CN101034984A - Establishing the true identify database of the user with the personal information submitted by the user - Google Patents
Establishing the true identify database of the user with the personal information submitted by the user Download PDFInfo
- Publication number
- CN101034984A CN101034984A CN 200610113311 CN200610113311A CN101034984A CN 101034984 A CN101034984 A CN 101034984A CN 200610113311 CN200610113311 CN 200610113311 CN 200610113311 A CN200610113311 A CN 200610113311A CN 101034984 A CN101034984 A CN 101034984A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- identity
- verification system
- identity information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6272—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2117—User registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
This invention discloses system and method to establish a database of user's real identity by using user's personal information. The methods includes: users through communications networks (including but not limited to a fixed, cable, wireless and telephone networks, mobile networks, the Internet, etc.), to applicant a user-identity from identity verification system; identity Verification System allocated to the user a user-identity through communication network, and suggests users to submit the identity information. Users submit identity information through authentication system in which all information are stored temporarily, after the passage of identity the authentication system will received from a third party database information and the corresponding expansion as described in the identity information of the pending merger, then store the information to the database of identity information system, and merge with the identity of the identity information, and identity-related information.
Description
Technical field
The present invention relates to a kind of method and system thereof that sets up the user ID data storehouse, the personal information that particularly a kind of user of utilization submits to is set up the method and system of user real identification database.
Background technology
Today of network (including gauze and wireless network) fast development, network trading is subjected to more and more individuals' favor.But meanwhile, the virtual property of network and anonymity make that the network fraud behavior and the behavior of going back on one's word are taken place whenever and wherever possible, and Development of E-business in serious threat.In the network fraud or the behavior of going back on one's word of wildness, the network trading person is stealthy at computer screen behind, and the impalpable problem of identity is one of its major reason.
How to set up effective internet transaction identity authentication mechanism, the credit rating that promotes both parties is the important channel of effective Control Network swindle, for the sound development of ecommerce important function is arranged.
Simultaneously, other network behavior such as internet dating also faces same swindle and honesty issue, sets up the effective network ID authentication mechanism of a cover and also very is necessary.In this article, except as otherwise noted, following " network " all refers to wired network and wireless network.
The prerequisite of above-mentioned authentication mechanism is how will be dispersed in each local personally identifiable information and organize effectively, and guarantee its authenticity.
Summary of the invention
The purpose of this invention is to provide personal information that a kind of user of utilization submits to and set up the method and system of user real identification database.
According to an aspect of the present invention, the personal information that provides a kind of user of utilization to submit to is here set up the method for user real identification database, may further comprise the steps:
1) user is by communication network, to logical number of identity of identity information verification system application;
2) the identity information verification system is distributed to identity of user logical number by communication network, and the prompting user submits identity information to;
3) user submits every identity information via communication network to authentication system;
4) every identity information of being submitted to of the temporary user of identity information verification system, and according to the difference of information category, the identity information that the user is submitted to carries out authenticity verification;
5) after the identity authenticity verification passes through, the identity information verification system stores described temporary identity information in the identity information database of identity information verification system into, and identity is associated with identity information for logical number, can be thereby set up one via the database of the logical number checking user real identification of identity.
Wherein, the personal information that the user submits to comprises user's communications number category information and user's certificate category information, wherein, the user's communications category information comprises user's information such as phone number, fixed telephone number, E-mail address, home address, QQ number, MSN number, user's disparate networks account number; User's certificate category information comprises information such as bank card, identity card, educational background card.
Wherein, above-mentioned verification step 4) comprising:
4-1) after the user submitted identity information to via communication network, the user verified the authenticity of this information to the verification system application;
4-2) verification system is judged the type of the personal information that the user submits to;
If 4-3) verification system judges that verification system sent authorization information to the user when described identity information was user's communications number category information, after the user returns correct authorization information, by verification system directly confirm the checking pass through;
If 4-4) verification system judges that described identity information is the certificate category information, then verification system information that the user is submitted to is transmitted to the third-party authentication subsystem and mates, return the extend information of matching result and correspondence at the third-party authentication subsystem after, if matching result is successfully, then verification system think the checking pass through.
Wherein, the checking above-mentioned steps 4-3) comprises:
4-3-1) number of the communicating number info class that provides in this identity information according to the user of verification system sends an accidental validation sign indicating number by communication network to the user, and points out this user feedback this accidental validation sign indicating number; And
If 4-3-2) user is consistent with the identifying code of verification system transmission by the accidental validation sign indicating number of communication network feedback, then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
Can confirm the authenticity of the communicating number info class number that the user submits to like this.
Wherein, the checking above-mentioned steps 4-3) comprises:
4-3-1 ') number of the communicating number info class that provides in this identity information according to the user of verification system sends request by communication network to the user, the message that the identity that the prompting user utilizes the number of this communicating number info class to return to have distributed is logical number; And
4-3-2 ') if the user responds this request, it is number identical that logical number of the identity that number by this communicating number info class returns and the identity of distributing to this cellphone subscriber are led to, and then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
Can under the situation of using identifying code, confirm the authenticity of the number of the communicating number info class that the user submits to like this.
According to a further aspect in the invention, provide the another kind of personal information of utilizing the user to submit to set up the method for user real identification database here, may further comprise the steps:
1) user is by communication network, to logical number of identity of identity information verification system application;
2) the identity information verification system is distributed to identity of user logical number by communication network, and the prompting user submits identity information to;
3) user submits every identity information via communication network to authentication system;
4) the temporary described every identity information of identity information verification system, and according to the difference of information category, the identity information that the user is submitted to carries out authenticity verification;
5) after the identity authenticity verification passes through, the respective identity extend information that the identity information verification system will obtain from third party database when authenticity verification merges mutually with described temporary identity information, be stored to then in the identity information database of identity information verification system, and identity information after will merging and identity associate with identity information for logical number, can be via the database of the logical number checking user real identification of identity thereby set up one.
