CN103632070A - Any handwriting graphical password method used for payment system - Google Patents
Any handwriting graphical password method used for payment system Download PDFInfo
- Publication number
- CN103632070A CN103632070A CN201310661652.5A CN201310661652A CN103632070A CN 103632070 A CN103632070 A CN 103632070A CN 201310661652 A CN201310661652 A CN 201310661652A CN 103632070 A CN103632070 A CN 103632070A
- Authority
- CN
- China
- Prior art keywords
- input
- payment system
- password
- hand
- arbitrary graphic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Collating Specific Patterns (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
The invention relates to an any handwriting graphical password method used for a payment system. The method comprises a password setting step and a password verification step by taking a touch screen as graphical password input equipment, wherein the password setting step comprises the following steps of: receiving any handwriting graph input by a user via the touch screen; carrying out characteristic extracting and coding on any input handwriting graph; receiving the handwriting graph input by the user again via the touch screen; carrying out characteristic extracting and coding on the handwriting graph input for the second time; comparing the input of two times to judge the graphical password input effectiveness. The password verification step comprises the following steps of: receiving any handwriting graph input by the user via the touch screen; carrying out characteristic extracting and coding on the input handwriting graph; carrying out communication encryption on graph password; transmitting the graph password to a data center; comparing the graph password with the graph password of the data center to judge whether the two graph passwords are same or not; if so, passing the verification. Compared with the prior art, the handwriting graphical password method used for the payment system, which is disclosed by the invention, has the advantages of high encryption intensity, easiness in memorizing and managing and the like.
Description
Technical field
The present invention relates to a kind of payment system safety technique, especially relate to a kind of hand-written arbitrary graphic cryptographic methods for payment system.
Background technology
In recent years, along with the development of mobile communication technology, the number of users paying by mobile phone or other mobile terminal is explosive growth, but its security can not guarantee, the report that constantly has user to suffer a loss.Tracing it to its cause, is mainly the attack that traditional numerical ciphers (for example bank by 6 bit digital as password) is very easily subject to hacker or fishing website, obtains easily user cipher.The security that how to crack mobile payment just becomes urgent problem instantly.
In addition, the quantity such as present various bank cards, credit card, consumption card, Payment Card are huge, and it is all 6 or long number composition that individual usually has the many all kinds of cards of quantity, its password, is difficult to remember, very large to the management difficulty of these passwords.Therefore, be also badly in need of finding alternative method.
Summary of the invention
Object of the present invention is exactly to provide a kind of hand-written arbitrary graphic cryptographic methods for payment system in order to overcome the defect of above-mentioned prior art existence, and the method has solved traditional cryptosecurity insufficient strength and password is difficult to memory and the problem of managing.
Object of the present invention can be achieved through the following technical solutions:
For a hand-written arbitrary graphic cryptographic methods for payment system, the method be take touch-screen as graphical passwords input equipment, comprises password setting steps and password authentification step, and described password setting steps comprises:
A1) touch-screen receives the hand-written arbitrary graphic of user's input;
A2) payment system is carried out feature extraction and coding to the handwritten patterns of input, saves as analysis result A;
A3) touch-screen receives the handwritten patterns of user's input again;
A4) payment system is carried out feature extraction and coding to the handwritten patterns of input for the second time, saves as analysis result B;
A5) payment system compares analysis result A and B, and if the validity of judgement graphical passwords input, effectively, communicates and encrypts the rear graphical passwords that forms encoding of graphs, is saved to the data center of payment system, if invalid, returns to step a1);
Described password authentification step comprises:
B1) touch-screen receives the handwritten patterns of user's input;
B2) payment system is carried out feature extraction and coding to the handwritten patterns of input, encoding of graphs is communicated to encryption, and transfer to data center, the graphical passwords of Jiang Qiyu data center is compared, judge whether identical, if, be verified, if not, checking is not passed through.
Described handwritten patterns is carried out to feature extraction be specially: the stroke of handwritten patterns is decomposed to extraction, obtain the topological relation structure of figure.
Described is encoded to handwritten patterns: the feature of extracting is encoded, be converted into 0 and 1 binary sequence.
Described encodes and is specially handwritten patterns: the figure of input is numbered decomposing each line segment obtaining by input sequencing, its decimal sequence is converted into binary sequence.
When described comparison analysis result A and B, judge that whether two topological relation structures in analysis result are consistent, if so, effective, if not, invalid.
Described hand-written arbitrary graphic consists of one or more figures.
