CN101087193A - New method for using the mobile number bond with account for identity identification - Google Patents
New method for using the mobile number bond with account for identity identification Download PDFInfo
- Publication number
- CN101087193A CN101087193A CN 200710084286 CN200710084286A CN101087193A CN 101087193 A CN101087193 A CN 101087193A CN 200710084286 CN200710084286 CN 200710084286 CN 200710084286 A CN200710084286 A CN 200710084286A CN 101087193 A CN101087193 A CN 101087193A
- Authority
- CN
- China
- Prior art keywords
- account number
- user
- phone number
- character string
- binding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention relates to the information security field of computer and network, relates to ID attestation system and method, and it can prevent the user account from stolen. The method uses the mobile phone to do network ID attestation, distinguish the computer by the affirmed strings, and the user account and mobile phone can correspond with client computer one by one to identify the validity of user ID. The method can be used in various account affirmations of network services (web management, e-mail, e-business, network game, chatting tool, network bank and the field of remote control), and it also can be used other service relative with network (the operation of ATM). It is a efficient method to prevent the network form being stolen.
Description
Technical field
The present invention relates to the computer and network information security field, relate to various identity authorization systems and the method relevant with network, is a kind of method that prevents that effectively user account number is stolen.
Background technology
Existing user identification confirmation method is the form of account number encrypted code basically, but will produce tremendous loss after being stolen.The imperfection of current internet legislation and the leak of system itself, user's prevention awareness difference have caused all that the account number incident that is stolen takes place repeatedly in the network.But the antitheft access method of present number of the account all is to carry out on network, similarly be the hacker change password under one's eyes, all be makeshift, be the method for curing the symptoms, not the disease.How to go to seek a kind of method that can treat both principal and secondary aspect of disease?
Summary of the invention
This method is with the phone number of user account number, user's use and the client computer unification that the user faces, and confirms the method for user identity.This method has following advantage: abandoned and used account number and password to carry out the way of identity validation, password can be used for assisting identity validation, but, do not prevented the lawless person steals the incident of user account number by means such as wooden horses generation as necessary authenticating step; Client computer by the one-to-one relationship that makes subscriber phone number transmission or affirmation character string that receives and client computer comes unique definite user using has prevented that many client computers from landing an account number simultaneously and can't determine which platform is the generation of the incident of validated user; Send and characteristics that time of reception is lacked because note has, carry out authentication, can prevent effectively that in the certain hour section a large number of users from logining simultaneously and cause the generation of the incident of conflict by way of short messages; This method combines network authentication with mobile communication, utilized unique certainty of phone number to guarantee the safety of user account number.
This method has following two kinds of embodiments:
One. the user enters login interface and fills in account number and the certificate server end is sent logging request, certificate server sends the acknowledge character string to the client computer after the client computer sends the acknowledge character string or receives logging request when the user enters login interface, and after receiving logging request account number is distributed timeslice; The user ganged up acknowledge character short message mode at the appointed time by sending to the telecommunication terminal that is connected with certificate server with the phone number of account number binding, server end is by verifying the affirmation character string, the subscriber phone number that send, after determining the legitimacy of account number, allow pairing that client computer login account number of acknowledge character string, the affirmation character string mistake of transmission or overshoot time do not send the acknowledge character string and then return login interface.
Two. the user enters login interface, fills in account number and password, and certificate server is sent logging request, and after certificate server was received request, whether checking account number and password conformed to, and account number cipher does not conform to and then returns login interface; By verifying that then server end sends the acknowledge character string to the phone number with account number binding, and allow the user to enter acknowledge character string checking interface, the affirmation character string input validation interface that the user receives mobile phone at the appointed time also sends authentication request to certificate server, checking is by then allowing login, otherwise be illegal request, overshoot checking number of times and stipulated time are not then returned login interface by checking.Can require the user whether to fill in password as required at login interface.This scheme limits authentication number of times, and number of the account and password are repeatedly filled in and do not conformed to and the acknowledge character string is repeatedly filled in mistake and then locked account number.The user must could land once more by the mobile phone release.