Wherein, the personal information that the user submits to comprises user's communications number category information and user's certificate category information, wherein, described user's communications category information comprises user's information such as phone number, fixed telephone number, E-mail address, home address, QQ number, MSN number, user's disparate networks account number; User's certificate category information comprises information such as bank card, identity card, educational background card.
Wherein, the identity extend information is the identity information that the user that calls from third party database does not import.
Wherein, above-mentioned verification step 4) comprising:
4-1) after the user submitted identity information to via communication network, the user verified the authenticity of this information to the verification system application;
4-2) verification system is judged the type of the personal information that the user submits to;
If 4-3) verification system judges that verification system sent authorization information to the user when described identity information was user's communications number category information, after the user returns correct authorization information, by verification system directly confirm the checking pass through;
If 4-4) verification system judges that described identity information is the certificate category information, then verification system information that the user is submitted to is transmitted to the third-party authentication subsystem and mates, return the extend information of matching result and correspondence at the third-party authentication subsystem after, if matching result is successfully, then verification system think the checking pass through.
Wherein, the checking above-mentioned steps 4-3) comprises:
4-3-1) number of the communicating number info class that provides in this identity information according to the user of verification system sends an accidental validation sign indicating number by communication network to the user, and points out this user feedback this accidental validation sign indicating number; And
If 4-3-2) user is consistent with the identifying code of verification system transmission by the accidental validation sign indicating number of communication network feedback, then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
Can confirm the authenticity of the number of the communicating number info class that the user submits to like this.
Wherein, the checking above-mentioned steps 4-3) comprises:
4-3-1 ') number of the communicating number info class that provides in this identity information according to the user of verification system sends request by communication network to the user, the message that the identity that the prompting user utilizes the number of this communicating number info class to return to have distributed is logical number; And
4-3-2 ') if the user responds this request, it is number identical that logical number of the identity that number by this communicating number info class returns and the identity of distributing to this cellphone subscriber are led to, and then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
Can under the situation of using identifying code, confirm the authenticity of the number of the communicating number info class that the user submits to like this.
Wherein, utilize mapping table to realize logical related with user real identification of identity.
In accordance with a further aspect of the present invention, provide the another kind of personal information of utilizing the user to submit to set up the system of user real identification database here, having comprised:
The user is by the user input subsystem of communication network to logical number of identity of identity information verification system application and the every identity information of submission;
Distribute to logical number of identity of user and receive the checking subsystem that the user submits identity information to by communication network, every identity information of the temporary user's input of this checking subsystem, and the identity information that the user submits to carried out authenticity verification or deliver the third-party authentication subsystem and carry out authenticity verification;
Store identity information database through the identity information of authenticity verification;
Wherein, described checking subsystem is after described identity authenticity verification passes through, the respective identity extend information that will obtain from third party database when authenticity verification merges mutually with described temporary identity information, be stored to then in the described identity information database, and identity information after will merging and identity associate with identity information for logical number, can be via the database of the logical number checking user real identification of identity thereby set up one.
Wherein, described checking subsystem is an authentication server.
The present invention is described in detail with instantiation below in conjunction with accompanying drawing.
Description of drawings
Fig. 1 is the schematic diagram that shows the direct identity verification information of verification system of the present invention;
Fig. 2 shows the schematic diagram of verification system of the present invention by the third party database identity verification;
Fig. 3 is the schematic diagram that shows verification identity of the present invention;
Fig. 4 shows schematic diagram of verifying identity information by key of the present invention;
Fig. 5 has shown realization collection data of the present invention, has formed the system configuration of database;
Fig. 6 is the flow chart that utilizes shown in Figure 5 system configuration of the present invention collection organization data, forms database;
Fig. 7 realizes utilizing database of the present invention to verify the system configuration of identity information;
Fig. 8 utilizes system configuration shown in Figure 7 to realize the flow chart that identity information is verified;
Fig. 9 is the logical flow chart of application identity of the present invention;
Figure 10 is a kind of flow chart of checking communicating number class identity information of the present invention;
Figure 11 is the flow chart by the third-party authentication identity information of the present invention;
Figure 12 shows by the verification subsystem of Fig. 7 to carry out flow chart of verifying the identity information process through subscriber authorisation of the present invention;
Figure 13 is user's access subsystem workflow diagram among displayed map 5 and Fig. 7.
Embodiment
At first define the technical term that the present invention uses:
1) identity of the present invention is logical is the mechanism of checking personally identifiable information authenticity, comprises the identity information verification system and logical number of the identity that given by verification system.
2) identity is a unique identifying number of representing personally identifiable information logical number, form by the 6-8 bit digital usually, or by more long number or letter are formed.
3) personal information of user's submission is meant the personal information that the user submits to verification system, comprises two class identity informations; First kind identity information is a user's communications number category information, for example can be user's information such as phone number, fixed telephone number, E-mail address, home address, QQ number, MSN number, user's disparate networks account number, the authenticity P Passable communication equipment checking of this type of information; The second class identity information is user's a certificate category information, for example can be information such as bank card, identity card, educational background card, and the authenticity of this type of information must be verified by the third-party authentication subsystem.
4) communication network include but not limited to that fix, wired, wireless, telephone network, mobile network, the Internet etc.
5) verification is meant that the user submits unique characteristic information of another user to checking system, the true identity information that another user is checked in request.