Described touch-screen is the touch-screen that terminal carries.
Described terminal comprises mobile phone, panel computer or the terminal touch screen for paying.
Compared with prior art, the present invention adopts arbitrary graphic as password, there is the advantages such as Cipher Strength infinity, password be directly perceived easy to remember, utilize existing handset touch panel or other terminal touch screen as input equipment simultaneously, without extra equipment investment, greatly reduced user to the memory of various Payment Card passwords and management.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of graphical passwords setting steps of the present invention;
Fig. 2 is the schematic flow sheet of graphical passwords verification step of the present invention;
Fig. 3 is that initial graphics password arranges schematic diagram;
Wherein, Fig. 3 (a) is tablet pattern for the first time, and Fig. 3 (b) is tablet pattern for the second time;
Fig. 4 is the graphical passwords example that single figure forms;
Wherein, Fig. 4 (a) figure can be remembered for " 4 leaf tree "; Fig. 4 (b) figure can remember for certainly wound " name,, word; Fig. 4 (c) figure can be remembered for " people's face " and adds two angles; Fig. 4 (d) figure can be remembered for " cocked hat "; Fig. 4 (e) figure can be remembered for " 6 window room "; Fig. 4 (f) figure can be remembered for " wheel exterior feature+HI ";
Fig. 5 is the graphical passwords example that a plurality of figures form;
Wherein, Fig. 5 (a) graphical passwords is a plant name; Fig. 5 (b) graphical passwords is a character string; Fig. 5 (c) graphical passwords is the combination of 3 figures; Fig. 5 (d) graphical passwords is a mathematic formula;
Fig. 6 is that figure stroke is done the result that straight-line segment decomposes;
Fig. 7 is the coding schematic diagram of handwritten patterns password;
Fig. 8 is example that graphical passwords is verified and unsanctioned;
Wherein, Fig. 8 (a), Fig. 8 (d) they are original figure password, Fig. 8 (b), Fig. 8 (e) figure for being verified, and Fig. 8 (c), Fig. 8 (f) they are the unsanctioned figure of checking.
Embodiment
Below in conjunction with the drawings and specific embodiments, the present invention is described in detail.The present embodiment be take technical solution of the present invention and is implemented as prerequisite, provided detailed embodiment and concrete operating process, but protection scope of the present invention is not limited to following embodiment.
A kind of hand-written arbitrary graphic cryptographic methods for payment system, it is graphical passwords input equipment that the method be take mobile phone, panel computer or other touch-screens carrying for payment terminal, the figure being comprised of the hand-written one or more patterns of user, as password, improves encryption strength, easy to use.As scheme as shown in I-Fig. 2, the method specifically comprises password setting steps and password authentification step.
(1) initial password setting: touch-screen receives the hand-written arbitrary graphic of user's input, payment system is by carrying out feature extraction and coding to the handwritten patterns of input, the Stroke decomposition of the geometric configuratioies such as straight line, curve, arbitrary polygon, circle is extracted, extract its stroke information and graph topology relational structure, save as analysis result A.Touch-screen receives the handwritten patterns of user input again, and whether system is carried out identical feature extraction and coding to tablet pattern, saves as analysis result B, and itself and analysis result A are compared, consistent to determine twice tablet pattern topological structure.If consistent, encoding of graphs is communicated and encrypts the rear graphical passwords that forms, be saved to the data center of payment system.Communication encrypting method can be free from existing encryption method.
Comparison is mainly that the topological relation of graphic structure is carried out, the feature size of like this user being inputted, and stroke length, degree of tilt has certain tolerance.
Fig. 3 has provided the figure of twice input of an initial graphics password, and its shape is identical with topological structure, and this initial password has obtained the approval of system.
(2) arranging of single graphical passwords generally followed simple principle easy to remember, can be pattern, word (comprising the word from wound), contour of object etc., and object adds the combination of word.Fig. 4 has provided the example of some graphical passwords.
(3) arranging of the password that a plurality of figures form generally also should be followed the simple principle that is easy to association easy to remember, can be animals and plants name, place name, building name, name etc., can be also character string, the combination of several figures, can also be mathematic formula, as shown in Figure 5.
(4) feature extraction of handwritten patterns password: the figure of input is done to straight-line segment by input sequencing to each stroke and decompose, as shown in Figure 6.
