CN103971239A - Verification method and device - Google Patents
Verification method and device Download PDFInfo
- Publication number
- CN103971239A CN103971239A CN201410230863.8A CN201410230863A CN103971239A CN 103971239 A CN103971239 A CN 103971239A CN 201410230863 A CN201410230863 A CN 201410230863A CN 103971239 A CN103971239 A CN 103971239A
- Authority
- CN
- China
- Prior art keywords
- terminal
- authorization information
- identifying code
- information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a verification method and device applied to a first terminal. The method comprises the following steps: receiving a verification request command comprising identification information of a request user; determining a plurality of second terminals and terminal identifications thereof according to the identification information of the request user; generating a plurality of verification informations according to the terminal identification of each second terminal, and transmitting each verification information to the corresponding second terminals to trigger the second terminal to prompt the terminal user to perform verification code input operation; receiving a verification code returned by each second terminal; carrying out consistency judgment on each verification code according to the verification information to obtain a judgment result; and generating a first verification result of the valid request user when the judgment result indicates that each verification code is consistent with the corresponding verification information. Since a plurality of trusted terminals verify the verification codes at the same time, the embodiment of the invention implements protection on the financial transactions of the user, and enhances the financial transaction safety of the user.
Description
Technical field
The application relates to technical field of data processing, particularly a kind of verification method and device.
Background technology
Along with social development, people's living standard improves gradually, corresponding, financial consumption behavior is also more and more frequent, and at present, people realize financial consumption by various modes of doing business, except money transaction, also just like various modes of doing business such as POS transaction, online tradings.In these modes of doing business, conventionally can be trusted by setting in advance the verification mode of terminal its trading object is verified as user's legitimacy, be ensured user's financial transaction security.
Take online trading as example, user logins its Web bank its article of consumption is carried out to amount of money payment, after bank receives user's consumption request, to user's legal electric terminal, send identifying code as mobile phone etc., user sends to bank by this identifying code, identifying code user being returned by bank carries out consistance judgement, thereby user's legitimacy is verified.
But in such scheme, bank's place terminal is only carried out identifying code judgement to the electric terminal of this validated user, although can guarantee this user in its user name and password the financial transaction safety after stolen, but still exist user's electric terminal and user name password thereof by non-legal use (carrying out a large sum of money financial transaction etc. as child) or simultaneously stolen situation, cause equally user's financial transaction security lower.
Summary of the invention
The application's technical matters to be solved is to provide a kind of verification method and device, in order to solve in prior art by user's legal electric terminal being carried out to the scheme of identifying code judgement, the electric terminal and the simultaneously stolen situation of user name password thereof that have user, cause user's the lower technical matters of financial transaction security.
The application provides a kind of verification method, is applied to first terminal, and described method comprises:
Receipt Validation request instruction, at least comprises the identification information of asking user in described checking request instruction;
According to described request user's identification information, determine the second terminal and terminal iidentification thereof that a plurality of and described identification information is corresponding;
According to the terminal iidentification of the second terminal described in each, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, to trigger described its terminal user of the second terminal notifying, carry out identifying code input operation;
Receive the identifying code that the second terminal is returned described in each;
According to described authorization information, identifying code described in each is carried out to consistance judgement, obtain judged result;
At identifying code described in described judged result shows each, when all authorization information corresponding to it is consistent, generate the first legal the result of described request user.
Said method, preferred, according to the terminal iidentification of the second terminal described in each, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, comprising:
According to the terminal iidentification of the second terminal described in each, obtain each self-corresponding first information create-rule of the second terminal described in each;
According to first information create-rule described in each, generate respectively the authorization information of its corresponding the second terminal;
Described authorization information is sent in the second terminal of its correspondence.
Said method, preferred, according to the terminal iidentification of the second terminal described in each, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, comprising:
Terminal iidentification according to described the second terminal, obtains the second default creating info rules, and described the second creating info rules is corresponding with all described the second terminals;
According to described the second creating info rules, generate the authorization information of the second terminal described in each;
Described authorization information is sent in the second terminal of its correspondence.
Said method, preferred, in described authorization information, at least comprise a plurality of numerical characters.
Said method, preferred, the described authorization information of described foundation, carries out consistance judgement to identifying code described in each, obtains judged result, comprising:
Respectively numerical character in the authorization information corresponding to it of identifying code described in each is compared one by one, obtained sub-judged result corresponding to identifying code described in each; All described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
The application also provides a kind of demo plant, is applied to first terminal, and described device comprises:
Command reception unit, for Receipt Validation request instruction, at least comprises the identification information of asking user in described checking request instruction;
Sign determining unit, for the identification information according to described request user, determines the second terminal and terminal iidentification thereof that a plurality of and described identification information is corresponding;
Authorization information processing unit, for the terminal iidentification according to described the second terminal, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, to trigger described its terminal user of the second terminal notifying, carrying out identifying code input operation;
Identifying code receiving element, for receiving the identifying code that the second terminal is returned described in each;
Identifying code judging unit, for according to described authorization information, identifying code described in each is carried out to consistance judgement, obtain judged result, at identifying code described in described judged result shows each, when all authorization information corresponding to it is consistent, trigger the first result generation unit;
The first result generation unit, for generating the first legal the result of described request user.
Said apparatus, preferred, described authorization information processing unit comprises:
The first Rule subelement, for the terminal iidentification according to the second terminal described in each, obtains each self-corresponding first information create-rule of the second terminal described in each;
The first information generates subelement, for according to first information create-rule described in each, generates respectively the authorization information of its corresponding the second terminal;
The first information sends subelement, for described authorization information being sent to the second terminal of its correspondence.