6) extend information is meant other identity information that is stored in this user that the user in the third party database do not submit to, and this extend information forms complete user profile after can merging with the identity information that the user submits to.
Identity information verification system of the present invention can be organized effectively with being dispersed in each local personally identifiable information, and guarantees its authenticity.The present invention has developed the method that personal information that a kind of user of utilization submits to is set up the user real identification information database for this reason, may further comprise the steps:
1) user is by communication network, to logical number of identity of identity information verification system application;
2) the identity information verification system is distributed to identity of user logical number by communication network, and the prompting user submits identity information to;
3) user submits every identity information (information such as mobile phone, landline telephone, E-mail address, home address, QQ number, MSN number, user's disparate networks account number, bank card, identity card, educational background card) via communication network to authentication system;
4) identity information verification system every identity information of temporarily storing the user and being submitted to, and according to the difference of information category, the identity information that the user is submitted to carries out authenticity verification;
5) after the identity authenticity verification passes through, the identity information verification system stores the identity information of described temporary transient storage in the identity information database of identity information verification system into, and for example will associate with identity information for logical number with identity, thereby set up a database via the logical number definite user real identification of identity by mapping table.
In another embodiment, after the personal information that the identity information verification system can also be submitted user in the third party database and corresponding identity extend information of this information and described temporary transient storage to merges, store in the identity information database, and user profile after for example will merging by mapping table and identity associate for logical number, thereby have set up a full database via the logical number checking user identity of identity.Described extend information is the personal information that the user contained in the third party database does not submit to, if for example the user has only submitted name and ID card No. information to, then extend information comprises user picture, the certificate address information that contains in the identity card storehouse.After this personal information and the merging of the extend information in the third party database with user's submission, setting up user's real information database advantage is: User Information Database is initiatively submitted identity information to and through setting up behind the authenticity verification the user, can guarantee the true and complete of identity that the user submits to.
Certainly, above-mentioned full database also can be after subscriber identity information be through checking, and invoke user full detail and dumping in the identity information database of verification system from third party database is realized.
At above-mentioned verification step 4) in, after the user submitted identity information to, user applies was verified the authenticity of this information; Can certainly save the step of user applies checking, change into after the user submits identity information to, start checking voluntarily by verification system.If verification system judges that the type of the personal information that the user submits to is a user's communications number category information, then as shown in Figure 1, verification system sends authorization information to the user, after the user returns correct authorization information, confirms directly that by verification system checking passes through.This can realize by following dual mode:
The first, the number of the communicating number info class that verification system provides in this identity information according to the user sends an accidental validation sign indicating number by communication network to the user, and points out this user feedback this accidental validation sign indicating number; If the user is consistent with the identifying code of verification system transmission by the accidental validation sign indicating number of communication network feedback, then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
The second, the number of the communicating number info class that verification system provides in this identity information according to the user sends request by communication network to the user, the message that the identity that the prompting user utilizes the number of this communicating number info class to return to have distributed is logical number; If the user responds this request, it is number identical that logical number of the identity that number by this communicating number info class returns and the identity of distributing to this cellphone subscriber are led to, and then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
For example, if the phone number that the user submits to by mobile phone is 13311111111, and it is 432555777 logical number that verification system has been distributed to this user identity, and then verification system sends as the short message of " please the identity of returning you with your mobile phone lead to number " to user mobile phone by this phone number 13311111111; If the user responds this authorization information, return authorization information as " identity logical number be 432555777 " with mobile phone, then verification system confirms that the phone number 13311111111 that the user provides is numbers (not considering to usurp the situation of mobile phone here) of the mobile phone held of user.
Again for example,
If the E-mail address that the user submits to by Email is XX@sina.yy, and verification system to have distributed to this user identity be 432555777 logical number, then verification system sends as the short message of " please the identity of returning you with your mailbox lead to number " to subscriber mailbox by this E-mail address XX@sina.yy; If the user responds this authorization information, return the authorization information of " identity logical number be 432555777 " with this E-mail address, then verification system confirms that the E-mail address XX@sina.yy that the user provides is the address (number) of the E-mail address held of this user.
Under the mobile phone identification policy environment,, utilize the logical authenticity of confirming user identity of identity like this by identity is associated with phone number for logical number.
Equally, according to above-mentioned principle, identity informations such as user's fixed telephone number that provides or E-mail address number can be provided in the present invention.
On the other hand, if judge that the personal information that the user submits to is the certificate category information, then as shown in Figure 2, the information that verification system is submitted the user to directly sends to the third-party authentication subsystem and mates, after the third-party authentication subsystem returns the extend information of matching result and correspondence, if matching result is successfully, then system think the checking pass through.
For example, if the personal information that the user submits to is an ID card information, be that user identity card number is 110108197412255555, name is king three, the address is No. 8, Haidian District, Beijing City wang jiazhuang village, and system has distributed to this user's 43123765 logical number of identity, then verification system (or the logical server of identity) is transmitted to above-mentioned ID card information and belongs to third-party ID card verification server, this ID card verification server carries out matching treatment with the data in this ID card information and the identity card database, then the matching treatment result is returned to verification system with the extend information of correspondence such as king three photo, if matching result is consistent, then system thinks that checking passes through.
