CN103023638B - A kind of auth method based on mobile terminal and device - Google Patents
A kind of auth method based on mobile terminal and device Download PDFInfo
- Publication number
- CN103023638B CN103023638B CN201110284214.2A CN201110284214A CN103023638B CN 103023638 B CN103023638 B CN 103023638B CN 201110284214 A CN201110284214 A CN 201110284214A CN 103023638 B CN103023638 B CN 103023638B
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- dynamic password
- checking mark
- mark symbol
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
This application provides a kind of auth method based on mobile terminal and device.Described method comprises: obtain the authentication request that browser end is submitted to, does described authentication request comprise user profile and current sessions mark Session? ID; According to described user profile and current sessions mark Session? ID, generates corresponding checking mark symbol; Obtain request according to the checking mark symbol that mobile terminal is submitted to, return corresponding checking mark symbol; What obtain the checking mark symbol of mobile terminal submission chooses request, extract the session identification Session of corresponding checking mark symbol? ID, and to described session identification Session? ID interpolation is verified mark; According to described session identification Session? ID is verified mark, judges that subscriber authentication is passed through.The application can improve the accuracy rate of subscriber authentication, improves the speed of authentication.
Description
Technical field
The application relates to information security field, particularly relates to a kind of auth method based on mobile terminal, and, a kind of authentication means based on mobile terminal.
Background technology
Along with the fast development of China E-Commerce Business, threatening appears in the information security of the account of e-commerce website, due to account information too simple (user name+password), user account is caused easily to be stolen, stealing rear illegal molecule utilizes the credit rating of account send commodity, transmission fishing link in violation of rules and regulations or employ account fund, and this brings heavy losses to user and website.
For improving fail safe, there is the OTP (One-timePassword based on mobile phone at present, the dynamic password of one-time pad) product, this product is the program operated on mobile phone, make use of the network service advantage of mobile phone, by network, " seed " of oneself stochastic generation is pushed to server end, consistent to ensure the seed of client and server, thus ensure verification rate of precision.User, when using this product, first needs mobile phone and user profile to bind, then logs in corresponding website, send check request, now, the OTP software on mobile phone can generate dynamic password according to " seed ", after user correctly inputs dynamic password, namely by checking.
This product is mainly used in the larger industry of customer group, as login and the payment scene of online game, Web bank, Internet securities, SAAS etc.
Mainly there is following problem in above-mentioned prior art:
First, mobile phone sends OTP when verifying, as long as OTP is consistent with the OTP that server end calculates, just by verifying.And in actual conditions, if user account is stolen, and while user sends check request, appropriator also sends check request, so within the time period that this is extremely short, two checking requests may be there are, if OTP is verified at server end, these two requests all may pass through checking, or only have passed the request that appropriator sends.Even if user account is stolen like this, the secondary checking of OTP can not protect the fail safe of user rs authentication, and verification accuracy rate is low.
Secondly, after server end returns dynamic password, user needs manually to input dynamic password again, and manual input itself exists certain danger, and more existing fishing softwares can obtain the identity information of user by this operation at present; Secondly, the process of user's input, sends and receives note and all can expend the regular hour, makes user need to wait for that the long period just can complete the operation of checking.
Therefore, the technical problem needing those skilled in the art to solve at present is exactly how creatively to propose a kind of Authentication mechanism based on mobile terminal, in order to improve the accuracy rate of subscriber authentication, improves the speed of authentication.
Summary of the invention
Technical problems to be solved in this application are, provide a kind of auth method based on mobile terminal, in order to improve the accuracy rate of subscriber authentication, improve the speed of authentication.
Present invention also provides a kind of authentication means based on mobile terminal, in order to ensure said method application in practice and realization.
In order to solve the problem, this application discloses a kind of auth method based on mobile terminal, comprising:
Obtain the authentication request that browser end is submitted to, described authentication request comprises user profile and current sessions mark SessionID;
According to described user profile and current sessions mark SessionID, generate corresponding checking mark symbol;
Obtain request according to the checking mark symbol that mobile terminal is submitted to, return corresponding checking mark symbol;
What obtain the checking mark symbol of mobile terminal submission chooses request, extracts the session identification SessionID of corresponding checking mark symbol, and is verified mark to described session identification SessionID interpolation;
Be verified mark according to described session identification SessionID, judge that subscriber authentication is passed through.
Preferably, described method also comprises:
At the incidence relation of server end preservation current user information with corresponding user identifier.
Preferably, described server end preserve current user information comprise with the step of the incidence relation of corresponding user identifier:
According to the current user information that browser end is submitted to, generate corresponding user identifier, and be illustrated in browser end;
Obtain the described user identifier that mobile terminal gathers;
Judge that whether the user identifier that mobile terminal gathers is consistent with the user identifier that server end generates, if so, then user identifier is associated with current user information, and preserve this incidence relation, and described user identifier is kept at mobile terminal.
Preferably, the described checking mark symbol submitted to according to mobile terminal obtains request, and the step returning corresponding checking mark symbol comprises:
The checking mark symbol acquisition request that mobile terminal receive is submitted to, described checking mark symbol obtains the first dynamic password and the user identifier that request comprises mobile terminal generation;
Verify that whether described first dynamic password is legal, if so, then extract corresponding user profile according to described user identifier, and extract corresponding checking mark symbol according to described user profile;
Described user profile is converted into check information according to preset format, and the checking mark symbol of described check information and correspondence is sent to mobile terminal.
Preferably, the described checking mark symbol submitted to according to mobile terminal obtains request, and the step returning corresponding checking mark symbol also comprises:
Described check information is shown at mobile terminal.
Preferably, the checking mark symbol that described acquisition mobile terminal is submitted to choose request, extract the session identification SessionID of corresponding checking mark symbol, and the step being verified mark is added to session identification SessionID comprise:
The checking mark symbol submitted to according to described mobile terminal choose request, verify that whether described second dynamic password legal;
If so, the session identification SessionID that the selection information extraction then accorded with according to described checking mark is corresponding, and described session identification SessionID is added be verified mark;
The request of choosing of wherein said checking mark symbol generates in the following way:
By passing through mobile terminal selection check information, and generate the selection information of corresponding checking mark symbol according to the check information selected, and produce the second dynamic password; What the selection information accorded with according to described checking mark and the second dynamic password generation checking mark accorded with chooses request.
Preferably, described server end preserves the time seed that mobile terminal sends; The time seed that described first dynamic password is stored by mobile terminal and the first relative time generate, and the whether legal step of described checking first dynamic password comprises:
The time seed stored according to server end and the first relative time, generate the first contrast dynamic password;
Judge whether the absolute value of the difference of described first contrast dynamic password and the first dynamic password is less than pre-set threshold value; If so, then described first dynamic password is legal.
Preferably, the time seed that described second dynamic password is stored by mobile terminal and the second relative time generate, and the whether legal step of described checking second dynamic password comprises:
The time seed stored according to server end and the second relative time, generate the second contrast dynamic password;
Judge whether the difference of described second contrast dynamic password and the second dynamic password is less than pre-set threshold value.
If so, then described second dynamic password is legal.
Preferably, the step that whether described checking second dynamic password is legal also comprises:
According to the seed time of described second dynamic password adjustment server end.
Present invention also provides a kind of authentication means based on mobile terminal, comprising:
Authentication request acquisition module, for obtaining the authentication request that browser end is submitted to, described authentication request comprises user profile and current sessions mark SessionID;
Checking mark symbol generation module, for according to described user profile and current sessions mark SessionID, generates corresponding checking mark symbol;
Checking mark symbol returns module, obtains request, return corresponding checking mark symbol for the checking mark symbol submitted to according to mobile terminal;
Mark and add module, what the checking mark submitted to for obtaining mobile terminal accorded with chooses request, extracts the session identification SessionID of corresponding checking mark symbol, and is verified mark to described session identification SessionID interpolation;
Judging by module, for being verified mark according to described session identification SessionID, judging that subscriber authentication is passed through.
Compared with prior art, the application has the following advantages:
The application generates corresponding checking mark symbol according to there being the authentication request of user, and the details that the user corresponding to being accorded with by checking mark asks send to user, after user selects check request, just the check request of correspondence can be passed through, if also have issued checking request after user account is stolen, user just can see multiple solicited message at mobile terminal, the solicited message that user can only select oneself to approve, thus improves the accuracy rate of user rs authentication.
Secondly, user submits to authentication request to trigger verification operation at mobile terminal, and user is without the need to carrying out input password, send the operations such as note, enormously simplify the operation that user carries out verifying, compared to traditional OTP hardware product, improve the speed of authentication; The fail safe that password also strengthens user rs authentication is manually inputted without the need to user.
In addition, when mobile terminal and user profile being bound, directly in the information of acquisition for mobile terminal user identifier, input loaded down with trivial details identifying code without user, simple and fast.
Accompanying drawing explanation
Fig. 1 is the flow chart of a kind of auth method embodiment 1 based on mobile terminal of the application;
Fig. 2 is the flow chart of a kind of auth method embodiment 2 based on mobile terminal of the application;
Fig. 3 is the structured flowchart of a kind of authentication means embodiment 1 based on mobile terminal of the application;
Fig. 4 is the structured flowchart of a kind of authentication means embodiment 2 based on mobile terminal of the application.
Embodiment
For enabling above-mentioned purpose, the feature and advantage of the application more become apparent, below in conjunction with the drawings and specific embodiments, the application is described in further detail.
Existing user information safety technology main flow, to improve based on the fail safe of verification authority, proposes the mode repeatedly verified, as certificate verification, mailbox verification.But the defect of these verification authoritys self is very fatal, as certificate needs to install and the computer be only confined in current use, be also easily subject to the impact of operating system environment simultaneously; And also there is the stolen risk of mailbox account number in mailbox verification.
Along with the complexity of the application scenarios of user, OTP product obtains the favor of user gradually, and is widely used.As " paying baby to make ", " general order ", " handset token " etc.
" payment baby make " and " general order " belong to hardware based OTP safety product, and its basic ideas are, when hardware dispatches from the factory, for it arranges an initial value, are referred to as " seed " in the application.Along with the change " seed " of time is also grown up gradually; Its form of expression is, some of short duration time after, along with the change of " seed ", the OTP be presented on hardware screen also changes thereupon, there is the same seed too in server end, as long as the time keeps synchronous, it is consistent that the OTP calculated just can ensure, thus reaches the effect of safety check.
This series products has the plurality of advantages such as portable, high safety, easily use, but also there is the easily shortcoming such as loss, cost high (hardware security product majority needs charged extra), useful life limitation simultaneously.
" handset token " is that OTP product is made software, and carry out combination with mobile phone and play a role, similar with the OTP product of hardware, the accuracy rate verified is ensured based on seed algorithm lock in time, but places different is with it, it makes use of the network service advantage of mobile phone, by network, " seed " of oneself stochastic generation is pushed to server end, consistent to ensure the seed of client and server, thus ensure verification accuracy rate.
Because mobile phone is that user carries with, not easily lose, even and if after losing, also can be realized in time by user, effectively can alleviate OTP safety product and lose the problem brought.The OTP product of software form is as application program, and it has the advantage of conveniently disposing, being easy to maintenance, and its Function Extension ability also exceedes traditional hardware OTP.
But the existing OTP safety product based on software exists following problem: if first user account is stolen, OTP verification also by the checking request of appropriator, may cannot ensure the fail safe of user rs authentication; Secondly checking procedure is complicated, needs manually to input, send multiple operation such as note request and input validation code, makes user need to wait for that the long period just can complete the operation of checking.
One of core idea of the application is, according to the authentication request having user, generate corresponding checking mark symbol, and the details that the user corresponding to being accorded with by checking mark asks send to user, after user checks check request and selects, session identification SessionID corresponding for the checking mark of selection symbol can be labeled as and pass through by server end, thus decision verification passes through.
With reference to figure 1, it illustrates the flow chart of a kind of auth method embodiment 1 based on mobile terminal of the application, specifically can comprise the following steps:
The authentication request that step 101, acquisition browser end are submitted to, described authentication request comprises user profile and current sessions mark SessionID.