By user account number, binding phone number and acknowledge character string user and the employed client computer of user are mapped one by one, have really guaranteed the safety of user account number.
Part: telecommunications network, the Internet, SMS platform, the account number certificate server that links to each other with SMS platform, network application server, client computer, the mobile phone (or other communication apparatus) that the user uses.
Claims (8)
1. use the new method of carrying out identity validation with the phone number of account number binding, step is as follows:
The user applies account number, password is set after, account number and phone number are bound, password can only use in the retouching operation of user profile, can not use in the login of carrying out at ordinary times.
Provide the acknowledge character string by server end when the user enters login interface, the user fills in account number, and password sends logging request to the certificate server end, and certificate server is received and judged request that account number is whether legal and to account number distribution timeslice; The user ganged up acknowledge character with short message mode by sending to the telecommunication terminal that is connected with certificate server with phone number or other communications service numbers of account number binding in the finite time of regulation, by the affirmation character string, the subscriber phone number that send are verified, after determining the legitimacy of account number, allow acknowledge character string clients corresponding computer login account number, otherwise be illegal request, the overshoot time is not then returned login interface by checking.
2. the phone number of use according to claim 1 and account number binding carries out the new method of identity validation, it is characterized in that, the user enters login interface, fill in account number and password, certificate server is sent logging request, after certificate server was received request, whether checking account number and password conformed to, not by verifying that then the user returns login interface; By verifying that then authentication server sends the acknowledge character string to the phone number with account number binding, and allow the user to enter acknowledge character string checking interface, the affirmation character string input validation interface that the user receives mobile phone in the finite time of regulation also sends authentication request to certificate server, checking is by then allowing login, otherwise be illegal request, overshoot checking number of times and stipulated time are not then returned login interface by checking.
3. carry out the new method of identity validation according to the phone number of claim 1 and 2 described uses and account number binding, it is characterized in that, the acknowledge character string is by one section character forming with Chinese character, letter or numeral, according to different situations needs length between 1 to 255 character, the affirmation character string that certificate server provides is at random, but must be unique, be can not give the identical affirmation character string of two or more users in the same time period, Automatic Teller Machine can use unique number such as product serial number as the acknowledge character string.Character string can provide with character format, also can provide with picture format.
4. carry out the new method of identity validation according to the phone number of claim 1 and 2 described uses and account number binding, it is characterized in that ID card No. that user account number can be bound and phone number are as necessity foundation of revising subscriber data and binding phone number again.An account number can only be bound an ID card No., and an ID card No. can be corresponding to a plurality of account number bindings; An account number can only be bound a phone number, and a phone number can be corresponding to a plurality of account number bindings.
5. the phone number of use according to claim 4 and account number binding carries out the new method of identity validation, it is characterized in that, an account number can only be bound a phone number as main phone number, reach the foundation of binding phone number again as the modification data, an account number can be bound a plurality of phone numbers as non-staple phone number, only be used as the foundation of login authentication, non-staple phone number can not carry out the operation of data modification and change binding phone number.An account number can only be bound the foundation of an ID card No. as the data of modification.Can determine when login, whether to access to your password as required.
6. the phone number of use according to claim 1 and account number binding carries out the new method of identity validation, it is characterized in that, network authentication server can provide the acknowledge character string in the same time that the user opens login interface, or fills in the user and just to provide the acknowledge character string when account number is carried out next step operation later on.
7. carry out the new method of identity validation according to the phone number of claim 1 and 2 described uses and account number binding, it is characterized in that, if the user is to use the needs operations that stick into the row login in kind such as Automatic Teller Machine, only after the user inserts Automatic Teller Machine with bank card, Automatic Teller Machine just can provide the acknowledge character string, the acknowledge character string can provide simultaneously with the password input prompt, perhaps inputs the user to provide after password and certificate server are confirmed.