The present invention can provide a kind of mechanism of utilizing the communication network checking user real identification under the prerequisite that guarantees safety, individual privacy, this is to utilize after user identity sets up the user real identification information bank logical number, adopting the subscriber authorisation verification mode to realize.Therefore, as shown in Figure 3, the method by the network checking user real identification of the present invention may further comprise the steps:
1), checking system is associated by contingency table one of the checked person or multinomial unique characteristic information (logical number of identity, mobile phone, phone, mailbox, bank's card number, identification card number, educational background card number, QQ number, MSN number, user's disparate networks account number etc.) with true identity information in the identity database;
2) verify people's (comprising the focal pointe of industry organization) and submit a certain unique characteristic information (logical number of identity, mobile phone, phone, mailbox, bank's card number, identification card number, educational background card number, QQ number, MSN number, user's disparate networks account number etc.) of checked person to checking system, submit to simultaneously and want the detailed programs verified by network;
3) after checking system is received the request of verification, apply for authorizing to the checked person by network;
4) checked person responds this request, and the authorization verification people allows the project verified;
5) data after the empirical tests are called according to checked person's the identity information database of mandate project from checking system by system, show then and verify the people.
As shown in Figure 4, the above-mentioned method of passing through the network checking user real identification can also realize by following steps:
1) checking system is associated by contingency table one of the checked person or multinomial unique characteristic information (as logical number of identity, mobile phone, phone, mailbox, bank's card number, identification card number, educational background card number, QQ number, MSN number, user's disparate networks account number etc.) with true identity information in the identity database;
2) checked person can be provided with the verification key to the identity information project of having selected by the identity information project of verification server verification then by network selecting;
3) when verifying the people and need verify checked person's identity information, require the checked person with self one or multinomial unique characteristic information and and verify key and inform and verify the people;
4) verify the people by network with one or multinomial unique characteristic information with verify key and submit to checking system;
5) after checking system is received the request of verification and good authentication key, from identity information database, call the identity information project data of corresponding empirical tests, and show the verification people.
Fig. 5 has shown realization collection data of the present invention, has formed an embodiment of the system configuration of database, and as shown in Figure 5, the system that data, formation database are collected in realization of the present invention comprises: user's access subsystem; Affiliate's subsystem; The checking subsystem; The charging and fee-deducting subsystem; ADMINISTRATION SUBSYSTEM; With third party's data verification subsystem.User subsystem comprises input link that utilizes communication network input user identity and the input link that utilizes the Internet input user identity; Described communication network connects affiliate's subsystem and checking subsystem via communication link respectively, and described the Internet also connects affiliate's subsystem and checking subsystem respectively via communication link respectively; Affiliate's subsystem is via communication link connectivity verification subsystem; Verify subsystem via private line access third party data verification subsystem, and connect charging, deduct fees subsystem and ADMINISTRATION SUBSYSTEM respectively.
The course of work of system shown in Figure 5 as shown in Figure 6, at first, the user via user's input subsystem to logical number of checking subsystem application identity; Then, the checking subsystem is distributed to user identity logical number by user's access subsystem, and the prompting user imports identity information; The user submits identity information by user subsystem to the checking subsystem, and perhaps the user submits identity information to affiliate's subsystem, by affiliate's subsystem this identity information is transmitted to the checking subsystem; The subscriber identity information of the temporary user's input of checking subsystem, and directly checking belongs to the identity information of communicating number class, the identity information that perhaps will belong to the certificate class is transmitted to third party's data verification subsystem, and request third party data verification subsystem utilizes the respective identity information of storing in its database to verify; Third party's data verification subsystem will verify that then result and expansion identity information return the checking subsystem; If the checking result that the checking subsystem returns is sure, verify that then subsystem deposits the identity information of temporary user's input and expansion identity information that third party's data verification subsystem returns after combined in the identity information database in the ADMINISTRATION SUBSYSTEM, the identity that will distribute to this user simultaneously is associated with this user's identity information for logical number.
ADMINISTRATION SUBSYSTEM comprises management server and identity information database, and wherein management server is used for the user is registered, changes, nullifies and manages.
In addition, the subsystem that charges, deducts fees carries out in the proof procedure user being chargeed and deducting fees the user by communication link connectivity verification subsystem.
Fig. 7 has shown an embodiment of the system configuration of utilizing database checking user identity information of the present invention, as shown in Figure 7, the system configuration of checking user identity information of the present invention comprises: user's access subsystem, verify work for convenience of description, again it is divided into for user's access subsystem of checking user use with for the user's access subsystem that is used by checking user at this; Affiliate's subsystem; Verify subsystem; The charging and fee-deducting subsystem; And ADMINISTRATION SUBSYSTEM.User subsystem comprises input link that utilizes communication network input user identity and the input link that utilizes the Internet input user identity; For the user's access subsystem that uses for checking user, described communication network connects affiliate's subsystem and verifies subsystem via communication link respectively, and described the Internet also connects affiliate's subsystem respectively and verifies subsystem via communication link respectively; For for the user's access subsystem that is used by checking user, described communication network connects via communication link verifies subsystem, and described the Internet also connects via communication link verifies subsystem; Affiliate's subsystem connects via communication link verifies subsystem; The verification subsystem connects charging respectively, deduct fees subsystem and ADMINISTRATION SUBSYSTEM.
The course of work of system shown in Figure 7 as shown in Figure 8, at first, checking user is submitted a certain unique characteristic information of checked person (logical number of identity, mobile phone, phone, mailbox, bank's card number, identification card number, educational background card number, QQ number, MSN number, user's disparate networks account number etc.) via user's input subsystem to verifying subsystem, perhaps submit a certain unique characteristic information to affiliate's subsystem via user's input subsystem, be transmitted to the verification subsystem by affiliate's subsystem again, submit to simultaneously and want the detailed programs verified; After the verification subsystem is received the request of verification, apply for checking authorization to the checked person by user's input subsystem; The checked person responds this request, and the authorization verification people allows the project verified; Verify the data of calling in the identity information database of mandate project from ADMINISTRATION SUBSYSTEM of subsystem according to the checked person after the empirical tests, show then and verify the people.
