tracking information and recording it on the blockchain
US5706427A (en) Authentication method for networks
US5841970A (en) Authentication method for networks
US11790077B2 (en) Methods, mediums, and systems for establishing and using security questions
CN110675144A (en) Enhancing non-repudiation of blockchain transactions
US8146143B1 (en) Fraud detection
WO2020181809A1 (en) Data processing method and system based on interface checking, and computer device
US11595384B2 (en) Digital identity network interface system
WO2019153461A1 (en) Identity information changing method and apparatus, terminal device, and storage medium
US10805290B1 (en) Compliance and audit using biometric tokenization
WO2019136802A1 (en) Password changing method and apparatus, terminal device, and storage medium
US11218464B2 (en) Information registration and authentication method and device
WO2012040869A1 (en) User account recovery
TW202024975A (en) Information processing method and device, electronic equipment and computer readable storage medium
TWM595792U (en) Authorization system for cross-platform authorizing access to resources
US20190081794A1 (en) Systems and methods for user identity
WO2017049735A1 (en) Fingerprint authentication method, cloud server, fingerprint recognition method, and terminal
KR101876672B1 (en) Digital signature method using block chain and system performing the same
US10003464B1 (en) Biometric identification system and associated methods
TWI695608B (en) Mobile network address based verification system and method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18921738

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 11/03/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 18921738

Country of ref document: EP

Kind code of ref document: A1