8. carry out the new method of identity validation according to the phone number of claim 1 and 2 described uses and account number binding, it is characterized in that, this method not only is used in various network services (as: portal management, Email, ecommerce, online game, chat tool, field such as Web bank etc. and long-range lock control) account number authentication also is used for other business relevant with network (as: bank's automated teller machine operation etc.).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200710084286 CN101087193A (en) | 2007-02-27 | 2007-02-27 | New method for using the mobile number bond with account for identity identification |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200710084286 CN101087193A (en) | 2007-02-27 | 2007-02-27 | New method for using the mobile number bond with account for identity identification |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101087193A true CN101087193A (en) | 2007-12-12 |
Family
ID=38937978
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 200710084286 Pending CN101087193A (en) | 2007-02-27 | 2007-02-27 | New method for using the mobile number bond with account for identity identification |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101087193A (en) |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101394282A (en) * | 2008-10-30 | 2009-03-25 | 王昌懿 | Cipher inputting method and system having identity verification |
CN101795196A (en) * | 2010-03-10 | 2010-08-04 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method and authentication system for logging in to online banks |
CN102255904A (en) * | 2011-07-07 | 2011-11-23 | 上海顶竹通讯技术有限公司 | Communication network and terminal authentication method thereof |
CN102437996A (en) * | 2010-09-29 | 2012-05-02 | 北京创前万博科技发展有限公司 | Customizing method and system of configuration file |
CN102566677A (en) * | 2011-12-13 | 2012-07-11 | 厦门市鼎朔信息技术有限公司 | System and method for processing data of calculating terminal |
CN102664877A (en) * | 2012-03-30 | 2012-09-12 | 北京千橡网景科技发展有限公司 | Method and device for exception handling in login process |
CN102739399A (en) * | 2011-04-15 | 2012-10-17 | 威达软体有限公司 | Method for unlocking communication lock of on-line game |
CN102760217A (en) * | 2012-06-26 | 2012-10-31 | 苏州微逸浪科技有限公司 | User login method of next generation data protection system |
CN102780787A (en) * | 2012-08-17 | 2012-11-14 | 广东利为网络科技有限公司 | Method and system for remotely controlling login |
CN102867362A (en) * | 2012-08-16 | 2013-01-09 | 广东世纪网通信设备有限公司 | Method, device and system for locking bank card by telephone |
CN102891841A (en) * | 2012-08-17 | 2013-01-23 | 广东世纪网通信设备有限公司 | Method, device and system for locking Internet bank account |
CN103139179A (en) * | 2011-12-01 | 2013-06-05 | 捷而思股份有限公司 | Multi-channel active type network identity verification system and network identity verification device |
CN103176798A (en) * | 2013-02-21 | 2013-06-26 | 用友软件股份有限公司 | Data interaction system and data interaction method |
CN103188241A (en) * | 2011-12-31 | 2013-07-03 | 上海第九城市信息技术有限公司 | User account management method based on mobile intelligent terminal number |
CN103237034A (en) * | 2013-04-28 | 2013-08-07 | 北京小米科技有限责任公司 | Login method and device |
CN103281192A (en) * | 2013-05-31 | 2013-09-04 | 腾讯科技(深圳)有限公司 | Method, device and system for retrieving data |
CN103475476A (en) * | 2013-09-02 | 2013-12-25 | 小米科技有限责任公司 | Method and device for logging in server by multiple terminals |
CN103501292A (en) * | 2013-09-24 | 2014-01-08 | 长沙裕邦软件开发有限公司 | Method and system for achieving data safety protection by using standby mobile phone |
WO2014040479A1 (en) * | 2012-09-12 | 2014-03-20 | 中兴通讯股份有限公司 | User identity authenticating method and device for preventing malicious harassment |
CN104200415A (en) * | 2014-09-02 | 2014-12-10 | 北京工商大学 | Real-time cheat detection method for online examination rooms |
WO2015165423A1 (en) * | 2014-04-30 | 2015-11-05 | Tencent Technology (Shenzhen) Company Limited | Account login method, apparatus, and system |