ADMINISTRATION SUBSYSTEM comprises management server and identity information database, and wherein management server is used for the user is registered, changes, nullifies and manages.
In addition, the subsystem that charges, deducts fees connects by communication link verifies subsystem, carries out in the verification process user being chargeed and deducting fees the user.
Here need to prove that checking subsystem of the present invention and verification subsystem can be same entity (being server), this entity serves as the checking subsystem when verifying, and this entity serves as the verification subsystem when verifying.
In addition, verification system of the present invention comprises checking subsystem and ADMINISTRATION SUBSYSTEM shown in Figure 5; And described checking system comprises verification subsystem and ADMINISTRATION SUBSYSTEM shown in Figure 7.
Fig. 9 has shown a kind of flow chart of applying for that identity is logical of the present invention.As shown in Figure 9,1) user imports address name, ID card No. and phone number on mobile phone; 2) judge whether it is the general family of identity, if then carry out the logical login process of identity; If not, then 3) send SMS message; 4) system judges whether to receive note; Whether 5) if note has been received in judgement, then the identity verification card is submitted to third party database with above-mentioned address name, ID card No., consistent with checking name identification card number; 6) if consistent, then return the checking result, generate identity logical number, this identity is associated with name, identity card and phone number for logical number.Obviously in this processing procedure, identity gives the user logical number after authentication.
Figure 10 has shown the flow chart of a kind of user applies checking communicating number class identity information of the present invention, as shown in figure 10,1) user is at verifying by application such as the Internet input handset number (comprising fixed telephone number, E-mail address, bank card etc.); 2) phone number that provides in this identity information according to the user of verification system sends an accidental validation sign indicating number by short message to the user, and points out this cellphone subscriber to feed back this accidental validation sign indicating number, 3) the accidental validation sign indicating number of user by the communication network feedback; 4) judge that the identifying code of user feedback is whether consistent with the identifying code that verification system sends; 5) if then verification system is by checking.
Figure 11 has shown the flow chart by the third-party authentication identity information of the present invention, as described in Figure 11,1) user is after submitting identity information to, this identity information of application verification system validates; 2) if verification system judges that the personal information that the user submits to is certificate category information (as identity card or an educational background card) at this moment, then verification system is directly transmitted the personal information of user's submission to change to the third-party authentication subsystem and is mated; 3) the third-party authentication subsystem is compared the identity information and the identity information in the third party database of verification system forwarding or matching treatment; 4) after the third-party authentication subsystem returned matching result and corresponding extend information, if matching result be successfully, then system thought and verifies and pass through, thereby the identity information that will verify and identity are led to and number be associated.
Figure 12 has shown the verification subsystem execution process of verifying identity information through subscriber authorisation of the present invention by Fig. 7.As shown in figure 12,1) verifies people's (comprising the focal pointe of industry organization) and want the detailed programs verified to verifying logical number of the identity that subsystem submits the checked person to, submitting to simultaneously by network; 2) after the verification subsystem is received the request of verification, carry out the mandate of this verification to checked person's application by Email; 3) checked person responds this request, allows the project of verifying by Email and verification subsystem authorization verification people; 4) verify subsystem and call data after the empirical tests, show then and verify the people according to checked person's the identity information database of mandate project from checking system.
Figure 13 has shown the workflow of user's access subsystem among Fig. 5, Fig. 7, and as shown in figure 12, the workflow of user's access subsystem comprises: 1) user capture affiliate server, select registration, and information such as input name and identification card number.2) affiliate's server is by the user of being redirected (302) and calling authentication server authentication interface routine at one's own expense, simultaneously name, identification card number, SeqNo (affiliate's server is used to identify the number of unique one-time authentication request), DeliverURL (the checking subsystem calls this URL and transmits the checking result), BackURL (checking finish dealing with the purpose URL that the back requires the checking subsystem to redirect the user to) is attached to the back of URL in the right mode of parameter.3) authentication server prompting user input handset number.4) user's input handset number.5) authentication server carries out the identity card verification by ADMINISTRATION SUBSYSTEM.6) authentication server will be verified the result and be sent on user's the mobile phone by note.7) verify that the checking result that subsystem calls affiliate's server by POST or GET request (not being redirected) receives URL (the DeliverURL parameter of transmitting in 1), (user is at the unique identification of a session of checking subsystem will to verify result, name, identification card number, SeqNo, RandomSessionKey simultaneously, this parameter is also transmitted in BackURL, and affiliate's server can come corresponding one by one BackURL and DeliverURL according to this parameter) be attached to the URL back.8) the checking subsystem is redirected to the BackURL (parameter imported in the 1st step) of affiliate's server with the user, and RandomSessionKey is attached to the URL back simultaneously.
Practicality of the present invention
The C2C ecommerce
Register by virtual user name mailbox etc. present most of C2C website, also requires the user to fill in real name, but restrict the authenticity of its fill substance without any effective mechanism.Identity is logical to allow the user initiatively verify the identity of oneself, shows the business partner on the network, and verifies platform for both sides provide a third party, has solved network buyer and seller's authenticity problem effectively.
Present typical user pats net (www.paipai.com)
Real name friend-making (network)
The Internet has shortened interpersonal distance, and disparate networks is made friends development rapidly.But various swindles, the deception also ubiquitous.The logical friend-making object oneself that allows of identity is showed identity to third party's platform validation identity, improves the sincere degree of internet dating.
Present typical customers has lily net, love apartment.
Other real name service
In addition, identity is logical also is network game real name, mobile telephone real-name, the pretty good solution of mailbox real name.
Claims (13)
1, a kind of method of setting up the user real identification database, the personal information of utilizing user oneself to submit to after checking, is set up the user real identification database.