Said apparatus, preferred, described authorization information processing unit comprises:
Second Rule obtains subelement, and the terminal iidentification for according to described the second terminal, obtains the second default creating info rules, and described the second creating info rules is corresponding with all described the second terminals;
The second Information generation subelement, for according to described the second creating info rules, generates the authorization information of the second terminal described in each;
The second information sends subelement, for described authorization information being sent to the second terminal of its correspondence.
Said apparatus, preferred, in described authorization information, at least comprise a plurality of numerical characters.
Said apparatus, preferred, described identifying code judging unit comprises:
Character comparer unit, for respectively the authorization information numerical character corresponding to it of identifying code described in each being compared one by one, obtains sub-judged result corresponding to identifying code described in each; All described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
From such scheme, a kind of verification method and device that the application provides, be applied on first terminal, the application is by after receiving request user's checking request instruction, utilize this request user's identification information to determine a plurality of the second terminals and terminal iidentification thereof, the terminal iidentification that recycles each the second terminal generates its each self-corresponding authorization information and sends in this second terminal, to trigger each its terminal user of the second terminal notifying who receives authorization information, carry out the input operation of identifying code, and then the application is again by after receiving the identifying code that each second terminal returns, these identifying codes are carried out to consistance judgement, and when its judged result shows each identifying code all authorization information corresponding to it is consistent, generate the first legal the result of request user, the legitimate verification of realization to this request user, with this result, allow this request user's financial transaction behavior.The application is by arranging i.e. the second terminal of a plurality of trust terminals; utilize a plurality of trust terminals to carry out identifying code checking simultaneously; in request user's terminal and the non-legal use of username and password thereof or when simultaneously stolen; by stoping other identifying codes of trusting terminal to send the protection realizing this request user's financial transaction, improve user's financial transaction security.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme in the embodiment of the present application, below the accompanying drawing of required use during embodiment is described is briefly described, apparently, accompanying drawing in the following describes is only some embodiment of the application, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
The process flow diagram of a kind of verification method embodiment mono-that Fig. 1 provides for the application;
Fig. 2 is the application example figure of the embodiment of the present application;
The part process flow diagram of a kind of verification method embodiment bis-that Fig. 3 provides for the application;
The part process flow diagram of a kind of verification method embodiment tri-that Fig. 4 provides for the application;
The process flow diagram of a kind of verification method embodiment tetra-that Fig. 5 provides for the application;
The structural representation of a kind of demo plant embodiment five that Fig. 6 provides for the application;
The part-structure schematic diagram of a kind of demo plant embodiment six that Fig. 7 provides for the application;
The part-structure schematic diagram of a kind of verification method embodiment seven that Fig. 8 provides for the application;
The structural representation of a kind of demo plant embodiment eight that Fig. 9 provides for the application.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is clearly and completely described, obviously, described embodiment is only the application's part embodiment, rather than whole embodiment.Embodiment based in the application, those of ordinary skills are not making the every other embodiment obtaining under creative work prerequisite, all belong to the scope of the application's protection.
With reference to figure 1, the process flow diagram of a kind of verification method embodiment mono-providing for the application, described method can be applied in first terminal, and described first terminal can be realized as the server of bank etc. for financial service center, and described method can comprise the following steps:
Step 101: Receipt Validation request instruction.
Wherein, in described checking request instruction, at least include request user's identification information.
It should be noted that, described request user is and need to carries out the user that financial transaction behavior is carried out in financial transaction, this user carries out the operation to first terminal by webpage or ATM etc., to generate checking request instruction, by the application who is applied on first terminal, this checking request instruction is received.
Wherein, described request user's identification information can ask the user name of user on described first terminal as Bank Account Number user name or registered contacts telephone number etc. for this.
Step 102: according to described request user's identification information, determine the second terminal and terminal iidentification thereof that a plurality of and described identification information is corresponding.
Wherein, described request user's identification information can have incidence relation with a plurality of trust terminals, for example, this request user is associated with a plurality of the second terminals, in described step 102, utilize this request user's identification information, determine the second terminal and terminal iidentification thereof described in each that be subject to this request users to trust.
It should be noted that, described the second terminal can have for mobile phone, pad etc. the terminal realization of uniqueness identity property.The terminal iidentification of described the second terminal can be for the hardware identifier of this second terminal be as NIC address, or the SIM card sign communicating in this second terminal etc.
Step 103: according to the terminal iidentification of the second terminal described in each, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, carrying out identifying code input operation to trigger described its terminal user of the second terminal notifying.
Wherein, described in each, the second terminal can have otherness between the corresponding authorization information receiving separately, that is, authorization information corresponding to any two the second terminals is all not identical.
It should be noted that, in described step 103, while described authorization information being sent in the second terminal of its correspondence, can pass through Wireless Data Transmission mode, as realizations such as bluetooth, mobile communication, as shown in Figure 2, each authorization information generating in described step 103 is sent to respectively in its each self-corresponding the second terminal.
Step 104: receive the identifying code that the second terminal is returned described in each.
Wherein, described the second terminal is after receiving authorization information, this authorization information is showed to user, and reminding user is carried out the input operation of identifying code according to this authorization information, now, the webpage of user's the second terminal or the upper input operation of carrying out identifying code of other application APP, for example, request user is carried out and is extracted monetary transaction by ATM, now generate checking request instruction, banking terminal receives and determines according to the identification information of this request user in instruction mobile phone and the phone number of this request users to trust to this checking request instruction, and generate authorization information and be sent on these mobile phones, these mobile phones of being trusted point out its cellphone subscriber to carry out identifying code input, these mobile phones return to the identifying code of user's input, the identifying code these being returned by the application in first terminal receives.