(5) a kind of method of the feature coding of handwritten patterns password is, each line segment that the figure of input is obtained Stroke decomposition by input sequencing is encoded.As shown in Figure 7, coding can carry out in the steps below:
A) take the screen upper left corner as true origin, find out the outer rim of current figure;
B) this figure is cut out along outer rim;
C) be normalized to the image (as 200 * 200) of a fixed measure;
D) take Fig. 7 upper left corner as true origin, the coordinate of line segment 1-5 is obtained, its decimal system coordinate figure is converted into scale-of-two coordinate figure.
(6) verification method of handwritten patterns password: the handwritten patterns to input when verifying, by (4) described feature extraction, then feature is encoded, the binary sequence after coding is communicated to encryption, encryption method can be selected Standard Encryption algorithm, also can designed, designed cryptographic algorithm.Binary sequence after encrypting is transferred to data processing centre (DPC), after deciphering, obtains the feature coding of figure.By the feature coding comparison of the initial password of feature coding and storage center, judge whether it is correct graphical passwords.Fig. 8 has provided example and the graphical passwords that a graphical passwords is verified and has verified unsanctioned example.In figure, 8 (a), 8 (d) are the graphical passwords of original start, and 8 (b), 8 (e) are the graphical passwords being verified, and 8 (c), 8 (f) are the unsanctioned graphical passwords of checking.
Claims (8)
1. for a hand-written arbitrary graphic cryptographic methods for payment system, it is characterized in that, the method be take touch-screen as graphical passwords input equipment, comprises password setting steps and password authentification step, and described password setting steps comprises:
A1) touch-screen receives the hand-written arbitrary graphic of user's input;
A2) payment system is carried out feature extraction and coding to the handwritten patterns of input, saves as analysis result A;
A3) touch-screen receives the handwritten patterns of user's input again;
A4) payment system is carried out feature extraction and coding to the handwritten patterns of input for the second time, saves as analysis result B;
A5) payment system compares analysis result A and B, and if the validity of judgement graphical passwords input, effectively, communicates and encrypts the rear graphical passwords that forms encoding of graphs, is saved to the data center of payment system, if invalid, returns to step a1);
Described password authentification step comprises:
B1) touch-screen receives the handwritten patterns of user's input;
B2) payment system is carried out feature extraction and coding to the handwritten patterns of input, encoding of graphs is communicated to encryption, and transfer to data center, the graphical passwords of Jiang Qiyu data center is compared, judge whether identical, if, be verified, if not, checking is not passed through.
2. a kind of hand-written arbitrary graphic cryptographic methods for payment system according to claim 1, it is characterized in that, described handwritten patterns is carried out to feature extraction be specially: the stroke of handwritten patterns is decomposed to extraction, obtain the topological relation structure of figure.
3. a kind of hand-written arbitrary graphic cryptographic methods for payment system according to claim 2, is characterized in that, described is encoded to handwritten patterns: the feature of extracting is encoded, be converted into 0 and 1 binary sequence.
4. a kind of hand-written arbitrary graphic cryptographic methods for payment system according to claim 3, it is characterized in that, described encodes and is specially handwritten patterns: the figure of input is numbered decomposing each line segment obtaining by input sequencing, its decimal sequence is converted into binary sequence.
5. a kind of hand-written arbitrary graphic cryptographic methods for payment system according to claim 2, is characterized in that, when described comparison analysis result A and B, judge that whether two topological relation structures in analysis result are consistent, if so, effective, if not, invalid.
6. a kind of hand-written arbitrary graphic cryptographic methods for payment system according to claim 1, is characterized in that, described hand-written arbitrary graphic consists of one or more figures.
7. a kind of hand-written arbitrary graphic cryptographic methods for payment system according to claim 1, is characterized in that, described touch-screen is the touch-screen that terminal carries.