2, the personal information submitted to of a kind of user of utilization is set up the method for user real identification database, may further comprise the steps:
1) user is by communication network, to logical number of identity of identity information verification system application;
2) the identity information verification system is distributed to identity of user logical number by communication network, and the prompting user submits identity information to;
3) user submits every identity information via communication network to authentication system;
4) the identity information verification system is according to the difference of information category, and the identity information that the user is submitted to carries out authenticity verification;
5) after the identity authenticity verification passes through, the identity information verification system stores this identity information in the identity information database of identity information verification system, and identity is associated with identity information for logical number, can be thereby set up one via the database of the logical number checking user real identification of identity.
3, method according to claim 2, wherein the personal information of user's submission comprises user's communications number category information and user's certificate category information, wherein, described user's communications category information comprises user's information such as phone number, fixed telephone number, E-mail address, home address, QQ number, MSN number, user's disparate networks account number; Described user's certificate category information comprises information such as bank card, identity card, educational background card.
4, method according to claim 2, wherein said verification step 4) may further comprise the steps:
4-1) after the user submitted identity information to via communication network, the user verified the authenticity of this information to the verification system application;
4-2) verification system is judged the type of the personal information that the user submits to;
If 4-3) verification system judges that verification system sent authorization information to the user when described identity information was user's communications number category information, after the user returns correct authorization information, by verification system directly confirm the checking pass through;
If 4-4) verification system judges that described identity information is the certificate category information, then verification system information that the user is submitted to is transmitted to the third-party authentication subsystem and mates, return the extend information of matching result and correspondence at the third-party authentication subsystem after, if matching result is successfully, then verification system think the checking pass through.
5, the checking wherein method according to claim 4, wherein said step 4-3) may further comprise the steps:
4-3-1) number of the communicating number info class that provides in this identity information according to the user of verification system sends an accidental validation sign indicating number by communication network to the user, and points out this user feedback this accidental validation sign indicating number; And
If 4-3-2) user is consistent with the identifying code of verification system transmission by the accidental validation sign indicating number of communication network feedback, then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
6, the checking method according to claim 4, wherein said step 4-3) comprises:
4-3-1 ') number of the communicating number info class that provides in this identity information according to the user of verification system sends request by communication network to the user, the message that the identity that the prompting user utilizes the number of this communicating number info class to return to have distributed is logical number; And
4-3-2 ') if the user responds this request, it is number identical that logical number of the identity that number by this communicating number info class returns and the identity of distributing to this cellphone subscriber are led to, and then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
7, the personal information submitted to of a kind of user of utilization is set up the method for user real identification database, may further comprise the steps:
1) user is by communication network, to logical number of identity of identity information verification system application;
2) the identity information verification system is distributed to identity of user logical number by communication network, and the prompting user submits identity information to;
3) user submits every identity information via communication network to authentication system;
4) the temporary described every identity information of identity information verification system, and according to the difference of information category, the identity information that the user is submitted to carries out authenticity verification;
5) after the identity authenticity verification passes through, the respective identity extend information that the identity information verification system will obtain from third party database when authenticity verification merges mutually with described temporary identity information, be stored to then in the identity information database of identity information verification system, and identity information after will merging and identity associate with identity information for logical number, can be via the database of the logical number checking user real identification of identity thereby set up one.
8, method according to claim 7, wherein the personal information of user's submission comprises user's communications number category information and user's certificate category information, wherein, described user's communications category information comprises user's information such as phone number, fixed telephone number, E-mail address, home address, QQ number, MSN number, user's disparate networks account number; User's certificate category information comprises information such as bank card, identity card, educational background card.
9, method according to claim 7, wherein, described identity extend information is the identity information that the user that calls from third party database does not import.
10, method according to claim 7, described verification step 4) comprising:
4-1) after the user submitted identity information to via communication network, the user verified the authenticity of this information to the verification system application;
4-2) verification system is judged the type of the personal information that the user submits to;
If 4-3) verification system judges that verification system sent authorization information to the user when described identity information was user's communications number category information, after the user returns correct authorization information, by verification system directly confirm the checking pass through;
If 4-4) verification system judges that described identity information is the certificate category information, then verification system information that the user is submitted to is transmitted to the third-party authentication subsystem and mates, return the extend information and related information of matching result and correspondence at the third-party authentication subsystem after, if matching result is successfully, then verification system think the checking pass through.
11, the checking method according to claim 10, wherein said step 4-3) comprises:
4-3-1) number of the communicating number info class that provides in this identity information according to the user of verification system sends an accidental validation sign indicating number by communication network to the user, and points out this user feedback this accidental validation sign indicating number; And
If 4-3-2) user is consistent with the identifying code of verification system transmission by the accidental validation sign indicating number of communication network feedback, then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
12, the checking method according to claim 10, wherein, described step 4-3) comprises:
4-3-1 ') number of the communicating number info class that provides in this identity information according to the user of verification system sends request by communication network to the user, the message that the identity that the prompting user utilizes the number of this communicating number info class to return to have distributed is logical number; And
4-3-2 ') if the user responds this request, it is number identical that logical number of the identity that number by this communicating number info class returns and the identity of distributing to this cellphone subscriber are led to, and then verification system determines that the number of the communicating number info class that the user submits to is the communication equipment held of user or the number of device.