Step 105: according to described authorization information, identifying code described in each is carried out to consistance judgement, obtain judged result, when all authorization information corresponding to it is consistent, perform step 106 at identifying code described in described judged result shows each.
Wherein, described step 105 refers to, the authorization information that identifying code described in each is corresponding with it is carried out to consistance matching judgment, obtain judged result, this judged result can show that the authorization information that whether identifying code is corresponding with it described in each is consistent, and at identifying code described in described judged result shows each when all authorization information corresponding to it is consistent, execution step 106.
Step 106: generate the first legal the result of described request user.
Wherein, described request user is legal to be referred to, the legitimate verification of this request user's financial transaction is passed through, and shows that this request user can proceed its current financial transaction behavior.
From such scheme, a kind of verification method embodiment mono-that the application provides, on the first terminal that is applied to be connected with a plurality of the second terminals, the embodiment of the present application one is by after receiving request user's checking request instruction, utilize this request user's identification information to determine the second terminal and terminal iidentification thereof, the terminal iidentification that recycles each the second terminal generates its each self-corresponding authorization information and sends in this second terminal, to trigger each its terminal user of the second terminal notifying who receives authorization information, carry out the input operation of identifying code, and then the application is again by after receiving the identifying code that each second terminal returns, these identifying codes are carried out to consistance judgement, and when its judged result shows each identifying code all authorization information corresponding to it is consistent, generate the first legal the result of request user, the legitimate verification of realization to this request user, with this result, allow this request user's financial transaction behavior.
For example, in family's account management, when child carries out financial transaction behavior, the mobile phone terminal proof procedure that not only needs child, need father and mother or other tutorial mobile phone terminal proof procedures simultaneously, detailed process is: in first terminal as the embodiment of the present application of bank server end, first receive child by the mobile phone of oneself or the checking request instruction of computer transmission, utilize afterwards the identification information of child in this instruction to determine a plurality of the second terminals of being trusted, as mobile phone of child's mobile phone and father and mother etc., the terminal iidentification that the embodiment of the present application is trusted mobile phone according to these afterwards generates authorization information, and these authorization informations are sent to respectively on each mobile phone, child and father and mother carry out the input operation of identifying code by mobile phone, with this, the embodiment of the present application can receive each and be trusted the identifying code that mobile phone returns, further these identifying codes authorization information corresponding with it carried out to consistency checking, guarantee child's E-Security.
Thus; the embodiment of the present application one is by arranging i.e. the second terminal of a plurality of trust terminals; utilize a plurality of trust terminals to carry out identifying code checking simultaneously; in request user's terminal and the non-legal use of username and password thereof or when simultaneously stolen; by stoping other identifying codes of trusting terminal to send the protection realizing this request user's financial transaction, improve user's financial transaction security.
Wherein, in above-described embodiment, when judging described judged result showing described in each identifying code not all authorization information corresponding to it is consistent in described step 105, there is the inconsistent situation of some identifying code authorization information corresponding to it, now, execution step: generate illegal the second the result of described request user, described the second the result shows, to the legitimate verification of this request user's financial transaction, can not pass through, now, this request user can not proceed its current financial transaction behavior, in described first terminal, can further carry out the operation of this request of terminal user's current financial transaction behavior, guarantee this request user's E-Security.
Implementation based on previous embodiment, with reference to figure 3, the realization flow figure of step 103 described in a kind of verification method embodiment bis-providing for the application, described step 103 can realize by following steps:
Step 131: according to the terminal iidentification of the second terminal described in each, obtain each self-corresponding first information create-rule of the second terminal described in each.
Wherein, in described step 131, refer to, described in each, the second terminal has its first information create-rule separately, and the first information create-rule of each the second terminal is all not identical.These first information create-rules can arrange in advance, in described step 131, terminal iidentification according to each the second terminal, a plurality of first information create-rules that set in advance are distributed to the second terminal described in each, get each self-corresponding first information create-rule of the second terminal described in each.
Step 132: according to first information create-rule described in each, generate respectively the authorization information of its corresponding the second terminal.
Wherein, known in above, described in each, first information create-rule is different, and the authorization information of each the second terminal generating is accordingly different.
Step 133: described authorization information is sent in the second terminal of its correspondence.
With above-mentioned child, carry out the example that is exemplified as that financial transaction verification, father and mother carry out simultaneous verification, the authorization information that child and father and mother's mobile phone receives is obtained by the embodiment of the present application foundation first information create-rule separately respectively, accordingly, the authorization information receiving on child and father and mother's mobile phone is different.
With reference to figure 4, the realization flow figure of step 103 described in a kind of verification method embodiment tri-providing for the application, described step 103 also can realize by following steps:
Step 134: the terminal iidentification according to described the second terminal, obtain the second default creating info rules, described the second creating info rules is corresponding with the second terminal described in each.
Wherein, described the second creating info rules can be for setting in advance, and have uniqueness, and this second creating info rules is corresponding with all the second terminals.
Step 135: according to described the second creating info rules, generate the authorization information of the second terminal described in each.
Wherein, described step 135 refers to: according to described the second creating info rules, generate successively or simultaneously the authorization information of the second terminal described in each, described in each, the authorization information of the second terminal is different.
Step 136: described authorization information is sent in the second terminal of its correspondence.
With above-mentioned child, carry out the example that is exemplified as that financial transaction verification, father and mother carry out simultaneous verification, the authorization information that child and father and mother's mobile phone receives obtains according to same the second creating info rules by the embodiment of the present application, and the authorization information receiving on child and father and mother's mobile phone is different.
It should be noted that, described in each generation in above-mentioned steps 103 in the authorization information of the second terminal, can comprise by a plurality of numerical characters, or alphabetic character etc., as 0~9 or a~z in any number of characters etc., these characters form the authorization information of the second terminal, described authorization information also can be for including pictorial information of character information etc., as a jpg picture, on this picture, draw have 0~9 or a~z in any number of characters etc.
Composition based on above-mentioned authorization information, with reference to figure 5, the process flow diagram of a kind of verification method embodiment tetra-providing for the application, wherein, described step 105 can realize by following steps:
Step 151: respectively numerical character in the authorization information corresponding to it of identifying code described in each is compared one by one, obtained sub-judged result corresponding to identifying code described in each.
Wherein, all described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
It should be noted that, in described step 151, refer to: by the character in identifying code described in each respectively in the authorization information corresponding with this identifying code numerical character compare one by one, with this, generate the sub-judged result of identifying code described in each, and all sub-judged results are combined into described judged result, and in subsequent step 106 by described judged result is identified, when identifying it and showing identifying code described in each authorization information corresponding with it is consistent respectively, generate the first legal the result of described request user.
Wherein, described authorization information also can be for representing character string or the pictorial information of a plurality of characters, as " 9-5=? " character string, a jpg picture for another example, on this picture, draw have " 1+5=? " Deng.Accordingly, described step 105 can realize in the following manner:
Respectively the character information of representative in the authorization information corresponding to it of identifying code described in each is carried out to Corresponding matching, obtain sub-judged result corresponding to identifying code described in each, wherein, all described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
For example, one of them authorization information is " 9+8=? ", the legal identifying code of its correspondence is " 17 ", in described step 105, the identifying code that the second terminal corresponding to this authorization information returned mates with " 17 ", obtains the matching result of this authorization information.
With reference to figure 6, the structural representation of a kind of demo plant embodiment five providing for the application, wherein, described device can be applied in first terminal, described first terminal can be realized as the server of bank etc. for financial service center, and described device can comprise following structure:
Command reception unit 601, for Receipt Validation request instruction, at least comprises the identification information of asking user in described checking request instruction.
It should be noted that, described request user is and need to carries out the user that financial transaction behavior is carried out in financial transaction, this user carries out the operation to first terminal by webpage or ATM etc., to generate checking request instruction, by the application who is applied on first terminal, this checking request instruction is received.
Wherein, described request user's identification information can ask the user name of user on described first terminal as Bank Account Number user name or registered contacts telephone number etc. for this.
Sign determining unit 602, for the identification information according to described request user, determines the second terminal and terminal iidentification thereof that a plurality of and described identification information is corresponding.
Wherein, described request user's identification information can have incidence relation with a plurality of trust terminals, for example, this request user is associated with a plurality of the second terminals, in described sign determining unit 602, utilize this request user's identification information, determine the second terminal and terminal iidentification thereof described in each that be subject to this request users to trust.
It should be noted that, described the second terminal can have for mobile phone, pad etc. the terminal realization of uniqueness identity property.The terminal iidentification of described the second terminal can be for the hardware identifier of this second terminal be as NIC address, or the SIM card sign communicating in this second terminal etc.
Authorization information processing unit 603, for the terminal iidentification according to described the second terminal, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, to trigger described its terminal user of the second terminal notifying, carrying out identifying code input operation.
Wherein, described in each, the second terminal can have otherness between the corresponding authorization information receiving separately, that is, authorization information corresponding to any two the second terminals is all not identical.
It should be noted that, in described authorization information processing unit 603, while described authorization information being sent in the second terminal of its correspondence, can pass through Wireless Data Transmission mode, as realizations such as bluetooth, mobile communication, as shown in Figure 2, each authorization information generating in described authorization information processing unit 603 is sent to respectively in its each self-corresponding the second terminal.
Identifying code receiving element 604, for receiving the identifying code that the second terminal is returned described in each.
Wherein, described the second terminal is after receiving authorization information, this authorization information is showed to user, and reminding user is carried out the input operation of identifying code according to this authorization information, now, the webpage of user's the second terminal or the upper input operation of carrying out identifying code of other application APP, for example, request user is carried out and is extracted monetary transaction by ATM, now generate checking request instruction, banking terminal receives and determines according to the identification information of this request user in instruction mobile phone and the phone number of this request users to trust to this checking request instruction, and generate authorization information and be sent on these mobile phones, these mobile phones of being trusted point out its cellphone subscriber to carry out identifying code input, these mobile phones return to the identifying code of user's input, the identifying code these being returned by the application in first terminal receives.
Identifying code judging unit 605, for according to described authorization information, identifying code described in each is carried out to consistance judgement, obtain judged result, at identifying code described in described judged result shows each, when all authorization information corresponding to it is consistent, trigger the first result generation unit 606.
Wherein, described identifying code judging unit 605 refers to, the authorization information that identifying code described in each is corresponding with it is carried out to consistance matching judgment, obtain judged result, this judged result can show that the authorization information that whether identifying code is corresponding with it described in each is consistent, and when all authorization information corresponding to it is consistent, trigger described the first result generation unit 606 at identifying code described in described judged result shows each.
The first result generation unit 606, for generating the first legal the result of described request user.
Wherein, described request user is legal to be referred to, the legitimate verification of this request user's financial transaction is passed through, and shows that this request user can proceed its current financial transaction behavior.
From such scheme, a kind of demo plant embodiment five that the application provides, on the first terminal that is applied to be connected with a plurality of the second terminals, the embodiment of the present application one is by after receiving request user's checking request instruction, utilize this request user's identification information to determine the second terminal and terminal iidentification thereof, the terminal iidentification that recycles each the second terminal generates its each self-corresponding authorization information and sends in this second terminal, to trigger each its terminal user of the second terminal notifying who receives authorization information, carry out the input operation of identifying code, and then the application is again by after receiving the identifying code that each second terminal returns, these identifying codes are carried out to consistance judgement, and when its judged result shows each identifying code all authorization information corresponding to it is consistent, generate the first legal the result of request user, the legitimate verification of realization to this request user, with this result, allow this request user's financial transaction behavior.
For example, in family's account management, when child carries out financial transaction behavior, the mobile phone terminal proof procedure that not only needs child, need father and mother or other tutorial mobile phone terminal proof procedures simultaneously, detailed process is: in first terminal as the embodiment of the present application of bank server end, first receive child by the mobile phone of oneself or the checking request instruction of computer transmission, utilize afterwards the identification information of child in this instruction to determine a plurality of the second terminals of being trusted, as mobile phone of child's mobile phone and father and mother etc., the terminal iidentification that the embodiment of the present application is trusted mobile phone according to these afterwards generates authorization information, and these authorization informations are sent to respectively on each mobile phone, father and mother carry out the input operation of identifying code by mobile phone, with this, the embodiment of the present application can receive each and be trusted the identifying code that mobile phone returns, further these identifying codes authorization information corresponding with it carried out to consistency checking, guarantee child's E-Security.
Thus; the embodiment of the present application five-way is crossed i.e. the second terminal of a plurality of trust terminals is set; utilize a plurality of trust terminals to carry out identifying code checking simultaneously; in request user's terminal and the non-legal use of username and password thereof or when simultaneously stolen; by stoping other identifying codes of trusting terminal to send the protection realizing this request user's financial transaction, improve user's financial transaction security.
Wherein, in above-described embodiment, when judging described judged result showing described in each identifying code not all authorization information corresponding to it is consistent in described identifying code judging unit 605, there is the inconsistent situation of some identifying code authorization information corresponding to it, now, trigger the second result generation unit to generate illegal the second the result of described request user, described the second the result shows, to the legitimate verification of this request user's financial transaction, can not pass through, now, this request user can not proceed its current financial transaction behavior, in described first terminal, can further carry out the operation of this request of terminal user's current financial transaction behavior, guarantee this request user's E-Security.
Implementation structure based on previous embodiment, with reference to figure 7, the structural representation of authorization information processing unit 603 described in a kind of demo plant embodiment six providing for the application, wherein, described authorization information processing unit 603 can comprise following structure:
The first Rule subelement 631, for the terminal iidentification according to the second terminal described in each, obtains each self-corresponding first information create-rule of the second terminal described in each.
Wherein, in described the first Rule subelement 631, refer to, described in each, the second terminal has its first information create-rule separately, and the first information create-rule of each the second terminal is all not identical.These first information create-rules can arrange in advance, in described the first Rule subelement 631, terminal iidentification according to each the second terminal, a plurality of first information create-rules that set in advance are distributed to the second terminal described in each, get each self-corresponding first information create-rule of the second terminal described in each.
The first information generates subelement 632, for according to first information create-rule described in each, generates respectively the authorization information of its corresponding the second terminal.
Wherein, known in above, described in each, first information create-rule is different, and the authorization information of each the second terminal generating is accordingly different.
The first information sends subelement 633, for described authorization information being sent to the second terminal of its correspondence.
With above-mentioned child, carry out the example that is exemplified as that financial transaction verification, father and mother carry out simultaneous verification, the authorization information that child and father and mother's mobile phone receives is obtained by the embodiment of the present application foundation first information create-rule separately respectively, accordingly, the authorization information receiving on child and father and mother's mobile phone is different.
With reference to figure 8, the structural representation of authorization information processing unit 603 described in a kind of verification method embodiment seven providing for the application, wherein, described authorization information processing unit 603 also can be realized by following structure:
Second Rule obtains subelement 634, and the terminal iidentification for according to described the second terminal, obtains the second default creating info rules, and described the second creating info rules is corresponding with the second terminal described in each.
Wherein, described the second creating info rules can be for setting in advance, and have uniqueness, and this second creating info rules is corresponding with all the second terminals.
The second Information generation subelement 635, for according to described the second creating info rules, generates the authorization information of the second terminal described in each.
Wherein, described the second Information generation subelement 635 refers to: according to described the second creating info rules, generate successively or simultaneously the authorization information of the second terminal described in each, described in each, the authorization information of the second terminal is different.
The second information sends subelement 636, for described authorization information being sent to the second terminal of its correspondence.
With above-mentioned child, carry out the example that is exemplified as that financial transaction verification, father and mother carry out simultaneous verification, the authorization information that child and father and mother's mobile phone receives obtains according to same the second creating info rules by the embodiment of the present application, and the authorization information receiving on child and father and mother's mobile phone is different.
It should be noted that, described in each generation in above-mentioned authorization information processing unit 603 in the authorization information of the second terminal, can comprise by a plurality of numerical characters, or alphabetic character etc., as 0~9 or a~z in any number of characters etc., these characters form the authorization information of the second terminal, described authorization information also can be for including pictorial information of character information etc., as a jpg picture, on this picture, draw have 0~9 or a~z in any number of characters etc.
Composition based on above-mentioned authorization information, with reference to figure 9, the structural representation of a kind of demo plant embodiment eight providing for the application, wherein, described identifying code judging unit 605 can be realized by following structure:
Character comparer unit 651, for respectively the authorization information numerical character corresponding to it of identifying code described in each being compared one by one, obtains sub-judged result corresponding to identifying code described in each.
Wherein, all described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
It should be noted that, described character comparer unit 651 refers to: by the character in identifying code described in each respectively in the authorization information corresponding with this identifying code numerical character compare one by one, with this, generate the sub-judged result of identifying code described in each, and all sub-judged results are combined into described judged result, and described the first result generation unit 606 is by identifying described judged result, when identifying it and showing identifying code described in each authorization information corresponding with it is consistent respectively, generate the first legal the result of described request user.
Wherein, described authorization information also can be for representing character string or the pictorial information of a plurality of characters, as " 9-5=? " character string, a jpg picture for another example, on this picture, draw have " 1+5=? " Deng.Accordingly, described identifying code judging unit 605 can be realized in the following manner:
Respectively the character information of representative in the authorization information corresponding to it of identifying code described in each is carried out to Corresponding matching, obtain sub-judged result corresponding to identifying code described in each, wherein, all described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
For example, one of them authorization information is " 9+8=? ", the legal identifying code of its correspondence is " 17 ", in described identifying code judging unit 605, the identifying code that the second terminal corresponding to this authorization information returned mates with " 17 ", obtains the matching result of this authorization information.
It should be noted that, each embodiment in this instructions all adopts the mode of going forward one by one to describe, and each embodiment stresses is the difference with other embodiment, between each embodiment identical similar part mutually referring to.
Finally, also it should be noted that, in this article, relational terms such as the first and second grades is only used for an entity or operation to separate with another entity or operational zone, and not necessarily requires or imply and between these entities or operation, have the relation of any this reality or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thereby the process, method, article or the equipment that make to comprise a series of key elements not only comprise those key elements, but also comprise other key elements of clearly not listing, or be also included as the intrinsic key element of this process, method, article or equipment.The in the situation that of more restrictions not, the key element being limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment that comprises described key element and also have other identical element.
A kind of verification method and the device that above the application are provided are described in detail, applied specific case herein the application's principle and embodiment are set forth, the explanation of above embodiment is just for helping to understand the application's method and core concept thereof; Meanwhile, for one of ordinary skill in the art, the thought according to the application, all will change in specific embodiments and applications, and in sum, this description should not be construed as the restriction to the application.
Claims (10)
1. a verification method, is characterized in that, is applied to first terminal, and described method comprises:
Receipt Validation request instruction, at least comprises the identification information of asking user in described checking request instruction;
According to described request user's identification information, determine the second terminal and terminal iidentification thereof that a plurality of and described identification information is corresponding;
According to the terminal iidentification of the second terminal described in each, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, to trigger described its terminal user of the second terminal notifying, carry out identifying code input operation;
Receive the identifying code that the second terminal is returned described in each;
According to described authorization information, identifying code described in each is carried out to consistance judgement, obtain judged result;
At identifying code described in described judged result shows each, when all authorization information corresponding to it is consistent, generate the first legal the result of described request user.
2. method according to claim 1, is characterized in that, according to the terminal iidentification of the second terminal described in each, generates a plurality of authorization informations and authorization information described in each is sent in the second terminal of its correspondence, comprising:
According to the terminal iidentification of the second terminal described in each, obtain each self-corresponding first information create-rule of the second terminal described in each;
According to first information create-rule described in each, generate respectively the authorization information of its corresponding the second terminal;
Described authorization information is sent in the second terminal of its correspondence.
3. method according to claim 1, is characterized in that, according to the terminal iidentification of the second terminal described in each, generates a plurality of authorization informations and authorization information described in each is sent in the second terminal of its correspondence, comprising:
Terminal iidentification according to described the second terminal, obtains the second default creating info rules, and described the second creating info rules is corresponding with all described the second terminals;
According to described the second creating info rules, generate the authorization information of the second terminal described in each;
Described authorization information is sent in the second terminal of its correspondence.
4. according to the method described in claim 1,2 or 3, it is characterized in that, in described authorization information, at least comprise a plurality of numerical characters.
5. method according to claim 4, is characterized in that, the described authorization information of described foundation, carries out consistance judgement to identifying code described in each, obtains judged result, comprising:
Respectively numerical character in the authorization information corresponding to it of identifying code described in each is compared one by one, obtained sub-judged result corresponding to identifying code described in each; All described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
6. a demo plant, is characterized in that, is applied to first terminal, and described device comprises:
Command reception unit, for Receipt Validation request instruction, at least comprises the identification information of asking user in described checking request instruction;
Sign determining unit, for the identification information according to described request user, determines the second terminal and terminal iidentification thereof that a plurality of and described identification information is corresponding;
Authorization information processing unit, for the terminal iidentification according to described the second terminal, generate a plurality of authorization informations and authorization information described in each be sent in the second terminal of its correspondence, to trigger described its terminal user of the second terminal notifying, carrying out identifying code input operation;
Identifying code receiving element, for receiving the identifying code that the second terminal is returned described in each;
Identifying code judging unit, for according to described authorization information, identifying code described in each is carried out to consistance judgement, obtain judged result, at identifying code described in described judged result shows each, when all authorization information corresponding to it is consistent, trigger the first result generation unit;
The first result generation unit, for generating the first legal the result of described request user.
7. device according to claim 6, is characterized in that, described authorization information processing unit comprises:
The first Rule subelement, for the terminal iidentification according to the second terminal described in each, obtains each self-corresponding first information create-rule of the second terminal described in each;
The first information generates subelement, for according to first information create-rule described in each, generates respectively the authorization information of its corresponding the second terminal;
The first information sends subelement, for described authorization information being sent to the second terminal of its correspondence.
8. device according to claim 6, is characterized in that, described authorization information processing unit comprises:
Second Rule obtains subelement, and the terminal iidentification for according to described the second terminal, obtains the second default creating info rules, and described the second creating info rules is corresponding with all described the second terminals;
The second Information generation subelement, for according to described the second creating info rules, generates the authorization information of the second terminal described in each;
The second information sends subelement, for described authorization information being sent to the second terminal of its correspondence.
9. according to the device described in claim 6,7 or 8, it is characterized in that, in described authorization information, at least comprise a plurality of numerical characters.
10. device according to claim 9, is characterized in that, described identifying code judging unit comprises:
Character comparer unit, for respectively the authorization information numerical character corresponding to it of identifying code described in each being compared one by one, obtains sub-judged result corresponding to identifying code described in each; All described sub-judged results form judged results, and described judged result shows that the authorization information that whether identifying code is corresponding with it described in each is consistent.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410230863.8A CN103971239A (en) | 2014-05-28 | 2014-05-28 | Verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410230863.8A CN103971239A (en) | 2014-05-28 | 2014-05-28 | Verification method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103971239A true CN103971239A (en) | 2014-08-06 |
Family
ID=51240701
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410230863.8A Pending CN103971239A (en) | 2014-05-28 | 2014-05-28 | Verification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103971239A (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104217328A (en) * | 2014-08-12 | 2014-12-17 | 小米科技有限责任公司 | Multi-verification payment method and multi-verification payment device |
| CN104572135A (en) * | 2015-02-10 | 2015-04-29 | 深圳酷派技术有限公司 | Command processing method, command processing device and terminal |
| CN104680372A (en) * | 2015-02-28 | 2015-06-03 | 熊贤浪 | Transaction security payment method and system |
| CN105516054A (en) * | 2014-09-22 | 2016-04-20 | 阿里巴巴集团控股有限公司 | User authentication method and user authentication device |
| CN105530129A (en) * | 2015-12-11 | 2016-04-27 | 小米科技有限责任公司 | Router reset method and device |
| CN105577621A (en) * | 2014-10-16 | 2016-05-11 | 腾讯科技(深圳)有限公司 | Service operation verification method, apparatus and system thereof |
| CN105592005A (en) * | 2014-10-22 | 2016-05-18 | 腾讯科技(深圳)有限公司 | Safety verification method, apparatus, and system |
| CN105635040A (en) * | 2014-10-27 | 2016-06-01 | 阿里巴巴集团控股有限公司 | Validation method, device and system |
| CN106101125A (en) * | 2016-07-01 | 2016-11-09 | 龙官波 | Authentication processing method, Apparatus and system |
| CN106209810A (en) * | 2016-07-03 | 2016-12-07 | 韦建峰 | A kind of verification method and generating means |
| CN107357821A (en) * | 2017-05-24 | 2017-11-17 | 杭州励飞软件技术有限公司 | Method for managing system, device and storage medium |
| CN108810267A (en) * | 2018-05-30 | 2018-11-13 | 努比亚技术有限公司 | verification information display control method, terminal and computer readable storage medium |
| CN108829464A (en) * | 2018-06-25 | 2018-11-16 | 腾讯科技(深圳)有限公司 | Serving starting method, device, computer equipment and storage medium |
| CN109146489A (en) * | 2018-09-29 | 2019-01-04 | 平安科技(深圳)有限公司 | Safe payment method, device, server and storage medium |
| CN111242605A (en) * | 2018-11-29 | 2020-06-05 | 中国移动通信集团广东有限公司 | Mobile payment method |
| CN111986405A (en) * | 2020-09-01 | 2020-11-24 | 中国银行股份有限公司 | Method and device for verifying withdrawal of common property based on ATM |
| CN112446020A (en) * | 2020-12-07 | 2021-03-05 | 北京小米松果电子有限公司 | Authentication method, authentication device and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101764800A (en) * | 2009-12-02 | 2010-06-30 | 深圳市融创天下科技发展有限公司 | Method for dynamic password multi-terminal combined authentication |
| CN102868665A (en) * | 2011-07-05 | 2013-01-09 | 华为软件技术有限公司 | Method and device for data transmission |
| CN102968722A (en) * | 2012-12-21 | 2013-03-13 | 北京惠银通联科技有限公司 | Method and system for transaction confirmation |
| CN103685311A (en) * | 2013-12-27 | 2014-03-26 | 网易(杭州)网络有限公司 | Log-in validation method and device |
-
2014
- 2014-05-28 CN CN201410230863.8A patent/CN103971239A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101764800A (en) * | 2009-12-02 | 2010-06-30 | 深圳市融创天下科技发展有限公司 | Method for dynamic password multi-terminal combined authentication |
| CN102868665A (en) * | 2011-07-05 | 2013-01-09 | 华为软件技术有限公司 | Method and device for data transmission |
| CN102968722A (en) * | 2012-12-21 | 2013-03-13 | 北京惠银通联科技有限公司 | Method and system for transaction confirmation |
| CN103685311A (en) * | 2013-12-27 | 2014-03-26 | 网易(杭州)网络有限公司 | Log-in validation method and device |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104217328A (en) * | 2014-08-12 | 2014-12-17 | 小米科技有限责任公司 | Multi-verification payment method and multi-verification payment device |
| CN105516054B (en) * | 2014-09-22 | 2019-01-18 | 阿里巴巴集团控股有限公司 | A kind of method and device of subscriber authentication |
| CN105516054A (en) * | 2014-09-22 | 2016-04-20 | 阿里巴巴集团控股有限公司 | User authentication method and user authentication device |
| CN105577621A (en) * | 2014-10-16 | 2016-05-11 | 腾讯科技(深圳)有限公司 | Service operation verification method, apparatus and system thereof |
| CN105577621B (en) * | 2014-10-16 | 2020-04-24 | 腾讯科技(深圳)有限公司 | Business operation verification method, device and system |
| CN105592005A (en) * | 2014-10-22 | 2016-05-18 | 腾讯科技(深圳)有限公司 | Safety verification method, apparatus, and system |
| CN105635040A (en) * | 2014-10-27 | 2016-06-01 | 阿里巴巴集团控股有限公司 | Validation method, device and system |
| CN105635040B (en) * | 2014-10-27 | 2018-12-28 | 阿里巴巴集团控股有限公司 | A kind of verification method, equipment and system |
| CN104572135B (en) * | 2015-02-10 | 2018-04-10 | 深圳酷派技术有限公司 | Processing method, the processing unit and terminal of instruction of instruction |
| CN104572135A (en) * | 2015-02-10 | 2015-04-29 | 深圳酷派技术有限公司 | Command processing method, command processing device and terminal |
| CN104680372A (en) * | 2015-02-28 | 2015-06-03 | 熊贤浪 | Transaction security payment method and system |
| CN105530129A (en) * | 2015-12-11 | 2016-04-27 | 小米科技有限责任公司 | Router reset method and device |
| CN105530129B (en) * | 2015-12-11 | 2020-07-10 | 小米科技有限责任公司 | Router resetting method and device |
| CN106101125A (en) * | 2016-07-01 | 2016-11-09 | 龙官波 | Authentication processing method, Apparatus and system |
| CN106209810A (en) * | 2016-07-03 | 2016-12-07 | 韦建峰 | A kind of verification method and generating means |
| CN107357821A (en) * | 2017-05-24 | 2017-11-17 | 杭州励飞软件技术有限公司 | Method for managing system, device and storage medium |
| CN108810267A (en) * | 2018-05-30 | 2018-11-13 | 努比亚技术有限公司 | verification information display control method, terminal and computer readable storage medium |
| CN108829464A (en) * | 2018-06-25 | 2018-11-16 | 腾讯科技(深圳)有限公司 | Serving starting method, device, computer equipment and storage medium |
| CN108829464B (en) * | 2018-06-25 | 2022-02-22 | 腾讯科技(深圳)有限公司 | Service starting method and device, computer equipment and storage medium |
| CN109146489A (en) * | 2018-09-29 | 2019-01-04 | 平安科技(深圳)有限公司 | Safe payment method, device, server and storage medium |
| WO2020062784A1 (en) * | 2018-09-29 | 2020-04-02 | 平安科技(深圳)有限公司 | Secure payment method and apparatus, and server and storage medium |
| CN111242605A (en) * | 2018-11-29 | 2020-06-05 | 中国移动通信集团广东有限公司 | Mobile payment method |
| CN111242605B (en) * | 2018-11-29 | 2023-09-19 | 中国移动通信集团广东有限公司 | Mobile payment method |
| CN111986405A (en) * | 2020-09-01 | 2020-11-24 | 中国银行股份有限公司 | Method and device for verifying withdrawal of common property based on ATM |
| CN111986405B (en) * | 2020-09-01 | 2022-04-26 | 中国银行股份有限公司 | Method and device for verifying withdrawal of common property based on ATM |
| CN112446020A (en) * | 2020-12-07 | 2021-03-05 | 北京小米松果电子有限公司 | Authentication method, authentication device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103971239A (en) | Verification method and device | |
| KR101583741B1 (en) | Two-Factor Authentication Systems and Methods | |
| CN105933266B (en) | A kind of verification method and server | |
| CN105515783B (en) | Identity identifying method, server and certification terminal | |
| CN104077689A (en) | Information verification method, relevant device and system | |
| CN106372940A (en) | Identity authentication method based on block chain network, server and terminal device | |
| CN105868970B (en) | authentication method and electronic equipment | |
| CN103973711A (en) | Verification method and device | |
| CN103039098A (en) | Authentication method and system using portable terminal | |
| CN110826043A (en) | Digital identity application system and method, identity authentication system and method | |
| CN105989485B (en) | Service management method and device | |
| CN102130909A (en) | Authentication method and system | |
| CN106657032A (en) | System and method for realizing identity identification and data authentication based on security medium confidential short message | |
| CN103905191A (en) | Verification method applied to mobile terminal, mobile terminal and system | |
| CN106529955A (en) | Payment method and device | |
| CN106656993A (en) | Dynamic verification code verifying method and apparatus | |
| CN108400989A (en) | A kind of safety certificate equipment of shared resource authentication, method and system | |
| CN103139210A (en) | Method of safety authentication | |
| CN101296078A (en) | Information interactive affirmation device in internetwork communication | |
| CN104935550A (en) | Intelligent electronic commerce user management system technique and operating method thereof | |
| CN103684796A (en) | SMI (subscriber identity module) card and personal identity authentication method | |
| GB2508173A (en) | Identity verification systems and methods | |
| CN106779711A (en) | Safe payment method and device based on eID | |
| CN104702410A (en) | Dynamic password authentication device, system and method | |
| KR100563544B1 (en) | Method for authenticating a user with one-time password |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140806 |