In the application, user, at register, namely after primary information verification (password encryption code), also needs to carry out secondary information verification.Secondary information verification can be interpreted as the complement operation to first time account number cipher verification intuitively, namely according to the user profile of previously input, automatically an identifier of this dialogue corresponding is generated by browser, i.e. session identification SessionID, for this Session of identifying user (session).Then send authentication request information to server end, solicited message comprises: user profile and SessionID.
Wherein, Session is effective information interaction means on a kind of WEB, it is the interactive information state set up between client browser and server end, automatically produced by server end when user enters website, and discharge when user normally leaves website, the activity of user on website can be understood by Session.Use Session time, can by with user-dependent information, the account number, the pet name etc. of such as user are saved in Session.In a practical situation, because same user account likely has multiple request in section at one time, this means may there is multiple different SessionID in certain time period, namely a user profile may corresponding multiple SessionID.
Step 102, according to described user profile and current sessions mark SessionID, generate corresponding checking mark symbol.
After received server-side to the authentication request of user, can according to the user profile wherein comprised and SessionID, generate the checking mark symbol of corresponding current authentication request, this identifier is unique, to ask to distinguish with other.
When user has multiple checking to ask, because a user profile can corresponding multiple SessionID, so a user profile can corresponding multiple checking mark symbol.
Step 103, the checking mark symbol acquisition request submitted to according to mobile terminal, return corresponding checking mark symbol.
In a preferred embodiment of the present application, described step 103 can comprise:
The checking mark symbol acquisition request that sub-step S11, mobile terminal receive are submitted to, described checking mark symbol obtains the first dynamic password and the user identifier that request comprises mobile terminal generation.
User is needed the solicited message of being checked submission by mobile terminal, confirms solicited message after logging in, thus ensures the fail safe of verification.Now, checking mark can be submitted to accord with the request of acquisition to server end after validation.After server end is subject to this request, need the user profile obtaining mobile terminal could extract corresponding checking mark symbol.Therefore, checking mark symbol obtains in request and needs to comprise user related information.In concrete realization, be ensure safety, can not preserve user profile, but preserve the user identifier corresponding with user profile in mobile terminal, server end preserves the incidence relation of current user information and corresponding user identifier.
Checking mark symbol obtain request in also comprise generated by mobile terminal there is ageing dynamic password.User uses certain application will send dynamic password to server end at every turn, and only have the serviced device end verification of dynamic password to pass through, the operation for this application just can come into force; And user must verify with a dynamic password within effective time, effective time exceeds, and dynamic password will change, and a dynamic password can only use once, thus ensure that the fail safe that user verifies.
In concrete realization.The time seed that described first dynamic password can be stored by mobile terminal and the first relative time generate.Time seed is generally the variable of a value type, and why being referred to as seed is because itself and time variations have relation, obtain dynamic password, but seed is forever constant by the passing of time and fixing algorithm.
Sub-step S12, verify that whether described first dynamic password is legal, if so, then perform sub-step S13.
In a kind of preferred embodiment of the application, described sub-step S12 can comprise:
The time seed that sub-step S12-1, foundation server end store and the first relative time, generate the first contrast dynamic password.
Sub-step S12-2, judge whether the absolute value of difference of described first contrast dynamic password and the first dynamic password is less than pre-set threshold value, and if so, then described first dynamic password is legal.
In concrete realization, described method can also comprise: preserve current user information and the incidence relation of corresponding user identifier at server end, can be realized by following steps:
According to the current user information that browser end is submitted to, generate corresponding user identifier, and be illustrated in browser end;
Obtain the described user identifier that mobile terminal gathers;
Judge that whether the user identifier that mobile terminal gathers is consistent with the user identifier that server end generates;
If so, then user identifier is associated with current user information, and preserve this incidence relation, and described user identifier is kept at mobile terminal.
Before user utilizes mobile terminal to verify, need first mobile terminal and server end to be bound, namely server end specifies a sequence number conduct, and mobile terminal carries out the user identifier substituting user profile when information is transmitted.
In the present embodiment, user identifier can adopt Quick Response Code sequence number (QRCODE), its similar bar code function, be graphic based and readable a kind of matrix two-dimensional code sign, it has, and the information capacity that bar code and two-dimensional bar code have is large, reliability is high, can represent Chinese character and image etc., has the advantages such as security and antiforge purpose is strong.
User is when browser end sees Quick Response Code sequence number, the image collecting function that mobile terminal carries can be used, as camera, gather the image information of this Quick Response Code sequence number, after received server-side to the image information of Quick Response Code sequence number, judge whether the information that itself and the Quick Response Code sequence number generated comprise is the same.In addition, then the Quick Response Code sequence number that also can be identified wherein by mobile terminal is sent to server end.This step is to check whether mobile phone can be used, and is also that the one obtaining user's license proves simultaneously.
If the same, user identifier associates with user profile by server end, specifically can adopt the form of mapping, and these mapping relations are kept at server end, user identifier is kept at mobile terminal, verifies to server end to send user identifier when user rs authentication.
The step of this binding can complete before user verifies.When server end verifies the first dynamic password, the time seed first preserved by it, the first relative time and fixing algorithm obtain dynamic password.This dynamic password contrasts with the first dynamic password generated by mobile terminal, determines whether consistent, thus can verify that whether the first dynamic password is legal.
Due to the complexity of mobile terminal in reality, likely life period synchronous error, thus have influence on first dynamic password generate on have deviation.So server end all have employed certain fault-tolerant measure in each verification, although namely the first dynamic password is not identical with the first contrast dynamic password, but, as long as their difference is in an error burst, just can think that the first dynamic password is legal.
Sub-step S13, the user profile corresponding according to described user identifier extraction, and extract corresponding checking mark symbol according to described user profile.
If the first dynamic password is legal, server end can find corresponding user profile according to the user identifier in solicited message, and extracts corresponding checking mark symbol according to user profile, and checking mark symbol may be one herein, also may be multiple.
Sub-step S14, described user profile is converted into check information according to preset format, and the checking mark symbol of described check information and correspondence is sent to mobile terminal.