13, the personal information submitted to of a kind of user of utilization is set up the system of user real identification database, comprising:
The user is by the user input subsystem of communication network to logical number of identity of identity information verification system application and the every identity information of submission;
Distribute to logical number of identity of user and receive the checking subsystem that the user submits identity information to by communication network, every identity information of the temporary user's input of this checking subsystem, and the identity information that the user submits to carried out authenticity verification or deliver the third-party authentication subsystem and carry out authenticity verification;
Store identity information database through the identity information of authenticity verification;
Wherein, described checking subsystem is after described identity authenticity verification passes through, the respective identity extend information that will obtain from third party database when authenticity verification merges mutually with described temporary identity information, be stored to then in the described identity information database, and identity information after will merging and identity associate with identity information for logical number, can be via the database of the logical number checking user real identification of identity thereby set up one.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610113311 CN101034984B (en) | 2006-09-22 | 2006-09-22 | Establishing the true identify database of the user with the personal information submitted by the user |
| PCT/CN2007/002116 WO2008037164A1 (en) | 2006-09-22 | 2007-07-11 | Utilize individual information submitted by the user to set up users' real identity database |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610113311 CN101034984B (en) | 2006-09-22 | 2006-09-22 | Establishing the true identify database of the user with the personal information submitted by the user |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101034984A true CN101034984A (en) | 2007-09-12 |
| CN101034984B CN101034984B (en) | 2011-02-02 |
Family
ID=38731304
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200610113311 Active CN101034984B (en) | 2006-09-22 | 2006-09-22 | Establishing the true identify database of the user with the personal information submitted by the user |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101034984B (en) |
| WO (1) | WO2008037164A1 (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103150323A (en) * | 2012-12-20 | 2013-06-12 | 杭州友谦网络科技有限公司 | Method and device for processing and importing personal information data |
| CN104735067A (en) * | 2015-03-24 | 2015-06-24 | 高艳芳 | O2O real name registration admittance system and method |
| CN104796400A (en) * | 2015-01-31 | 2015-07-22 | 李若斌 | System, server, terminal and method for dispatched personnel identity authentication |
| CN105635183A (en) * | 2016-03-16 | 2016-06-01 | 成都高合盛科技有限责任公司 | Realization device, method and system of social platform having supervision function |
| CN105630978A (en) * | 2015-12-25 | 2016-06-01 | 曙光信息产业(北京)有限公司 | Method and device for collecting information |
| CN105681356A (en) * | 2016-03-30 | 2016-06-15 | 张正勇 | Resident identity card-base communication network system |
| CN105912539A (en) * | 2015-12-11 | 2016-08-31 | 乐视网信息技术(北京)股份有限公司 | System and method for data storage for protecting privacy of local user |
| WO2016161892A1 (en) * | 2015-04-09 | 2016-10-13 | 阿里巴巴集团控股有限公司 | Address matching-based risk identification method and device |
| CN107330104A (en) * | 2017-07-07 | 2017-11-07 | 国政通科技股份有限公司 | A kind of utilization communication network verifies the method and system of user real identification |
| CN108683677A (en) * | 2018-05-23 | 2018-10-19 | 国政通科技股份有限公司 | Detailedization of address information judges |
| CN108765169A (en) * | 2018-05-15 | 2018-11-06 | 中国平安人寿保险股份有限公司 | Declaration form Risk Identification Method, device, computer equipment and storage medium |
| CN109711798A (en) * | 2018-11-29 | 2019-05-03 | 王可 | A kind of personnel's integrated estimation system based on user real identification database |
| CN110932869A (en) * | 2019-12-02 | 2020-03-27 | 北京合游时空科技有限公司 | Method, device and equipment for certificate real-name authentication |
| CN111061785A (en) * | 2019-10-23 | 2020-04-24 | 深圳智慧园区信息技术有限公司 | Method and system for classified storage of orders in management platform |
| CN111079664A (en) * | 2019-12-20 | 2020-04-28 | 深圳先牛信息技术有限公司 | Iris database establishing method and iris database system |
| CN111131263A (en) * | 2019-12-26 | 2020-05-08 | 支付宝(杭州)信息技术有限公司 | Data viewing method and device |
| CN113706047A (en) * | 2021-09-03 | 2021-11-26 | 北京十速网络科技有限公司 | Personal credit information authenticity evaluation method and system based on block chain technology |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7958266B1 (en) * | 2003-07-30 | 2011-06-07 | Chen Sun | Multiple URL identity syntaxes and identities |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0707253B1 (en) * | 1994-10-10 | 2000-05-24 | Ferag AG | Manufacturing system and method |
| US6985887B1 (en) * | 1999-03-19 | 2006-01-10 | Suncrest Llc | Apparatus and method for authenticated multi-user personal information database |
| US6714944B1 (en) * | 1999-11-30 | 2004-03-30 | Verivita Llc | System and method for authenticating and registering personal background data |
| EP1212720A1 (en) * | 2000-04-18 | 2002-06-12 | Amaskorea Co., Ltd. | Method for producing identification code, and method and system for giving electronic notice service and electronic meter reading service by using the same |
| CN1286022C (en) * | 2002-06-10 | 2006-11-22 | 联想(北京)有限公司 | User identification confirmation and operation conferring process |
| CN1779704A (en) * | 2004-11-18 | 2006-05-31 | 黄金富 | Credit data inquiry system and method |
-
2006
- 2006-09-22 CN CN 200610113311 patent/CN101034984B/en active Active
-
2007
- 2007-07-11 WO PCT/CN2007/002116 patent/WO2008037164A1/en active Application Filing