CN105207777A (en) * | 2014-06-30 | 2015-12-30 | 腾讯科技(深圳)有限公司 | Network information verification method and apparatus |
CN106162642A (en) * | 2016-07-25 | 2016-11-23 | 中国联合网络通信集团有限公司 | The authentication method of SIM and authentication device |
CN106648065A (en) * | 2016-10-20 | 2017-05-10 | 广西犇云科技有限公司 | Management cloud system integrated with intelligent wearable object and management method thereof |
CN106888195A (en) * | 2015-12-16 | 2017-06-23 | 阿里巴巴集团控股有限公司 | Verification method and device |
CN110620782A (en) * | 2019-09-29 | 2019-12-27 | 深圳市珍爱云信息技术有限公司 | Account authentication method and device, computer equipment and storage medium |
-
2007
- 2007-02-27 CN CN 200710084286 patent/CN101087193A/en active Pending
Cited By (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101394282A (en) * | 2008-10-30 | 2009-03-25 | 王昌懿 | Cipher inputting method and system having identity verification |
CN101795196A (en) * | 2010-03-10 | 2010-08-04 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method and authentication system for logging in to online banks |
CN102437996A (en) * | 2010-09-29 | 2012-05-02 | 北京创前万博科技发展有限公司 | Customizing method and system of configuration file |
CN102739399A (en) * | 2011-04-15 | 2012-10-17 | 威达软体有限公司 | Method for unlocking communication lock of on-line game |
CN102255904A (en) * | 2011-07-07 | 2011-11-23 | 上海顶竹通讯技术有限公司 | Communication network and terminal authentication method thereof |
CN102255904B (en) * | 2011-07-07 | 2015-04-22 | 上海顶竹通讯技术有限公司 | Communication network and terminal authentication method thereof |
CN103139179A (en) * | 2011-12-01 | 2013-06-05 | 捷而思股份有限公司 | Multi-channel active type network identity verification system and network identity verification device |
CN102566677A (en) * | 2011-12-13 | 2012-07-11 | 厦门市鼎朔信息技术有限公司 | System and method for processing data of calculating terminal |
CN103188241A (en) * | 2011-12-31 | 2013-07-03 | 上海第九城市信息技术有限公司 | User account management method based on mobile intelligent terminal number |
CN102664877A (en) * | 2012-03-30 | 2012-09-12 | 北京千橡网景科技发展有限公司 | Method and device for exception handling in login process |
CN102760217A (en) * | 2012-06-26 | 2012-10-31 | 苏州微逸浪科技有限公司 | User login method of next generation data protection system |
CN102867362A (en) * | 2012-08-16 | 2013-01-09 | 广东世纪网通信设备有限公司 | Method, device and system for locking bank card by telephone |
CN102780787A (en) * | 2012-08-17 | 2012-11-14 | 广东利为网络科技有限公司 | Method and system for remotely controlling login |
CN102891841A (en) * | 2012-08-17 | 2013-01-23 | 广东世纪网通信设备有限公司 | Method, device and system for locking Internet bank account |
CN102891841B (en) * | 2012-08-17 | 2016-03-30 | 广东世纪网通信设备有限公司 | The method of a kind of Web bank Account lockout, device and system |
WO2014040479A1 (en) * | 2012-09-12 | 2014-03-20 | 中兴通讯股份有限公司 | User identity authenticating method and device for preventing malicious harassment |
CN103685384A (en) * | 2012-09-12 | 2014-03-26 | 中兴通讯股份有限公司 | User authentication method and device for preventing malicious harassment |
US9729532B2 (en) | 2012-09-12 | 2017-08-08 | Zte Corporation | User identity authenticating method and device for preventing malicious harassment |
CN103176798A (en) * | 2013-02-21 | 2013-06-26 | 用友软件股份有限公司 | Data interaction system and data interaction method |
CN103237034A (en) * | 2013-04-28 | 2013-08-07 | 北京小米科技有限责任公司 | Login method and device |
CN103281192A (en) * | 2013-05-31 | 2013-09-04 | 腾讯科技(深圳)有限公司 | Method, device and system for retrieving data |
CN103281192B (en) * | 2013-05-31 | 2015-07-15 | 腾讯科技(深圳)有限公司 | Method, device and system for retrieving data |
CN103475476A (en) * | 2013-09-02 | 2013-12-25 | 小米科技有限责任公司 | Method and device for logging in server by multiple terminals |
CN103475476B (en) * | 2013-09-02 | 2018-02-13 | 小米科技有限责任公司 | The method and device of multiple terminals login service device |
CN103501292A (en) * | 2013-09-24 | 2014-01-08 | 长沙裕邦软件开发有限公司 | Method and system for achieving data safety protection by using standby mobile phone |
US10009767B2 (en) | 2014-04-30 | 2018-06-26 | Tencent Technology (Shenzhen) Company Limited | Account login method, apparatus, and system |
WO2015165423A1 (en) * | 2014-04-30 | 2015-11-05 | Tencent Technology (Shenzhen) Company Limited | Account login method, apparatus, and system |
US10645579B2 (en) | 2014-04-30 | 2020-05-05 | Tencent Technology (Shenzhen) Company Limited | Account login method, apparatus, and system |
CN105207777A (en) * | 2014-06-30 | 2015-12-30 | 腾讯科技(深圳)有限公司 | Network information verification method and apparatus |
CN105207777B (en) * | 2014-06-30 | 2019-09-20 | 腾讯科技(深圳)有限公司 | The method and apparatus of network information verifying |
CN104200415A (en) * | 2014-09-02 | 2014-12-10 | 北京工商大学 | Real-time cheat detection method for online examination rooms |
CN106888195A (en) * | 2015-12-16 | 2017-06-23 | 阿里巴巴集团控股有限公司 | Verification method and device |
US10686801B2 (en) | 2015-12-16 | 2020-06-16 | Alibaba Group Holding Limited | Selecting user identity verification methods based on verification results |
US11196753B2 (en) | 2015-12-16 | 2021-12-07 | Advanced New Technologies Co., Ltd. | Selecting user identity verification methods based on verification results |
CN106162642A (en) * | 2016-07-25 | 2016-11-23 | 中国联合网络通信集团有限公司 | The authentication method of SIM and authentication device |
CN106162642B (en) * | 2016-07-25 | 2019-11-15 | 中国联合网络通信集团有限公司 | The authentication method and authentication device of SIM card |
CN106648065A (en) * | 2016-10-20 | 2017-05-10 | 广西犇云科技有限公司 | Management cloud system integrated with intelligent wearable object and management method thereof |
CN110620782A (en) * | 2019-09-29 | 2019-12-27 | 深圳市珍爱云信息技术有限公司 | Account authentication method and device, computer equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101087193A (en) | New method for using the mobile number bond with account for identity identification | |
CN102638473B (en) | User data authorization method, device and system | |
CN101217367B (en) | An operation right judgment system and method realized by introducing right judgment client end | |
CN101742499B (en) | Account number protection system for mobile communication equipment terminal and application method thereof | |
US8590024B2 (en) | Method for generating digital fingerprint using pseudo random number code | |
CN102790674A (en) | Authentication method, equipment and system | |
CN109756446B (en) | Access method and system for vehicle-mounted equipment | |
CN105187431A (en) | Log-in method, server, client and communication system for third party application | |
CN1832401A (en) | Method for protecting safety of account number cipher | |
CN1937498A (en) | Dynamic cipher authentication method, system and device | |
CN101438530A (en) | Authentication method for wireless transactions | |
CN102868702B (en) | System login device and system login method | |
CN103853950A (en) | Authentication method based on mobile terminal and mobile terminal | |
CN104125230B (en) | A kind of short message certification service system and authentication method | |
CN103746969A (en) | Vehicle terminal authentication method and authentication server | |
CN100365974C (en) | Device and method for controlling computer access | |
CN105357186A (en) | Secondary authentication method based on out-of-band authentication and enhanced OTP (One-time Password) mechanism | |
CN101051905A (en) | Agent identity certificiation method | |
CN101594232A (en) | The authentication method of dynamic password, system and corresponding authenticating device | |
CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
CN106161348A (en) | A kind of method of single-sign-on, system and terminal | |
CN104469736B (en) | A kind of data processing method, server and terminal | |
CN105827621A (en) | Internet-based reservation platform login system and login method thereof | |
CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
KR101273285B1 (en) | Authentification agent and method for authentificating online service and system thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20071212 |