Because user is after browser terminal logs in, the user profile that server end obtains the readable form of non-user, such as, the IP address of place network is comprised in user profile, but user checks according to IP address and does not know concrete entry address, the source of solicited message cannot be judged, thus cannot confirm.So at this, needing to be the readable actual address of user by IP address transition, if IP address is 192.168.1.189, is No. 31, ZhongGuanCun south Street, Haidian District, BeiJing City after conversion.If in reality, user does not propose check request in this address, illustrates that the account of user may be stolen, user only otherwise confirm this information, so ensuing checking just can not go on, and the checking request of this address just have failed, and can ensure the fail safe that user verifies like this.
In a preferred embodiment of the present application, described step 103 can also comprise:
Sub-step S15, show described check information at mobile terminal.
At mobile terminal, the mobile terminal of described check information user is shown, can be used for user to select the request oneself needing to continue checking.
What the checking mark that step 104, acquisition mobile terminal are submitted to accorded with chooses request, extracts the session identification SessionID of corresponding checking mark symbol, and is verified mark to described session identification SessionID interpolation.
In a preferred embodiment of the present application, described step 104 can comprise:
Sub-step S21, user are by mobile terminal selection check information, and mobile terminal generates the selection information of corresponding checking mark symbol according to described check information, and produces the second dynamic password.
Mobile terminal carries out, in the process of information transmission, all sending current dynamic password to server end, to guarantee the fail safe of user rs authentication.
The selection information that sub-step S22, described mobile terminal accord with according to described checking mark and the second dynamic password, what generate checking mark symbol chooses request.
User to select check information at mobile terminal and confirms, because check information, user profile and checking mark symbol also exists corresponding relation, so that is to say that have selected corresponding checking mark accords with, mobile terminal according to the check information selected, can generate the selection information of checking mark symbol.Selection information and dynamic password can form checking mark symbol choose request.
Sub-step S23, submit to according to described mobile terminal checking mark symbol choose request, verify that whether described second dynamic password legal, if so, then perform sub-step S24.
In concrete realization, the time seed that described second dynamic password can be stored by mobile terminal and the second relative time generate, and described sub-step S23 can comprise:
The time seed that sub-step S23-1, foundation server end store and the second relative time, generate the second contrast dynamic password.
Dynamic password is added certain algorithm according to current time and time seed and is generated, and because the time is changing, dynamic password is now the second dynamic password of this verification.
Sub-step S23-2, judge whether described second contrast dynamic password and the difference of the second dynamic password are less than pre-set threshold value, and if so, then described second dynamic password is legal.
Identical with the judgement of the first dynamic password, judge that whether the second dynamic password is legal, judge it exactly and second whether contrast the difference of dynamic password in pre-set interval, namely whether the absolute value of difference is less than certain pre-set threshold value.
In a preferred embodiment of the present application, described sub-step S23 can also comprise:
Sub-step S23-3, according to described second dynamic password adjustment server end seed time.
If the first dynamic password is not identical with the second contrast dynamic password, but there is certain difference being less than pre-set threshold value, judge legal after, also need the time seed of server end to adjust to be consistent with the time seed of mobile terminal, thus make next time checking more accurate.This makes frequently to use, and its validation error is less.
The session identification SessionID that sub-step S24, the selection information extraction accorded with according to described checking mark are corresponding, and described session identification SessionID is added be verified mark.
According to the check request that the known user of selection information of checking mark symbol confirms, server end extracts corresponding session identification SessionID according to checking mark symbol, then SessionID is added the mark be verified.
Step 105, be verified mark according to described session identification SessionID, judge that subscriber authentication is passed through.
Session ID SessionID marks by namely representing that this dialogue is by demonstrating, the verification of user is successfully completed, browser end is known and is verified, the prompting verified can be sent to browser terminal by server end, whether also can inquire about SessionID by browser to have done and be verified mark, the application is not restricted at this.
With reference to figure 2, it illustrates the flow chart of a kind of auth method embodiment 2 based on mobile terminal of the application, specifically can comprise binding step and a key verification step:
One, step is bound:
Step 201, the current user information submitted to according to browser end, generate corresponding user identifier, and be illustrated in browser end;
The described user identifier that step 202, acquisition mobile terminal gather;
Step 203, judge that whether the user identifier that mobile terminal gathers is consistent with the user identifier that server end generates, if so, then perform step 204;
Step 204, user identifier to be associated with current user information, and preserve this incidence relation, and described user identifier is kept at mobile terminal.
Two, checking procedure:
The authentication request that step 205, acquisition browser end are submitted to, described authentication request comprises user profile and current sessions mark SessionID;
Step 206, according to described user profile and current sessions mark SessionID, generate corresponding checking mark symbol;
The checking mark symbol acquisition request that step 207, mobile terminal receive are submitted to, described checking mark symbol obtains the first dynamic password and the user identifier that request comprises mobile terminal generation;
Step 208, verify that whether described first dynamic password is legal, if so, perform step 209;
Step 209, the user profile corresponding according to described user identifier extraction, and extract corresponding checking mark symbol according to described user profile;
Step 210, described user profile is converted into check information according to preset format, and the checking mark symbol of described check information and correspondence is sent to mobile terminal;
Step 211, show described check information at mobile terminal;
Step 212, user are by mobile terminal selection check information, and mobile terminal generates the selection information of corresponding checking mark symbol according to described check information, and produces the second dynamic password;
What the selection information that step 213, described mobile terminal accord with according to described checking mark and the second dynamic password generated checking mark symbol chooses request;
Step 214, submit to according to described mobile terminal checking mark symbol choose request, verify that whether described second dynamic password legal, if so, perform step 215;
The session identification SessionID that step 215, the selection information extraction accorded with according to described checking mark are corresponding, and described session identification SessionID is added be verified mark;
Step 216, be verified mark according to described session identification SessionID, judge that subscriber authentication is passed through.
For making those skilled in the art understand the application better, illustrate that how user carries out authentication based on mobile terminal below by way of a concrete example.
Certain user needs to conclude the business on a shopping website, and use the method for the application to carry out authentication, the mobile terminal of user is mobile phone.
First, the information of oneself and mobile phone are bound by user.User logs on this shopping website by browser, log-on message comprises user name (UserID) Annie, password 123456, after browser confirms that input information is correct, the page there will be the option of " binding mobile phone ", after user clicks this option, user profile is sent to server end by browser.
Server end can generate corresponding user identifier according to user profile, is called for short UUID herein.Then this user identifier is illustrated in browser end, shows as the form of Quick Response Code sequence number.Herein, Quick Response Code sequence number and user profile can map by server end, preserve in the buffer value form with key, as follows:
Key=UUID,Value=UserID
Now, user can start the camera of mobile phone, Quick Response Code sequence number is taken pictures into picture, and is sent to server end, and then the Quick Response Code sequence number that also can be gone out wherein by handset identity is sent to server end.
After received server-side to the information of Quick Response Code sequence number, can search in the buffer and whether there is the same Quick Response Code sequence number, i.e. UUID, if find, extract the Value that the Key of UUID is corresponding, UserID and UUID corresponding for Value is mapped, preserve in a database, and the seed of the stochastic generation that mobile terminal is sended over and these mapping relations, current relative time is preserved in a database, and UUID is kept at mobile terminal.So, the process of binding is just completed.
Next, user can carry out safer transaction at this shopping website.First user inputs username and password and once verifies, and once verifies by rear, and website can be ejected secondary verification frame, user can click acknowledgement key and determine to carry out secondary verification.
After determining, browser can send proof of identity request to server end, the mark SessionID specifically comprising user profile and this dialogue is sent to server end, user profile comprises user name, user's login time and user and logs in IP, as UserID:Annie, LoginTime:2011-5-911:11:11, LoginIP:211.10.185.1.After received server-side to proof of identity request, according to this request generation checking mark symbol, be called for short CheckID.
Now, user needs to check and confirms the check request oneself submitted to, check request especially by mobile phone to server end transmission, this checks that request includes: the first dynamic password that mobile phone generates according to time seed and current time, and user identifier UUID.
After received server-side has arrived this request, first generate the first contrast dynamic password according to deposited time seed and current time, then calculate the difference of itself and the first dynamic password, after taking absolute value, judge whether this absolute value is less than default value.If be less than, just find corresponding UserID according to UUID, checking mark corresponding for UserID symbol CheckID is extracted.Now, also user profile corresponding for UserID can be converted to check information, the form that namely user is readable:
Original subscriber's information is: UserID:Annie, LoginTime:2011-5-911:11:11, LoginIP:211.10.185.1.
Check information after conversion is: Ann, 2011-5-911:11:11, Bei Taipingzhuang, Beijing KFC.
Then check information and checking mark symbol are sent to user mobile phone, mobile phone screen is shown.If now, a log-on message of this user is stolen, also have issued a check request, and at server end, user profile will accord with by corresponding two checking marks, two check informations.These two groups of information can all be dealt on user mobile phone by server end, show below:
Your logging request list:
User name Ann asks to log in
Request place: Bei Taipingzhuang, Beijing KFC
Request time: 2011-5-911:11:11
User name Ann asks to log in
Request place: Hangzhou group of Alibaba
Request time: 2011-5-911:10:11
When user sees solicited message list, can find oneself only to have issued a request, in fact received server-side two requests, and the place that address is oneself not to be gone, thus, user can find that the user profile of oneself may be stolen, only confirms first solicited message, mobile phone can generate the selection information of CheckID according to this confirmation, and the selection information of CheckID and the second dynamic password of now generating is formed and choose request and send to server end.
Received server-side is to after choosing request, generate current second contrast dynamic password, judge whether the absolute difference of the second dynamic password and the second contrast dynamic password is less than preset value, if be less than, the SessionID that CheckID is corresponding selected by the selection information extraction of CheckID, adds and is verified mark.
Meanwhile utilize AJAX technology, this shopping website just inquires about proofing state corresponding to this SessionID at server end in every 5 seconds, and when inquiring after SessionID is labeled as clearance, website just display user rs authentication is passed through.
In sum, this application provides a kind of auth method based on mobile terminal, corresponding checking mark symbol is generated according to there being the authentication request of user, and the details that the user corresponding to being accorded with by checking mark asks send to user, after user selects check request, just the check request of correspondence can be passed through, if also have issued checking request after user account is stolen, user just can see multiple solicited message at mobile terminal, the solicited message that user can only select oneself to approve, thus improve the accuracy rate of user rs authentication.
Secondly, user submits to authentication request to trigger verification operation at mobile terminal, and user is without the need to carrying out input password, send the operations such as note, enormously simplify the operation that user carries out verifying, the speed of its authentication is 2-3 times of input dynamic password, improves the efficiency of authentication.In addition, manually input without the need to user the fail safe that password also strengthens user rs authentication.
In addition, time user and mobile terminal carry out binding, by generating user identifier at server end, user can directly in the image information of acquisition for mobile terminal user identifier, and binding procedure was less than 2 seconds, and user is without the need to carrying out input password, send the operations such as note, enormously simplify the operation that user carries out verifying, compared to traditional OTP hardware product, the application improves the efficiency of authentication.
For embodiment of the method, in order to simple description, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the application is not by the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in specification all belongs to preferred embodiment, and involved action and module might not be that the application is necessary.
With reference to figure 3, it illustrates the structured flowchart of a kind of authentication means embodiment 1 based on mobile terminal of the application, specifically can comprise with lower module:
Authentication request acquisition module 301, for obtaining the authentication request that browser end is submitted to, described authentication request comprises user profile and current sessions mark SessionID;
Checking mark symbol generation module 302, for according to described user profile and current sessions mark SessionID, generates corresponding checking mark symbol;
Checking mark symbol returns module 303, obtains request, return corresponding checking mark symbol for the checking mark symbol submitted to according to mobile terminal;
Mark and add module 304, what the checking mark submitted to for obtaining mobile terminal accorded with chooses request, extracts the session identification SessionID of corresponding checking mark symbol, and is verified mark to described session identification SessionID interpolation;
Judging by module 305, for being verified mark according to described session identification SessionID, judging that subscriber authentication is passed through.
In a kind of preferred embodiment of the application, described device can also comprise:
Incidence relation preserves module, for preserving the incidence relation of current user information and corresponding user identifier at server end.In concrete realization, comprise following submodule:
User identifier generates submodule, for the current user information submitted to according to browser end, generates corresponding user identifier, and is illustrated in browser end;
User identifier obtains submodule, for obtaining the described user identifier that mobile terminal gathers;
Whether information judges submodule, consistent with the user identifier that server end generates for judging the user identifier that mobile terminal gathers;
Information preserves submodule, for if so, then being associated with current user information by user identifier, and preserves this incidence relation, and described user identifier is kept at mobile terminal.
In a kind of preferred embodiment of the application, described checking mark symbol returns module 303 and can comprise:
Acquisition request submodule, for the checking mark symbol acquisition request that mobile terminal receive is submitted to, described checking mark symbol obtains the first dynamic password and the user identifier that request comprises mobile terminal generation;
First verifying dynamic password submodule, whether legal for verifying described first dynamic password;
Checking mark symbol extracts submodule, for if so, then extracting corresponding user profile according to described user identifier, and extracts corresponding checking mark symbol according to described user profile;
Check information generates submodule, for described user profile is converted into check information according to preset format, and the checking mark symbol of described check information and correspondence is sent to mobile terminal.
In a kind of preferred embodiment of the application, described checking mark symbol returns module 303 and can also comprise:
Check information shows submodule, for showing described check information at mobile terminal.
In a kind of preferred embodiment of the application, described mark adds module 304 and can comprise:
Second dynamic password generates submodule, and for user by mobile terminal selection check information, mobile terminal generates the selection information of corresponding checking mark symbol according to described check information, and produces the second dynamic password;
Request of choosing generates submodule, and what the selection information accorded with according to described checking mark for described mobile terminal and the second dynamic password generated checking mark symbol chooses request;
Second verifying dynamic password submodule, what the checking mark for submitting to according to described mobile terminal accorded with chooses request, verifies that whether described second dynamic password is legal;
Verification mark adds submodule, the session identification SessionID that the selection information extraction for if so, then according with according to described checking mark is corresponding, and adds described session identification SessionID and be verified mark.
In a kind of preferred embodiment of the application, described device can preserve the time seed that mobile terminal sends; The time seed that described first dynamic password can be stored by mobile terminal and the first relative time generate, and described first verifying dynamic password submodule can comprise:
First contrast dynamic password generates submodule, for according to the time seed stored in described device and the first relative time, generates the first contrast dynamic password;
First difference judges submodule, and whether the absolute value for the difference judging described first contrast dynamic password and the first dynamic password is less than pre-set threshold value, and if so, then described first dynamic password is legal.
In a kind of preferred embodiment of the application, the time seed that described second dynamic password can be stored by mobile terminal and the second relative time generate, and described second verifying dynamic password submodule can comprise:
Second contrast dynamic password generates submodule, for according to the time seed stored in described device and the second relative time, generates the second contrast dynamic password;
Second difference judges submodule, judges whether the difference of described second contrast dynamic password and the second dynamic password is less than pre-set threshold value, and if so, then described second dynamic password is legal.
In a kind of preferred embodiment of the application, described second verifying dynamic password submodule can also comprise:
Seed time adjustment submodule, for adjusting the seed time of described device according to described second dynamic password.
With reference to figure 4, it illustrates the structured flowchart of a kind of authentication means embodiment 2 based on mobile terminal of the application, specifically can comprise binding module and a key verification module:
One, binding module:
User identifier generation module 401, for the current user information submitted to according to browser end, generates corresponding user identifier, and is illustrated in browser end;
User identifier acquisition module 402, for obtaining the described user identifier that mobile terminal gathers;
Signal judgement module 403, whether consistent with the user identifier that server end generates for judging the user identifier that mobile terminal gathers;
Information preserves module 404, for if so, then being associated with current user information by user identifier, and preserves this incidence relation, and described user identifier is kept at mobile terminal.
Two, a key verification module:
Authentication request acquisition module 405, for obtaining the authentication request that browser end is submitted to, described authentication request comprises user profile and current sessions mark SessionID;
Checking mark symbol generation module 406, for according to described user profile and current sessions mark SessionID, generates corresponding checking mark symbol;
Acquisition request module 407, for the checking mark symbol acquisition request that mobile terminal receive is submitted to, described checking mark symbol obtains the first dynamic password and the user identifier that request comprises mobile terminal generation;
First verifying dynamic password module 408, whether legal for verifying described first dynamic password;
Checking mark symbol extraction module 409, for if so, then extracting corresponding user profile according to described user identifier, and extracts corresponding checking mark symbol according to described user profile;
Check information generation module 410, for described user profile is converted into check information according to preset format, and is sent to mobile terminal by the checking mark symbol of described check information and correspondence.
Check information display module 411, for showing described check information at mobile terminal.
Second dynamic password generation module 412, for user by mobile terminal selection check information, mobile terminal generates the selection information of corresponding checking mark symbol according to described check information, and produces the second dynamic password;
Choose request generation module 413, what the selection information accorded with according to described checking mark for described mobile terminal and the second dynamic password generated checking mark symbol chooses request;
Second verifying dynamic password module 414, what the checking mark for submitting to according to described mobile terminal accorded with chooses request, verifies that whether described second dynamic password is legal;
Verification mark adds module 415, the session identification SessionID that the selection information extraction for if so, then according with according to described checking mark is corresponding, and adds described session identification SessionID and be verified mark.
Judging by module 416, for being verified mark according to described session identification SessionID, judging that subscriber authentication is passed through.
Because described device embodiment is substantially corresponding to the embodiment of the method shown in earlier figures 1 and Fig. 2, therefore not detailed part in the description of the present embodiment, see the related description in previous embodiment, just can not repeat at this.
The application can be used in numerous general or special purpose computing system environment or configuration.Such as: personal computer, server computer, handheld device or portable set, laptop device, multicomputer system, system, set top box, programmable consumer-elcetronics devices, network PC, minicom, mainframe computer, the distributed computing environment (DCE) comprising above any system or equipment etc. based on microprocessor.
The application can describe in the general context of computer executable instructions, such as program module.Usually, program module comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.Also can put into practice the application in a distributed computing environment, in these distributed computing environment (DCE), be executed the task by the remote processing devices be connected by communication network.In a distributed computing environment, program module can be arranged in the local and remote computer-readable storage medium comprising memory device.
In this article, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical element.
Finally, also it should be noted that, in this article, the such as relational terms of first and second grades and so on is only used for an entity or operation to separate with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical element.
Above to a kind of auth method based on mobile terminal that the application provides, and, a kind of authentication means based on mobile terminal is described in detail, apply specific case herein to set forth the principle of the application and execution mode, the explanation of above embodiment is just for helping method and the core concept thereof of understanding the application; Meanwhile, for one of ordinary skill in the art, according to the thought of the application, all will change in specific embodiments and applications, in sum, this description should not be construed as the restriction to the application.
Claims (10)
1. based on an auth method for mobile terminal, it is characterized in that, comprising:
Obtain the authentication request that browser end is submitted to, described authentication request comprises user profile and current session identification SessionID;
According to described user profile and current session identification SessionID, generate corresponding checking mark symbol;
Request is obtained according to the checking mark symbol that mobile terminal is submitted to, the first dynamic password that described mobile terminal is generated carry out checking legal after, described user profile is transformed according to preset format and obtains check information, return described check information and corresponding checking mark symbol;
What obtain the checking mark symbol submitted to after mobile terminal generates the selection information of checking mark symbol according to the check information selected chooses request, extract the session identification SessionID of corresponding checking mark symbol, and mark is verified to described session identification SessionID interpolation;
Be verified mark according to described session identification SessionID, judge that subscriber authentication is passed through.
2. the method for claim 1, is characterized in that, also comprises:
At the incidence relation of server end preservation current user information with corresponding user identifier.
3. method as claimed in claim 2, is characterized in that, describedly preserves current user information at server end and comprises with the step of the incidence relation of corresponding user identifier:
According to the current user information that browser end is submitted to, generate corresponding user identifier, and be illustrated in browser end, described user identifier is Quick Response Code sequence number;
Obtain the described user identifier that mobile terminal gathers;
Judge that whether the user identifier that mobile terminal gathers is consistent with the user identifier that server end generates, if so, then user identifier is associated with current user information, and preserve this incidence relation, and described user identifier is kept at mobile terminal.
4. method as claimed in claim 3, is characterized in that, the described checking mark symbol submitted to according to mobile terminal obtains request, and the step returning corresponding checking mark symbol comprises:
The checking mark symbol acquisition request that mobile terminal receive is submitted to, described checking mark symbol obtains the first dynamic password and the user identifier that request comprises mobile terminal generation;
Verify that whether described first dynamic password is legal, if so, then extract corresponding user profile according to described user identifier, and extract corresponding checking mark symbol according to described user profile;
Described user profile is converted into check information according to preset format, and the checking mark symbol of described check information and correspondence is sent to mobile terminal.
5. method as claimed in claim 4, is characterized in that, the described checking mark symbol submitted to according to mobile terminal obtains request, and the step returning corresponding checking mark symbol also comprises:
Described check information is shown at mobile terminal.
6. method as claimed in claim 5, it is characterized in that, the checking mark symbol that described acquisition mobile terminal is submitted to choose request, extract the session identification SessionID of corresponding checking mark symbol, and the step being verified mark is added to session identification SessionID comprise:
The checking mark symbol submitted to according to described mobile terminal choose request, verify that whether the second dynamic password legal;
If so, the session identification SessionID that the selection information extraction then accorded with according to described checking mark is corresponding, and described session identification SessionID is added be verified mark;
The request of choosing of wherein said checking mark symbol generates in the following way:
By passing through mobile terminal selection check information, and generate the selection information of corresponding checking mark symbol according to the check information selected, and produce the second dynamic password; What the selection information accorded with according to described checking mark and the second dynamic password generation checking mark accorded with chooses request.
7. method as claimed in claim 4, is characterized in that, described server end preserves the time seed that mobile terminal sends; The time seed that described first dynamic password is stored by mobile terminal and the first relative time generate, and the whether legal step of described checking first dynamic password comprises:
The time seed stored according to server end and the first relative time, generate the first contrast dynamic password;
Judge whether the absolute value of the difference of described first contrast dynamic password and the first dynamic password is less than pre-set threshold value; If so, then described first dynamic password is legal.
8. method as claimed in claim 6, is characterized in that, the time seed that described second dynamic password is stored by mobile terminal and the second relative time generate, and the whether legal step of described checking second dynamic password comprises:
The time seed stored according to server end and the second relative time, generate the second contrast dynamic password;
Judge whether the difference of described second contrast dynamic password and the second dynamic password is less than pre-set threshold value;
If so, then described second dynamic password is legal.
9. method as claimed in claim 8, is characterized in that, the whether legal step of described checking second dynamic password also comprises:
According to the seed time of described second dynamic password adjustment server end.
10. based on an authentication means for mobile terminal, it is characterized in that, comprising:
Authentication request acquisition module, for obtaining the authentication request that browser end is submitted to, described authentication request comprises user profile and current session identification SessionID;
Checking mark symbol generation module, for according to described user profile and current session identification SessionID, generates corresponding checking mark symbol;
Checking mark symbol returns module, checking mark symbol for submitting to according to mobile terminal obtains request, the first dynamic password that described mobile terminal is generated carry out checking legal after, described user profile is transformed according to preset format and obtains check information, return described check information and corresponding checking mark symbol;
Mark adds module, for obtain mobile terminal according to select check information generate checking mark symbol selection information after submit to checking mark symbol choose request, extract the session identification SessionID of corresponding checking mark symbol, and mark is verified to described session identification SessionID interpolation;
Judging by module, for being verified mark according to described session identification SessionID, judging that subscriber authentication is passed through.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110284214.2A CN103023638B (en) | 2011-09-22 | 2011-09-22 | A kind of auth method based on mobile terminal and device |
| HK13106140.1A HK1179432A1 (en) | 2011-09-22 | 2013-05-24 | Method and device for verifying identity based on a mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110284214.2A CN103023638B (en) | 2011-09-22 | 2011-09-22 | A kind of auth method based on mobile terminal and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103023638A CN103023638A (en) | 2013-04-03 |
| CN103023638B true CN103023638B (en) | 2016-03-30 |
Family
ID=47971802
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110284214.2A Active CN103023638B (en) | 2011-09-22 | 2011-09-22 | A kind of auth method based on mobile terminal and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103023638B (en) |
| HK (1) | HK1179432A1 (en) |
Families Citing this family (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104104508B (en) * | 2013-04-11 | 2018-09-11 | 腾讯科技(深圳)有限公司 | Method of calibration, device and terminal device |
| CN103268552A (en) * | 2013-04-16 | 2013-08-28 | 北京小米科技有限责任公司 | Method and system for processing data |
| CN104580075A (en) * | 2013-10-14 | 2015-04-29 | 深圳市腾讯计算机系统有限公司 | User login validation method, device and system |
| CN104780042A (en) * | 2014-01-13 | 2015-07-15 | 深圳中兴网信科技有限公司 | Two-layer authentication method, device and system for instant messaging |
| CN103838989A (en) * | 2014-03-27 | 2014-06-04 | 北京网秦天下科技有限公司 | Mobile terminal and method |
| CN104967586B (en) * | 2014-05-04 | 2018-02-27 | 腾讯科技(深圳)有限公司 | A kind of user ID authentication method, apparatus and system |
| CN105099692B (en) * | 2014-05-22 | 2020-01-14 | 创新先进技术有限公司 | Security verification method and device, server and terminal |
| CN105260692B (en) * | 2014-05-26 | 2018-04-03 | 阿里巴巴集团控股有限公司 | A kind of DOI verification method, device and system |
| CN105450592A (en) * | 2014-08-05 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Safety verification method and device, server and terminal |
| CN105450410A (en) * | 2014-08-06 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Verifying method and device |
| CN104572099B (en) * | 2014-12-31 | 2017-10-24 | 深圳市酷开网络科技有限公司 | Lower coupling frame data processing method and system based on component and middleware |
| CN104883403B (en) * | 2015-06-04 | 2018-09-18 | 中国地质大学(武汉) | The method and Web server of message are transmitted in a kind of Web information system |
| CN106453216A (en) * | 2015-08-13 | 2017-02-22 | 阿里巴巴集团控股有限公司 | Malicious website interception method, malicious website interception device and client |
| CN105701524B (en) * | 2016-01-19 | 2019-03-15 | 北京图文天地文化艺术有限公司 | A kind of application method with two dimensional code connection paper media and picture and text audio-video |
| CN106534158A (en) * | 2016-11-29 | 2017-03-22 | 努比亚技术有限公司 | Account login control device and method |
| CN109618194B (en) * | 2018-12-10 | 2021-05-11 | 贝尔合控(深圳)科技有限责任公司 | Authentication on-demand method and device based on-demand platform end |
| CN112134780B (en) * | 2019-06-24 | 2022-09-13 | 腾讯科技(深圳)有限公司 | Information acquisition method and device, storage medium and electronic device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1316428A1 (en) * | 2001-11-28 | 2003-06-04 | Seiko Epson Corporation | Non-contact communication between device and cartridge containing consumable component |
| CN1448861A (en) * | 2002-04-01 | 2003-10-15 | 微软公司 | Automatic re-authentication |
| CN1653781A (en) * | 2002-06-28 | 2005-08-10 | 国际商业机器公司 | Method and system for user-determined authentication and single-sign-on in a federated environment |
| CN101350720A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | Dynamic cipher authentication system and method |
-
2011
- 2011-09-22 CN CN201110284214.2A patent/CN103023638B/en active Active
-
2013
- 2013-05-24 HK HK13106140.1A patent/HK1179432A1/en unknown
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1316428A1 (en) * | 2001-11-28 | 2003-06-04 | Seiko Epson Corporation | Non-contact communication between device and cartridge containing consumable component |
| CN1448861A (en) * | 2002-04-01 | 2003-10-15 | 微软公司 | Automatic re-authentication |
| CN1653781A (en) * | 2002-06-28 | 2005-08-10 | 国际商业机器公司 | Method and system for user-determined authentication and single-sign-on in a federated environment |
| CN101350720A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | Dynamic cipher authentication system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103023638A (en) | 2013-04-03 |
| HK1179432A1 (en) | 2013-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103023638B (en) | A kind of auth method based on mobile terminal and device | |
| US10915896B2 (en) | Signature verification method, apparatus, and system | |
| EP3291161B1 (en) | Payment method, apparatus and system | |
| US8615794B1 (en) | Methods and apparatus for increased security in issuing tokens | |
| CN104283841B (en) | The method, apparatus and system of service access control are carried out to third-party application | |
| CA3025923A1 (en) | Helper software developer kit for native device hybrid applications | |
| US20160381001A1 (en) | Method and apparatus for identity authentication between systems | |
| CN107395614A (en) | Single-point logging method and system | |
| CN104580112B (en) | A kind of service authentication method, system and server | |
| CN103443813A (en) | Authenticating transactions using a mobile device identifier | |
| CN104468531A (en) | Authorization method, device and system for sensitive data | |
| CN105323253A (en) | Identity verification method and device | |
| CN108075888B (en) | Dynamic URL generation method and device, storage medium and electronic equipment | |
| CN113032703B (en) | Resource data processing method, device, computer equipment and storage medium | |
| CN110245953B (en) | Information verification method, information verification device and electronic equipment | |
| US20140173693A1 (en) | Cookie Optimization | |
| US20230222482A1 (en) | Device account activation | |
| CN107835160A (en) | Third party's user authen method based on Quick Response Code | |
| CN105162774A (en) | Virtual machine login method and device used for terminal | |
| CN111091430A (en) | Billing two-dimensional code processing method and system | |
| US8788427B2 (en) | Limiting data exposure in authenticated multi-system transactions | |
| CN105429934B (en) | Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification | |
| CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
| CN106888200B (en) | Identification association method, information sending method and device | |
| CN104301285A (en) | Method for logging in web system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1179432 Country of ref document: HK |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: GR Ref document number: 1179432 Country of ref document: HK |