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103150323B (en) * | 2012-12-20 | 2017-02-08 | 杭州友谦网络科技有限公司 | Method and device for processing and importing personal information data |
| CN103150323A (en) * | 2012-12-20 | 2013-06-12 | 杭州友谦网络科技有限公司 | Method and device for processing and importing personal information data |
| CN104796400A (en) * | 2015-01-31 | 2015-07-22 | 李若斌 | System, server, terminal and method for dispatched personnel identity authentication |
| CN104735067A (en) * | 2015-03-24 | 2015-06-24 | 高艳芳 | O2O real name registration admittance system and method |
| WO2016161892A1 (en) * | 2015-04-09 | 2016-10-13 | 阿里巴巴集团控股有限公司 | Address matching-based risk identification method and device |
| CN105912539A (en) * | 2015-12-11 | 2016-08-31 | 乐视网信息技术(北京)股份有限公司 | System and method for data storage for protecting privacy of local user |
| CN105630978A (en) * | 2015-12-25 | 2016-06-01 | 曙光信息产业(北京)有限公司 | Method and device for collecting information |
| CN105635183A (en) * | 2016-03-16 | 2016-06-01 | 成都高合盛科技有限责任公司 | Realization device, method and system of social platform having supervision function |
| CN105635183B (en) * | 2016-03-16 | 2019-12-13 | 芜湖网尚资讯有限公司 | Social platform implementation device, method and system with supervision function |
| CN105681356A (en) * | 2016-03-30 | 2016-06-15 | 张正勇 | Resident identity card-base communication network system |
| CN107330104A (en) * | 2017-07-07 | 2017-11-07 | 国政通科技股份有限公司 | A kind of utilization communication network verifies the method and system of user real identification |
| CN108765169A (en) * | 2018-05-15 | 2018-11-06 | 中国平安人寿保险股份有限公司 | Declaration form Risk Identification Method, device, computer equipment and storage medium |
| CN108683677A (en) * | 2018-05-23 | 2018-10-19 | 国政通科技股份有限公司 | Detailedization of address information judges |
| CN109711798A (en) * | 2018-11-29 | 2019-05-03 | 王可 | A kind of personnel's integrated estimation system based on user real identification database |
| CN111061785A (en) * | 2019-10-23 | 2020-04-24 | 深圳智慧园区信息技术有限公司 | Method and system for classified storage of orders in management platform |
| CN110932869A (en) * | 2019-12-02 | 2020-03-27 | 北京合游时空科技有限公司 | Method, device and equipment for certificate real-name authentication |
| CN111079664A (en) * | 2019-12-20 | 2020-04-28 | 深圳先牛信息技术有限公司 | Iris database establishing method and iris database system |
| CN111131263A (en) * | 2019-12-26 | 2020-05-08 | 支付宝(杭州)信息技术有限公司 | Data viewing method and device |
| CN113706047A (en) * | 2021-09-03 | 2021-11-26 | 北京十速网络科技有限公司 | Personal credit information authenticity evaluation method and system based on block chain technology |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2008037164A1 (en) | 2008-04-03 |
| CN101034984B (en) | 2011-02-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101034984A (en) | Establishing the true identify database of the user with the personal information submitted by the user | |
| US8381265B2 (en) | Member registration method, community service system, portable terminal, and member invitation processing program | |
| CN101136909B (en) | Method and system for checking user real identification using communication network | |
| CN1178442C (en) | Authentication system using network | |
| CN1602601A (en) | Methods and systems for automated authentication, processing and issuance of digital certificates | |
| CN103986688B (en) | Method of authenticating a user of a peripheral apparatus, a peripheral apparatus, and a system for authenticating a user of a peripheral apparatus | |
| US9084071B2 (en) | Simple mobile registration mechanism enabling automatic registration via mobile devices | |
| US20100005520A1 (en) | Personal area social networking | |
| CN101060403A (en) | Wireless communication terminal-based interactive dynamic password safety service system | |
| CN1315268C (en) | Method for authenticating users | |
| US11165584B2 (en) | Method for transmitting personal information | |
| CN1574754A (en) | System and methods for provisioning a service for a communication device | |
| CN1602478A (en) | Message screening system and method | |
| CN1852094A (en) | Method and system for protecting account of network business user | |
| CN1700641A (en) | Digital signature assurance system, method, program and apparatus | |
| CN1761200A (en) | System and method for leveraging end-users' preferences for efficient communications | |
| CN1420659A (en) | Method and apparatus for authenticating and veritying user and computer over network | |
| CN1941009A (en) | Method for realizing fee payment by mobile telecommunication terminal | |
| US11122034B2 (en) | Method and apparatus for an identity assurance score with ties to an ID-less and password-less authentication system | |
| CN107423975A (en) | By submitting number to carry out strong authentication | |
| CN1697470A (en) | Telephone number change notification method and telephone number change notification system | |
| TWI706329B (en) | Graphic code generation method, resource sending and receiving method, device and electronic equipment | |
| CN1658636A (en) | Immediate voice communication method for implementing interactive of 3G network and internet | |
| CN1167021C (en) | Method and device for authenticating user | |
| US20120023012A1 (en) | System and Method for Registering an EDI Participant Identifier and Managing EDI Trading Partners |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100086 Haidian District, apricot stone road, a road, No. 1, building No. 4, west of layer 18 Patentee after: Guozhengtong Polytron Technologies Inc Address before: 100086 Haidian District, apricot stone road, a road, No. 1, building No. 4, west of layer 18 Patentee before: Beijing State Masamichi Technology Co., Ltd. |
|
| CP03 | Change of name, title or address |
Address after: 100029 Third Floor of Yansha Shengshi Building, 23 North Third Ring Road, Xicheng District, Beijing Patentee after: Guo Zheng Tong Technology Co., Ltd. Address before: 100086 West Fourth Floor of Building No. 1, No. 18 Xingshikou Road, Haidian District, Beijing Patentee before: Guozhengtong Polytron Technologies Inc |
|
| CP03 | Change of name, title or address |