8. a kind of hand-written arbitrary graphic cryptographic methods for payment system according to claim 7, is characterized in that, described terminal comprises mobile phone, panel computer or the terminal touch screen for paying.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310661652.5A CN103632070B (en) | 2013-12-09 | 2013-12-09 | Any handwriting graphical password method used for payment system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310661652.5A CN103632070B (en) | 2013-12-09 | 2013-12-09 | Any handwriting graphical password method used for payment system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103632070A true CN103632070A (en) | 2014-03-12 |
| CN103632070B CN103632070B (en) | 2017-04-12 |
Family
ID=50213109
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310661652.5A Expired - Fee Related CN103632070B (en) | 2013-12-09 | 2013-12-09 | Any handwriting graphical password method used for payment system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103632070B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103886244A (en) * | 2014-03-18 | 2014-06-25 | 上海分维智能科技有限公司 | Method for conducting any graphical password handwriting for intelligent terminal starting-up system |
| CN105631267A (en) * | 2015-12-26 | 2016-06-01 | 深圳市金立通信设备有限公司 | Password check method and terminal |
| CN104135676B (en) * | 2014-08-14 | 2017-04-05 | 诚迈科技(南京)股份有限公司 | The method that business is paid is realized using figure destructing |
| CN108009419A (en) * | 2017-11-24 | 2018-05-08 | 咪咕文化科技有限公司 | Authentication method and device of graphic password and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020062217A1 (en) * | 1996-11-01 | 2002-05-23 | Junichi Fujimori | System and method for preventing unauthorized data copying using communication network |
| CN1534445A (en) * | 2003-03-31 | 2004-10-06 | 联想(北京)有限公司 | Method of cipher setting and safety identification |
| CN103116750A (en) * | 2013-03-14 | 2013-05-22 | 深圳市共进电子股份有限公司 | Pattern identification authentication method capable of faintly matching |
-
2013
- 2013-12-09 CN CN201310661652.5A patent/CN103632070B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020062217A1 (en) * | 1996-11-01 | 2002-05-23 | Junichi Fujimori | System and method for preventing unauthorized data copying using communication network |
| CN1534445A (en) * | 2003-03-31 | 2004-10-06 | 联想(北京)有限公司 | Method of cipher setting and safety identification |
| CN103116750A (en) * | 2013-03-14 | 2013-05-22 | 深圳市共进电子股份有限公司 | Pattern identification authentication method capable of faintly matching |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103886244A (en) * | 2014-03-18 | 2014-06-25 | 上海分维智能科技有限公司 | Method for conducting any graphical password handwriting for intelligent terminal starting-up system |
| CN104135676B (en) * | 2014-08-14 | 2017-04-05 | 诚迈科技(南京)股份有限公司 | The method that business is paid is realized using figure destructing |
| CN105631267A (en) * | 2015-12-26 | 2016-06-01 | 深圳市金立通信设备有限公司 | Password check method and terminal |
| CN108009419A (en) * | 2017-11-24 | 2018-05-08 | 咪咕文化科技有限公司 | Authentication method and device of graphic password and storage medium |
| CN108009419B (en) * | 2017-11-24 | 2020-12-22 | 咪咕文化科技有限公司 | Authentication method and device of graphic password and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103632070B (en) | 2017-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110390191A (en) | Method and system for safe biologic identification verifying | |
| CN102638790A (en) | Password control method, device and system | |
| WO2014188210A1 (en) | User authentication system and method | |
| CN102223233A (en) | Biological code authentication system and biological code authentication method | |
| CN103632070A (en) | Any handwriting graphical password method used for payment system | |
| CN1523809A (en) | Password variable identification verification technique | |
| CN104023332B (en) | A kind of electric terminal and its SMS encryption, decryption method | |
| CN106204038A (en) | The method and device that a kind of password string generates | |
| CN104102868A (en) | Multi-modal USB key authentication method based on face recognition technology | |
| CN105897417A (en) | Encrypted data input method and encrypted data input device | |
| CN103118201A (en) | System and method for unlocking touch screen | |
| CN103106714B (en) | Based on method for unlocking and the system of hand-held terminal device PDA and fingerprint identification technology | |
| CN102185696B (en) | Mobile phone user authentication method without trusted third party on basis of handwriting characteristics | |
| CN204759430U (en) | Random cipher input device | |
| CN107403088A (en) | Password identification method and device | |
| CN105653054B (en) | A kind of cipher processing method and device | |
| US20160300416A1 (en) | Electronic Lock and Verification Method for Unlocking the Same | |
| CN104636677A (en) | Data safety storage method based on privacy protection | |
| KR101392537B1 (en) | User memory method using plural one time password | |
| CN105187219A (en) | Method for preventing tampering of identity information in real name authentication | |
| CN102684920A (en) | User permission management system | |
| CN103886244A (en) | Method for conducting any graphical password handwriting for intelligent terminal starting-up system | |
| CN104376236A (en) | Scheme self-adaptive digital watermark embedding and extracting method based on camouflage technology | |
| CN103873232A (en) | Generation method for biologic key of user chirography on touch screen | |
| CN205176929U (en) | Bank card theftproof brush control management device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170412 Termination date: 20191209 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |