CN104579649A - Identity recognition method and system - Google Patents

Identity recognition method and system Download PDF

Info

Publication number
CN104579649A
CN104579649A CN201310516818.4A CN201310516818A CN104579649A CN 104579649 A CN104579649 A CN 104579649A CN 201310516818 A CN201310516818 A CN 201310516818A CN 104579649 A CN104579649 A CN 104579649A
Authority
CN
China
Prior art keywords
identification code
dynamic
code
user
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310516818.4A
Other languages
Chinese (zh)
Other versions
CN104579649B (en
Inventor
张育淼
宋智刚
陈明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201310516818.4A priority Critical patent/CN104579649B/en
Priority to PCT/CN2014/089627 priority patent/WO2015062461A1/en
Publication of CN104579649A publication Critical patent/CN104579649A/en
Application granted granted Critical
Publication of CN104579649B publication Critical patent/CN104579649B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Abstract

The invention provides an identity recognition method. The method comprises the following steps: a terminal obtains a prestored first identification code corresponding to a user identification; the terminal generates a first dynamic password according to the first identification code, and sends the user identification and the first dynamic password to a server; the server obtains a prestored second identification code corresponding to the user identification; the server generates a second dynamic password according to the second identification code, judges whether the first dynamic password is matched with the second dynamic password or not, and determining that the validation is passed if the first dynamic password is matched with the second dynamic password. By adopting the method, the potential safety hazard can be reduced during identity recognition, and the security is improved. In addition, the invention further provides an identity recognition system.

Description

Personal identification method and system
Technical field
The present invention relates to communication technical field, particularly relate to a kind of personal identification method and system.
Background technology
All need under a lot of application scenarioss in the Internet to identify user identity.Traditional personal identification method is normally by the mode of input password, and concrete, the codon pair user identity according to receiving is verified, if Password Input is correct, is then verified.But in traditional this personal identification method, password is once be known by other people, then can bring potential safety hazard, therefore fail safe is not high.
Summary of the invention
Based on this, be necessary for above-mentioned technical problem, the personal identification method providing a kind of fail safe higher and system.
A kind of personal identification method, described method comprises:
Terminal obtains first identification code corresponding with user ID prestored;
Described terminal generates the first dynamic password according to described first identification code, and described user ID and the first dynamic password are sent to server;
Described server obtains second identification code corresponding with described user ID prestored;
Described server generates the second dynamic password according to described second identification code, judges whether the first dynamic password mates with the second dynamic password, if be then verified.
A kind of identification system, described system comprises terminal and server, and described terminal comprises:
First identification code acquisition module, for obtaining first identification code corresponding with user ID prestored;
First dynamic password generation module, for generating the first dynamic password according to described first identification code, is sent to described server by described user ID and the first dynamic password;
Described server comprises:
Second identification code acquisition module, for obtaining second identification code corresponding with described user ID prestored;
Second dynamic password generation module, for generating the second dynamic password according to described second identification code;
First authentication module, for judging whether the first dynamic password mates with the second dynamic password, if be then verified.
In above-mentioned personal identification method and system, terminal is after getting first identification code that prestore corresponding with user ID, the first dynamic password is generated according to the first identification code, server generates the second dynamic password according to the second identification code prestored, and then judge whether the first dynamic password mates with the second dynamic password, if be then verified, therefore, as long as exist in advance from the identification code that server gets in terminal, just authentication can be carried out, relative to conventional art, without the need to any input of user, decrease the possibility that data are tampered, thus improve fail safe.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of personal identification method in an embodiment;
Fig. 2 is the schematic flow sheet verified user identity in an embodiment;
Fig. 3 is to the schematic flow sheet that user identity is verified in another embodiment;
Fig. 4 is to the schematic flow sheet that user identity is verified in another embodiment;
Fig. 5 is to the schematic flow sheet that user identity is verified in another embodiment;
Fig. 6 is the schematic flow sheet of personal identification method in another embodiment;
Fig. 7 is the structured flowchart of identification system in an embodiment;
Fig. 8 is the structured flowchart of server in an embodiment;
Fig. 9 is the structured flowchart of identification system in another embodiment;
Figure 10 is the structured flowchart of terminal in an embodiment;
Figure 11 is the structured flowchart of server in another embodiment.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
Unless context separately has the description of specific distinct, the element in the present invention and assembly, the form that quantity both can be single exists, and form that also can be multiple exists, and the present invention does not limit this.Although the step in the present invention arranges with label, and be not used in and limit the precedence of step, the order of step or the execution of certain step need based on other steps unless expressly stated, otherwise the relative rank of step is adjustable.Be appreciated that term "and/or" used herein relates to and contains the one or more any and all possible combination in the Listed Items be associated.
As shown in Figure 1, in one embodiment, provide a kind of personal identification method, the method comprises:
Step 102, terminal obtains first identification code corresponding with user ID prestored.
Terminal in the present invention, for the terminal equipment of various application can be run, include but not limited to various desktop computer, pocket computer on knee, personal digital assistant, panel computer, smart mobile phone, E-book reader, MP3(Moving Picture Experts Group Audio Layer III, dynamic image expert compression standard audio frequency aspect 3) or MP4(Moving Picture Experts Group Audio Layer IV, dynamic image expert compression standard audio frequency aspect 4) player, POS terminal and vehicle-mounted computer etc.Terminal is used all to need to identify the identity of user under a lot of application scenarios.In the present invention, pay with terminal to server requests transaction and be illustrated, but be appreciated that, the present invention is not limited thereto, can also identify user identity under the application scenarios that other is higher to security requirement, such as, under the application scenarios of private information needing calling party, inferior at the application scenarios confirmed an order.
In the present embodiment, in terminal, be previously stored with first identification code corresponding with user ID.User ID is used for unique identification user, can be used to the account number or the identification number etc. that log in application.First identification code is that terminal is used for the identification code of generation first dynamic password, such as, obtain one group of character string after computing is carried out to the first identification code and be the first dynamic password, or the first identification code combination is obtained one group of character string together with terminal or user-dependent multidate information after computing is the second dynamic password, or in conjunction with pending device data together computing, the second dynamic password is obtained to the one group of character string obtained, etc.Identification code can be generated by server, and terminal obtains identification code from server and is stored in this locality, then the identification code of storage terminal is the first identification code.First identification code can generate according to user ID, concrete, the user ID of terminal transmission can be got by server, then one group of character string is generated according to user ID, this group character string is the first identification code, in addition, when generation the first identification code, also can generate character string in conjunction with other according to user ID together with terminal or user-dependent information.
Step 104, terminal generates the first dynamic password according to the first identification code, and user ID and the first dynamic password are sent to server.
First dynamic password is used to the character string realizing authentication, so-called dynamic password, is to generate a uncertain random digit combination according to special algorithm, and dynamic password can only use once at every turn.
Step 106, server obtains second identification code corresponding with user ID prestored.
In the present embodiment, the first identification code refers to storage identification code in the terminal, and the second identification code refers to storage identification code in the server.The first identification code herein and the second identification code are that the position of depositing according to identification code is different and distinguish, the content of the first identification code and the second identification code may identical also may be different.Second identification code is the user ID that sends according to terminal in advance of server and the identification code that generates, this identification code is stored in terminal local after can send to terminal, then be called the first identification code stored in terminal, if identification code is not tampered in process of transmitting and storing process, then the first identification code should be identical with the content of the second identification code.
Step 108, server generates the second dynamic password according to the second identification code, and judges whether the first dynamic password and the second dynamic password mate, if be then verified.
The first dynamic password herein and the second dynamic password are that the position generated according to dynamic password is different and distinguish, the content of the first dynamic password and the second dynamic password may identical also may be different.Concrete, in the present embodiment, server and terminal can arrange the algorithm generating dynamic password, thus server adopts the algorithm predetermined with terminal to generate the second dynamic password according to the second identification code, judge whether the first dynamic password and the second dynamic password mate further, if coupling, then authentication is passed through, otherwise checking is not passed through.In a preferred embodiment, whether the mode that character string can be adopted to detect detects the first dynamic password identical with the second dynamic password, if identical, then authentication is passed through, otherwise checking is not passed through.Because server and terminal generate according to the identification code of this locality separately according to the algorithm of agreement, if the first identification code is identical with the second identification code, then the first dynamic password and the second dynamic password also should be identical.
In the present embodiment, because the first dynamic password generates according to the first identification code stored in the terminal, second dynamic password generates according to the second identification code stored in the server, and the first identification code is the identification code that terminal gets from server, as long as the identification code that server generates according to user ID is not tampered sending in the process of terminal and the process in terminal storage, then the identification code that terminal can store according to this locality carry out authentication.Whole proof procedure, without the need to any input operation of user, decreases the possibility that data are tampered, thus improves fail safe.
How user identity is verified be set forth in the application scenarios that need identify user identity below with different embodiments under.
As shown in Figure 2, in one embodiment, a kind of method verified user identity, comprising:
Step 202, terminal obtains first identification code corresponding with user ID prestored.
Step 204, terminal generates the first dynamic code according to dynamic code rise time and the first identification code.
In the present embodiment, before step 202, terminal can obtain the dynamic code rise time from server, the dynamic code rise time can be the server time that server is current when receiving the data processing request of pending data, wherein, pending data can be terminal and need data to be processed under various application scenarioss, such as the private information etc. of order data, payment data and user.Because the dynamic code rise time is variable, the first dynamic code that therefore terminal generates is uncertain, makes dynamic code be not easy to be intercepted and captured or distort, thus further increases fail safe.
Step 206, user ID and the first dynamic code are sent to server by terminal.
Step 208, server obtains second identification code corresponding with user ID prestored.
The identification code of described generation when the second identification code is terminal to server request identification code, this identification code also returns to terminal after generating and stores.Therefore, if the first identification code stored in terminal is not tampered, the first identification code should be identical with the second identification code.
Step 210, server generates the second dynamic code according to dynamic code rise time and the second identification code.
Be appreciated that in the present embodiment, the first dynamic code is the first dynamic password, and the second dynamic code is the second dynamic password.Because server generates the second dynamic code according to dynamic code rise time and the second identification code, therefore, if the first identification code is identical with the second identification code, then the first dynamic code is also identical with the second dynamic code.
Step 212, server judges whether the first dynamic code and the second dynamic code mate, and are if so, then verified, otherwise checking is not passed through.
Concrete, whether server detects the first dynamic code in the mode that character string detects identical with the second dynamic code, if identical, then authentication is passed through, otherwise checking is not passed through.
In the present embodiment, terminal gets final product completing user authentication according to the identification code prestored, whole proof procedure is without the need to any input of user, and dynamic password can according to dynamic code rise time dynamically changeable, therefore potential safety hazard is reduced, improve fail safe, and can bring great advantage to the user, improve the efficiency of identification.
In another embodiment, as shown in Figure 3, a kind of method verified user identity, comprising:
Step 302, terminal obtains first identification code corresponding with user ID prestored.
Step 304, terminal generates the first dynamic code according to dynamic code rise time and the first identification code, generates the first signed data of pending data according to pending data and the first dynamic code.
Pending data can be terminal and need data to be processed under various application scenarioss, such as the private information etc. of order data, payment data and user.In one embodiment, terminal obtains pending data, employing digest algorithm treats deal with data and the first dynamic code carries out summary computing, thus generating first signed data (or being called summary data) of pending data, this signed data is as the data after the summary of pending data using the first dynamic code.
Should illustrate, terminal is treated deal with data and the first dynamic code and to be carried out making a summary the digest algorithm that computing adopts, include but not limited to various CRC(Cyclic Redundancy Check, cyclic redundancy check (CRC)) algorithm, MD algorithm (Message-Digest Algorithm, Message Digest 5) (as MD4 algorithm, MD5 algorithm) and SHA(Secure Hash Algorithm, the algorithm of being specified by the standards body-USA National Institute of Standard and Technology of U.S.'s tailor cryptographic algorithm) etc., the present invention does not limit this.
Step 306, user ID, pending data and the first signed data are sent to server by terminal.
Step 308, server obtains second identification code corresponding with user ID prestored.
Step 310, server generates the second dynamic code according to dynamic code rise time and the second identification code, generates the second signed data of pending data according to the pending data received and the second dynamic code.
The first signed data herein and the second signed data are the position that generates according to signed data and distinguish, the content of the first signed data and the second signed data may identical also may be different.Be understandable that, in the present embodiment, the first signed data is the first dynamic password, and the second signed data is the second dynamic password.Server and server can arrange the algorithm generating signed data, server is after generation second dynamic code, then adopt the algorithm of arranging with terminal to carry out summary computing to the pending data received and the second dynamic code, thus generate the second signed data of pending data.Because server and terminal generate dynamic code according to the identification code of this locality separately according to the algorithm of agreement, and then generate signed data according to dynamic code, if the first identification code is identical with the second identification code, then the first signed data and the second signed data also should be identical.
Step 312, server judges whether the first signed data and the second signed data mate, and are if so, then verified, otherwise checking is not passed through.
Concrete, whether server detects the first signed data in the mode that character string detects identical with the second signed data, if identical, is then verified, otherwise checking is not passed through.In the present embodiment, server is when carrying out authentication, be not simply judge that whether the first dynamic code is identical with the second dynamic code, but terminal generates the first signed data of pending data further according to pending data and the first dynamic code, and server is when carrying out authentication, second dynamic code of the pending data that meeting basis receives and generation generates the first signed data of pending data, thus judge that whether the first signed data is identical with the second signed data, signed data due to pending data is through that a series of computing obtains, and be dynamically changeable in time, therefore the possibility be tampered is very low, thus fail safe can be improved further.Further, whole authentication process itself, without the need to any input of user, can reduce the efficiency that potential safety hazard can improve again identification.
In one embodiment, as shown in Figure 4, a kind of method verified user identity, comprising:
Step 402, terminal obtains first identification code corresponding with user ID prestored.
Step 404, terminal obtains the terminal iidentification corresponding with user ID and facility information, generates the first dynamic code according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the first identification code.
Terminal iidentification is used for unique identification one station terminal, and terminal iidentification can for the character string generated together with privately owned keyword by device id and at least one in device mac address.In one embodiment, device id and device mac address can be sent to server by terminal, at least one in server by utilizing device id and device mac address, character string is generated together in conjunction with privately owned keyword, such as, can be the character string of 32 bytes, this character string is terminal iidentification, and the terminal iidentification generated may correspond to user ID and stores in the server and send to terminal respective user mark to store.Therefore, terminal can obtain the terminal iidentification corresponding with user ID from local or server.
Facility information includes but not limited to device id, device mac address, equipment platform, unit type, OS Type and root authority information etc., when generation the first dynamic code, at least one in facility information can be selected to participate in computing.Facility information can be sent to server by terminal together with user ID, on the server respective user identification storage information.Therefore, terminal can obtain the facility information corresponding with user ID from local or server.
Step 406, user ID and the first dynamic code are sent to server by terminal.
Step 408, server obtains second identification code corresponding with user ID prestored.
Step 410, server obtains the terminal iidentification corresponding with user ID and facility information, generates the second dynamic code according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the second identification code.
Be appreciated that user ID that user ID that server generates the second dynamic code and utilize, terminal iidentification and at least one in facility information and terminal generate the first dynamic code and utilize, terminal iidentification should be identical with at least one in facility information.Such as, terminal generates the first dynamic code according to user ID, terminal iidentification and unit type, dynamic code rise time and the first identification code, then correspondingly, server generates the second dynamic code according to user ID, terminal iidentification and unit type, dynamic code rise time and the second identification code.Server and terminal have arranged the algorithm generating dynamic code, and therefore server can adopt the algorithm of arranging with terminal to generate the second dynamic code.
Step 412, server judges whether the first dynamic code mates with the second dynamic code, if be then verified, otherwise checking is not passed through.
Concrete, whether server detects the first dynamic code in the mode that character string detects identical with the second dynamic code, if identical, then authentication is passed through, otherwise checking is not passed through.In the present embodiment, terminal generates the first dynamic code according at least one in user ID, terminal iidentification, facility information, dynamic code rise time and the first identification code, and the possibility that these information are all tampered is lower, therefore, it is possible to improve fail safe further.Further, whole process, without the need to any input of user, can reduce the efficiency that potential safety hazard can improve again identification, bring great convenience to user.
In another embodiment, as shown in Figure 5, a kind of method verified user identity, comprising:
Step 502, terminal obtains first identification code corresponding with user ID prestored.
Step 504, terminal obtains the terminal iidentification corresponding with user ID and facility information, generate the first dynamic code according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the first identification code, generate the first signed data of pending data according to pending data and the first dynamic code.
In the present embodiment, terminal can adopt multiple digest algorithm as above to carry out summary computing to the first dynamic code and pending data, thus obtains the first signed data of pending data.
Step 506, user ID, pending data and the first signed data are sent to server by terminal.
Step 508, server obtains second identification code corresponding with user ID prestored.
Step 510, server obtains the terminal iidentification corresponding with user ID and facility information, the second dynamic code is generated, according to second signed data of the second dynamic code with the pending data of pending data genaration received according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the second identification code.
In the present embodiment, server and terminal can engagement arithmetics, after server generates the second dynamic code, then adopt the algorithm of arranging with terminal to carry out summary computing to the pending data received and the second dynamic code, thus generate the second signed data of pending data.
Step 512, server judges whether the first signed data and the second signed data mate, and are if so, then verified, otherwise checking is not passed through.
Concrete, whether server detects the first signed data in the mode that character string detects identical with the second signed data, if identical, is then verified, otherwise checking is not passed through.In the present embodiment, server is when carrying out authentication, be not simply judge that whether the first dynamic code is identical with the second dynamic code, but terminal generates the first signed data of pending data further according to pending data and the first dynamic code, and server is when carrying out authentication, second dynamic code of the pending data that meeting basis receives and generation generates the first signed data of pending data, thus judge that whether the first signed data is identical with the second signed data, signed data due to pending data is through that a series of computing obtains, and be dynamically changeable in time, therefore the possibility be tampered is very low.In addition, terminal generates the first dynamic code according at least one in user ID, terminal iidentification, facility information, dynamic code rise time and the first identification code, and the possibility that these information are all tampered is lower, thus can improve fail safe further.Further, whole identification procedure, without the need to any input operation of user, can reduce the efficiency that potential safety hazard can improve again identification, therefore can improve fail safe and can improve convenience again.
In one embodiment, before server generates the step of the second dynamic password according to the second identification code, personal identification method also can comprise: the dynamic code rise time that server receiving terminal sends, time-out is judged whether according to the dynamic code rise time, if there is no time-out, then perform the step generating the second dynamic password according to the second identification code; Wherein, the dynamic code rise time that terminal sends obtains from server.
In the present embodiment, terminal sends the data processing request of pending data to server, after server receives data processing request, the dynamic code rise time is returned to terminal.The dynamic code rise time can be the time that when server receives data processing request, server is current.The dynamic password (the first dynamic password) that the dynamic code rise time makes terminal generate has ageing.
Further, while user ID and the first dynamic password are sent to server by terminal, also in the lump the dynamic code rise time is sent to server, server receives the dynamic code rise time, obtains the time difference between the time of now server and the dynamic code rise time received, and judges whether this time difference exceeds default overtime number of seconds, if exceeded, time-out is then described, server does not carry out subsequent treatment, namely indicates the second dynamic password and cancels.Like this, exceed certain hour after data processing request is sent for terminal and carry out calcellation process to the first dynamic password that server is submitted to, do not submit the situation of the first dynamic password after can effectively preventing terminal from sending data processing request for a long time to, further increase fail safe.
In one embodiment, as shown in Figure 6, provide another kind of personal identification method, comprising:
Step 602, terminal detects whether there is first identification code corresponding with user ID, if can't detect, then enters step 604, otherwise enters step 608.
Concrete, terminal is when needs carry out identification to user, first need obtain first identification code corresponding with user ID stored in terminal, before acquisition first identification code, whether terminal need detect exists the first identification code, if can't detect, show that terminal does not apply for identification code, then enter the process that step 604 performs follow-up application identification code.
In one embodiment, if terminal generates the first dynamic code and make use of terminal iidentification, then terminal needs in step 602 detection further whether can get the terminal iidentification corresponding with user ID, concrete, terminal detects on server whether store the terminal iidentification corresponding with user ID, if so, then obtains the terminal iidentification corresponding with user ID and carries out subsequent flows journey, otherwise, enter step 604.
Step 604, terminal to server sends checking request, carries user ID in this checking request.
Step 606, server carries out authentication according to checking request, generates identification code in authentication by rear according to user ID.
In one embodiment, terminal can point out user to input password, the password of input is sent to server together with user ID and carries out authentication.In another embodiment, terminal also can be pointed out user to input mobile communication number to carry out short-message verification, concrete, terminal receives the short message verification code of user's input, whether short message verification code and user ID are sent to server, and server receives short message verification code, verify identical with the short message verification code generated before, if identical, then by checking.
Further, server, after authentication is passed through, generates identification code according to user ID.Because user ID has uniqueness, the identification code therefore generated also has uniqueness.Identification code respective user mark can store by server.In one embodiment, server also comprises: terminal obtains identification code from server after generating identification code according to user ID, and respective user mark stores.Like this, be convenient to subsequent terminal and obtain the identification code corresponding with user ID of storage thus realize identification, this identification code corresponding with user ID stored in the terminal is the first identification code.
In one embodiment, server generates the step of identification code according to user ID, comprising: server obtains application identities, generates identification code according to application identities and user ID.In the present embodiment, apply the application being used for generating pending data that can be at terminal operating, application identities can be the title of application or is the preallocated identification number of application etc.Server generates identification code according to user ID and application identities, adds the complexity of identification code, reduces the possibility that identification code is tampered, further increase fail safe.
In one embodiment, after authentication, also comprise: the facility information that server receiving terminal sends, generate terminal iidentification, by terminal iidentification and user ID corresponding stored according to facility information.
In the present embodiment, terminal obtains facility information, and facility information is sent to server.Facility information includes but not limited to device id, device mac address, equipment platform, unit type, OS Type and root authority information etc.Server receives the facility information that terminal sends, and generates terminal iidentification according to facility information.Concrete, server at least one in selected equipment information can generate terminal iidentification in conjunction with privately owned keyword jointly.Such as, server according to the device id in facility information and device mac address, cooperatively can generate terminal iidentification in conjunction with privately owned keyword, and this terminal iidentification can be the character string of 32 bytes, therefore generated terminal iidentification has uniqueness, can be used for unique identification one station terminal equipment.Further, the terminal iidentification of generation and user ID corresponding stored can get up by server.Like this, terminal, when generation the first dynamic code, can obtain the terminal iidentification corresponding with user ID from server.
Further, in one embodiment, server generates the step of identification code according to user ID, comprising: server obtains application identities, generates identification code according to application identities, user ID and terminal iidentification; Or server generates identification code according to user ID and terminal iidentification.In the present embodiment, server can generate identification code according to application identities, user ID and terminal iidentification, or generates identification code according to user ID and terminal iidentification, adds the complexity of identification code, reduce the possibility that identification code is tampered, further increase fail safe.
Further, in one embodiment, after server generates the step of identification code according to user ID, also comprise: at least one in user ID, terminal iidentification and facility information as key, is encrypted identification code by server.
In the present embodiment, at least one in server by utilizing user ID, terminal iidentification and facility information is encrypted identification code, the identification code then after server respective user mark storage encryption.And terminal from the identification code that server obtains also be encryption after identification code, and by encryption after identification code respective user mark store.When terminal needs to utilize identification code to generate dynamic password, then to obtaining the identification code stored, and at least one in user ID, terminal iidentification and facility information is correspondingly utilized to be decrypted the identification code after encryption.Owing to having carried out encryption to identification code, and at least one that make use of in user ID, terminal iidentification and facility information is as key, further reduces the possibility that identification code is tampered, therefore, it is possible to improve fail safe further.
Step 608, terminal obtains first identification code corresponding with user ID prestored, and carries out authentication according to the first identification code.
If terminal detects that this locality stores the identification code corresponding with user ID, then terminal obtains this identification code, and carries out follow-up subscriber authentication process, and concrete subscriber authentication process, as described in the various embodiments described above, also repeats no more at this.After subscriber authentication is passed through, then the pending data of server process, such as, complete transaction payment etc.
In the present embodiment, when terminal can't detect the identification code of storage, then to server application identification code, be convenient to the follow-up identification code of storage that utilizes to carry out identity code.Follow-up need generate dynamic password time, terminal and server obtain the identification code of self storage separately to generate dynamic password, and then carry out authentication by whether the dynamic password that judges each self-generating is identical, the possibility be tampered due to identification code and dynamic password is all minimum, because this reducing potential safety hazard, and terminal realizes identification automatically by the identification code stored, and without the need to any input of user, therefore can improve the efficiency that fail safe can improve again identification.
As shown in Figure 7, in one embodiment, additionally provide a kind of identification system, this system comprises client 720 and server 740, and wherein, client 720 comprises:
First identification code acquisition module 722, for obtaining first identification code corresponding with user ID prestored.
First dynamic password generation module 724, for generating the first dynamic password according to the first identification code, is sent to server 740 by user ID and the first dynamic password.
Server 740 comprises:
Second identification code acquisition module 742, for obtaining second identification code corresponding with user ID prestored.
Second dynamic password generation module 744, for generating the second dynamic password according to the second identification code.
First authentication module 746, for judging whether the first dynamic password and the second dynamic password mate, if be then verified.
Concrete, the first authentication module 746, for judging that whether the first dynamic password is identical with the second dynamic password, if identical, is then verified, otherwise checking is not passed through.
In one embodiment, the first dynamic password generation module 724 is for generating the first dynamic code according to dynamic code rise time and the first identification code; Second dynamic password generation module 744 is for generating the second dynamic code according to dynamic code rise time and the second identification code; First authentication module 746 is for judging whether the first dynamic code and the second dynamic code mate, if be then verified.
In another embodiment, the first dynamic password generation module 724, for generating the first dynamic code according to dynamic code rise time and the first identification code, generates the first signed data of pending data according to pending data and the first dynamic code; The pending data that second dynamic password generation module 744 sends for receiving terminal 720 and the first signed data, generate the second dynamic code according to dynamic code rise time and the second identification code, generate the second signed data of pending data according to the pending data received and the second dynamic code; First authentication module 746 is for judging whether the first signed data and the second signed data mate, if be then verified.
In one embodiment, first dynamic password generation module 724, for obtaining the terminal iidentification corresponding with user ID and facility information, generates the first dynamic code according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the first identification code; Second dynamic password generation module 744, for obtaining the terminal iidentification corresponding with user ID and facility information, generates the second dynamic code according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the second identification code; First authentication module 746 is for judging whether the first dynamic code and the second dynamic code mate, if be then verified.
In another embodiment, first dynamic password generation module 724 is for obtaining the terminal iidentification corresponding with user ID and facility information, generate the first dynamic code according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the first identification code, generate the first signed data of pending data according to pending data and the first dynamic code; The pending data that second dynamic password generation module 744 sends for receiving terminal 720 and the first signed data, obtain the terminal iidentification corresponding with user ID and facility information, generate the second dynamic code according at least one in user ID, terminal iidentification and facility information, dynamic code rise time and the second identification code; According to second signed data of the second dynamic code with the pending data of pending data genaration received; First authentication module 746 is for judging whether the first signed data and the second signed data mate, if be then verified.
In one embodiment, as shown in Figure 8, server 740 also comprises: overtime judge module 741, for the dynamic code rise time that receiving terminal 720 sends, time-out is judged whether according to the dynamic code rise time, if overtime, then notify that the second dynamic password generation module 744 generates the second dynamic password; Wherein, the dynamic code rise time that terminal 720 sends obtains from server 740.
In one embodiment, as shown in Figure 9, terminal 720 also comprises: Detecting of Data Identification Code module 721, first identification code corresponding with user ID whether is there is for sense terminals 720, if can't detect, then send checking request to server 740, user ID is carried in this checking request.In the present embodiment, server 740 also comprises: the second authentication module 745, for carrying out authentication according to checking request; Identification code generation module 747, for generating identification code by rear according to user ID in authentication.
Further, in one embodiment, identification code generation module 747, for obtaining application identities, generates identification code according to application identities and user ID.
Further, in one embodiment, as shown in Figure 10, terminal 720 also comprises: identification code memory module 726, and for obtaining the identification code generated from server, and respective user mark stores.
In one embodiment, as shown in figure 11, server 740 also comprises:
Terminal iidentification generation module 748, for the facility information that receiving terminal 720 sends, generates terminal iidentification, by terminal iidentification and user ID corresponding stored according to facility information.
Further, identification code generation module 747, for obtaining application identities, generates identification code according to application identities, user ID and terminal iidentification; Or identification code generation module 747 is also for generating identification code according to user ID and terminal iidentification.
Further, server 740 also comprises: encrypting module 749, for using at least one in user ID, terminal iidentification and facility information as key, to generate identification code be encrypted.In the present embodiment, the identification code after encryption is sent to terminal 720 and stores.When terminal 720 needs the identification code obtaining local storage to carry out identification, then first utilize at least one in user ID, terminal iidentification and facility information to be decrypted to the identification code got, and then generate dynamic password according to the identification code after deciphering.
One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in computer read/write memory medium, as this program can be stored in the storage medium of computer system, and performed by least one processor in this computer system, to realize the flow process of the embodiment comprised as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
The above embodiment only have expressed several execution mode of the present invention, and it describes comparatively concrete and detailed, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.It should be pointed out that for the person of ordinary skill of the art, without departing from the inventive concept of the premise, can also make some distortion and improvement, these all belong to protection scope of the present invention.Therefore, the protection range of patent of the present invention should be as the criterion with claims.

Claims (24)

1. a personal identification method, described method comprises:
Terminal obtains first identification code corresponding with user ID prestored;
Described terminal generates the first dynamic password according to described first identification code, and described user ID and the first dynamic password are sent to server;
Described server obtains second identification code corresponding with described user ID prestored;
Described server generates the second dynamic password according to described second identification code, judges whether the first dynamic password mates with the second dynamic password, if be then verified.
2. method according to claim 1, is characterized in that, described terminal generates the step of the first dynamic password according to the first identification code, comprising: described terminal generates the first dynamic code according to dynamic code rise time and described first identification code;
Described server generates the second dynamic password according to described second identification code, judges whether the first dynamic password mates with the second dynamic password, if the step be then verified, comprising:
Described server generates the second dynamic code according to described dynamic code rise time and described second identification code; Described server judges whether described first dynamic code and the second dynamic code mate, if be then verified.
3. method according to claim 1, it is characterized in that, described terminal generates the step of the first dynamic password according to the first identification code, comprise: described terminal generates the first dynamic code according to dynamic code rise time and described first identification code, generate the first signed data of described pending data according to pending data and described first dynamic code;
Described server generates the second dynamic password according to described second identification code, judges whether the first dynamic password mates with the second dynamic password, if the step be then verified, comprising:
The pending data that described server receiving terminal sends and the first signed data, generate the second dynamic code according to described dynamic code rise time and described second identification code, generate the second signed data of pending data according to the pending data received and described second dynamic code;
Described server judges whether described first signed data and the second signed data mate, if be then verified.
4. method according to claim 1, is characterized in that, described terminal generates the step of the first dynamic password according to the first identification code, comprising:
Described terminal obtains the terminal iidentification corresponding with user ID and facility information, generates the first dynamic code according at least one in described user ID, terminal iidentification and facility information, dynamic code rise time and described first identification code;
Described server generates the second dynamic password according to described second identification code, judges whether the first dynamic password mates with the second dynamic password, if the step be then verified, comprising:
Described server obtains the terminal iidentification corresponding with described user ID and facility information, generates the second dynamic code according at least one in described user ID, terminal iidentification and facility information, described dynamic code rise time and described second identification code;
Described server judges whether described first dynamic code mates with the second dynamic code, if be then verified.
5. method according to claim 1, it is characterized in that, described terminal generates the step of the first dynamic password according to the first identification code, comprise: described terminal obtains the terminal iidentification corresponding with user ID and facility information, generate the first dynamic code according at least one in described user ID, terminal iidentification and facility information, dynamic code rise time and described first identification code, generate the first signed data of described pending data according to pending data and described first dynamic code;
Described server generates the second dynamic password according to described second identification code, judges whether the first dynamic password mates with the second dynamic password, if the step be then verified, comprising:
The pending data that described server receiving terminal sends and the first signed data;
Described server obtains the terminal iidentification corresponding with described user ID and facility information, generates the second dynamic code according at least one in described user ID, terminal iidentification and facility information, described dynamic code rise time and described second identification code;
According to second signed data of described second dynamic code with pending data described in the pending data genaration received;
Described server judges whether described first signed data and the second signed data mate, and are if so, then verified.
6. the method according to any one of claim 1 to 5, is characterized in that, before described server generates the step of the second dynamic password according to the second identification code, also comprises:
Described server receives the dynamic code rise time that described terminal sends, and judges whether time-out, if do not have time-out, then perform the described step generating the second dynamic password according to the second identification code according to the described dynamic code rise time;
Wherein, the dynamic code rise time that described terminal sends obtains from described server.
7. method according to claim 1, is characterized in that, before obtaining the step of first identification code corresponding with user ID prestored, also comprises in described terminal:
Described terminal detects whether there is first identification code corresponding with user ID, if can't detect, then send checking request to described server, described user ID is carried in described checking request;
Described server carries out authentication according to described checking request, generates identification code in authentication by rear according to described user ID.
8. method according to claim 7, is characterized in that, the described step generating identification code according to user ID, comprising:
Described server obtains application identities, generates described identification code according to described application identities and user ID.
9. method according to claim 7, is characterized in that, after described server generates the step of identification code according to user ID, also comprises:
Described terminal obtains described identification code from described server, and corresponding described user ID stores.
10. method according to claim 7, is characterized in that, in described authentication by also comprising afterwards:
Described server receives the facility information that described terminal sends, and generates terminal iidentification, by described terminal iidentification and described user ID corresponding stored according to described facility information.
11. methods according to claim 10, is characterized in that, the described step generating described identification code according to user ID, comprising:
Described server obtains application identities, generates described identification code according to described application identities, user ID and terminal iidentification; Or
Described server generates described identification code according to user ID and terminal iidentification.
12. methods according to claim 10 or 11, is characterized in that, described generate the step of described identification code according to user ID after, also comprise:
At least one in described user ID, terminal iidentification and facility information as key, is encrypted described identification code by described server.
13. 1 kinds of identification systems, it is characterized in that, described system comprises terminal and server, described terminal comprises:
First identification code acquisition module, for obtaining first identification code corresponding with user ID prestored;
First dynamic password generation module, for generating the first dynamic password according to described first identification code, is sent to described server by described user ID and the first dynamic password;
Described server comprises:
Second identification code acquisition module, for obtaining second identification code corresponding with described user ID prestored;
Second dynamic password generation module, for generating the second dynamic password according to described second identification code;
First authentication module, for judging whether the first dynamic password mates with the second dynamic password, if be then verified.
14. systems according to claim 13, is characterized in that, described first dynamic password generation module is used for generating the first dynamic code according to dynamic code rise time and described first identification code;
Described second dynamic password generation module is used for generating the second dynamic code according to described dynamic code rise time and described second identification code;
Described first authentication module is for judging whether described first dynamic code and the second dynamic code mate, if be then verified.
15. systems according to claim 13, it is characterized in that, described first dynamic password generation module is used for generating the first dynamic code according to dynamic code rise time and described first identification code, generates the first signed data of described pending data according to pending data and described first dynamic code;
Described second dynamic password generation module is used for pending data and first signed data of receiving terminal transmission, generate the second dynamic code according to described dynamic code rise time and described second identification code, generate the second signed data of pending data according to the pending data received and described second dynamic code;
Described first authentication module is for judging whether described first signed data and the second signed data mate, if be then verified.
16. systems according to claim 13, it is characterized in that, described first dynamic password generation module, for obtaining the terminal iidentification corresponding with user ID and facility information, generates the first dynamic code according at least one in described user ID, terminal iidentification and facility information, dynamic code rise time and described first identification code;
Described second dynamic password generation module, for obtaining the terminal iidentification corresponding with described user ID and facility information, generates the second dynamic code according at least one in described user ID, terminal iidentification and facility information, described dynamic code rise time and described second identification code;
Described first authentication module is for judging whether described first dynamic code mates with the second dynamic code, if be then verified.
17. systems according to claim 13, it is characterized in that, described first dynamic password generation module is for obtaining the terminal iidentification corresponding with user ID and facility information, generate the first dynamic code according at least one in described user ID, terminal iidentification and facility information, dynamic code rise time and described first identification code, generate the first signed data of described pending data according to pending data and described first dynamic code;
Described second dynamic password generation module is used for pending data and first signed data of receiving terminal transmission, obtain the terminal iidentification corresponding with described user ID and facility information, generate the second dynamic code according at least one in described user ID, terminal iidentification and facility information, described dynamic code rise time and described second identification code; According to second signed data of described second dynamic code with pending data described in the pending data genaration received;
Described first authentication module is for judging whether described first signed data and the second signed data mate, and are if so, then verified.
18., according to claim 13 to the system described in 17 any one, is characterized in that, described server also comprises:
Time-out judge module, for receiving the dynamic code rise time that described terminal sends, judge whether time-out according to the described dynamic code rise time, if there is no time-out, then notify that described second dynamic password generation module generates the second dynamic password according to described second identification code;
Wherein, the dynamic code rise time that described terminal sends obtains from described server.
19. systems according to claim 13, is characterized in that, described terminal also comprises:
Whether Detecting of Data Identification Code module, exist first identification code corresponding with user ID for sense terminals, if can't detect, then send checking request to described server, described user ID is carried in described checking request;
Described server also comprises:
Second authentication module, for carrying out authentication according to described checking request;
Identification code generation module, for generating identification code by rear according to described user ID in described authentication.
20. systems according to claim 19, is characterized in that, described identification code generation module, also for obtaining application identities, generates described identification code according to described application identities and user ID.
21. systems according to claim 19, is characterized in that, described terminal also comprises:
Identification code memory module, for obtaining described identification code from described server, and corresponding described user ID stores.
22. systems according to claim 19, is characterized in that, described server also comprises:
Terminal iidentification generation module, for receiving the facility information that described terminal sends, generates terminal iidentification, by described terminal iidentification and described user ID corresponding stored according to described facility information.
23. systems according to claim 19, is characterized in that, described identification code generation module, also for obtaining application identities, generates described identification code according to described application identities, user ID and terminal iidentification; Or described identification code generation module is also for generating described identification code according to user ID and terminal iidentification.
24. systems according to claim 22 or 23, it is characterized in that, described server also comprises:
Encrypting module, for using at least one in described user ID, terminal iidentification and facility information as key, described identification code is encrypted.
CN201310516818.4A 2013-10-28 2013-10-28 Personal identification method and system Active CN104579649B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201310516818.4A CN104579649B (en) 2013-10-28 2013-10-28 Personal identification method and system
PCT/CN2014/089627 WO2015062461A1 (en) 2013-10-28 2014-10-28 Method and system for verifying user identity of an online application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310516818.4A CN104579649B (en) 2013-10-28 2013-10-28 Personal identification method and system

Publications (2)

Publication Number Publication Date
CN104579649A true CN104579649A (en) 2015-04-29
CN104579649B CN104579649B (en) 2019-01-11

Family

ID=53003335

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310516818.4A Active CN104579649B (en) 2013-10-28 2013-10-28 Personal identification method and system

Country Status (2)

Country Link
CN (1) CN104579649B (en)
WO (1) WO2015062461A1 (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105072080A (en) * 2015-07-01 2015-11-18 赛肯(北京)科技有限公司 Information verification method, device and system
CN105515781A (en) * 2016-01-19 2016-04-20 上海众人网络安全技术有限公司 Login system of application platform and login method thereof
CN105631667A (en) * 2015-08-05 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Authentication method, device and system
CN105827591A (en) * 2016-02-22 2016-08-03 北京启迪思创科技有限公司 Identity authentication method, client side, server and system
CN105827621A (en) * 2016-04-25 2016-08-03 上海众人网络安全技术有限公司 Internet-based reservation platform login system and login method thereof
CN105827620A (en) * 2016-04-25 2016-08-03 上海众人网络安全技术有限公司 Data transmission system and method thereof
CN105916143A (en) * 2015-12-15 2016-08-31 乐视致新电子科技(天津)有限公司 Vehicle remote authentication method based on dynamic password and vehicle remote authentication system thereof
CN106330458A (en) * 2016-08-23 2017-01-11 宇龙计算机通信科技(深圳)有限公司 Method and device for processing verification code
CN107948973A (en) * 2017-11-01 2018-04-20 南京欣网互联网络科技有限公司 A kind of device-fingerprint generation method of IOS systems applied to security risk control
CN108156195A (en) * 2016-12-02 2018-06-12 航天星图科技(北京)有限公司 A kind of business datum inspection method and system
CN108566279A (en) * 2018-03-19 2018-09-21 深圳市敢为特种设备物联网技术有限公司 Synchronous dynamic two dimension code generation method, equipment and system, storage medium
CN108933766A (en) * 2017-05-26 2018-12-04 武汉斗鱼网络科技有限公司 A kind of method and client improving device id safety
CN108933765A (en) * 2017-05-26 2018-12-04 武汉斗鱼网络科技有限公司 It is a kind of to improve the method for device id safety, client and server
CN109218009A (en) * 2017-06-30 2019-01-15 武汉斗鱼网络科技有限公司 It is a kind of to improve the method for device id safety, client and server
CN109547217A (en) * 2019-01-11 2019-03-29 北京中实信达科技有限公司 One-to-many identity authorization system and method based on dynamic password
CN109951293A (en) * 2019-02-20 2019-06-28 深圳市朗石科学仪器有限公司 Water quality monitoring end-user verification method, system and water quality monitoring Internet of Things terminal system
CN105827591B (en) * 2016-02-22 2019-07-16 北京启迪思创科技有限公司 A kind of identity identifying method, client, server and system
CN113037682A (en) * 2019-12-09 2021-06-25 西安诺瓦星云科技股份有限公司 Encrypted communication method, encrypted communication device, and encrypted communication system
CN113516812A (en) * 2021-06-01 2021-10-19 深圳市巨鼎医疗股份有限公司 Remote control method, device, equipment and storage medium for medical self-service terminal

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105049209B (en) * 2015-06-16 2018-10-23 中国银行股份有限公司 Dynamic password formation method and device
CN107181714B (en) * 2016-03-09 2021-01-26 创新先进技术有限公司 Verification method and device based on service code and generation method and device of service code

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060403A (en) * 2006-04-18 2007-10-24 钟曦辰 Wireless communication terminal-based interactive dynamic password safety service system
CN101163014A (en) * 2007-11-30 2008-04-16 中国电信股份有限公司 Dynamic password identification authenticating system and method
CN102457491A (en) * 2010-10-20 2012-05-16 北京大学 Dynamic identity authenticating method and system
US8256664B1 (en) * 2010-04-09 2012-09-04 Google Inc. Out-of band authentication of browser sessions
CN103124266A (en) * 2013-02-07 2013-05-29 百度在线网络技术(北京)有限公司 Mobile terminal, method and system for logging in through mobile terminal and cloud server
CN103368918A (en) * 2012-04-01 2013-10-23 西门子公司 Method, device and system for dynamic password authentication

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060403A (en) * 2006-04-18 2007-10-24 钟曦辰 Wireless communication terminal-based interactive dynamic password safety service system
CN101163014A (en) * 2007-11-30 2008-04-16 中国电信股份有限公司 Dynamic password identification authenticating system and method
US8256664B1 (en) * 2010-04-09 2012-09-04 Google Inc. Out-of band authentication of browser sessions
CN102457491A (en) * 2010-10-20 2012-05-16 北京大学 Dynamic identity authenticating method and system
CN103368918A (en) * 2012-04-01 2013-10-23 西门子公司 Method, device and system for dynamic password authentication
CN103124266A (en) * 2013-02-07 2013-05-29 百度在线网络技术(北京)有限公司 Mobile terminal, method and system for logging in through mobile terminal and cloud server

Cited By (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105072080A (en) * 2015-07-01 2015-11-18 赛肯(北京)科技有限公司 Information verification method, device and system
CN105072080B (en) * 2015-07-01 2018-04-13 广州密码科技有限公司 A kind of Information Authentication method, apparatus and system
CN105631667A (en) * 2015-08-05 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Authentication method, device and system
CN105916143A (en) * 2015-12-15 2016-08-31 乐视致新电子科技(天津)有限公司 Vehicle remote authentication method based on dynamic password and vehicle remote authentication system thereof
CN105515781A (en) * 2016-01-19 2016-04-20 上海众人网络安全技术有限公司 Login system of application platform and login method thereof
CN105515781B (en) * 2016-01-19 2018-09-14 上海众人网络安全技术有限公司 A kind of application platform login system and its login method
CN105827591A (en) * 2016-02-22 2016-08-03 北京启迪思创科技有限公司 Identity authentication method, client side, server and system
CN105827591B (en) * 2016-02-22 2019-07-16 北京启迪思创科技有限公司 A kind of identity identifying method, client, server and system
CN105827620A (en) * 2016-04-25 2016-08-03 上海众人网络安全技术有限公司 Data transmission system and method thereof
CN105827621A (en) * 2016-04-25 2016-08-03 上海众人网络安全技术有限公司 Internet-based reservation platform login system and login method thereof
CN105827620B (en) * 2016-04-25 2019-04-02 上海众人网络安全技术有限公司 A kind of data transmission system and its method
CN106330458A (en) * 2016-08-23 2017-01-11 宇龙计算机通信科技(深圳)有限公司 Method and device for processing verification code
CN106330458B (en) * 2016-08-23 2019-05-14 宇龙计算机通信科技(深圳)有限公司 A kind of processing method and processing device of identifying code
CN108156195B (en) * 2016-12-02 2021-08-20 中科星图股份有限公司 Service data checking method and system
CN108156195A (en) * 2016-12-02 2018-06-12 航天星图科技(北京)有限公司 A kind of business datum inspection method and system
CN108933765A (en) * 2017-05-26 2018-12-04 武汉斗鱼网络科技有限公司 It is a kind of to improve the method for device id safety, client and server
CN108933766A (en) * 2017-05-26 2018-12-04 武汉斗鱼网络科技有限公司 A kind of method and client improving device id safety
CN108933766B (en) * 2017-05-26 2021-11-09 武汉斗鱼网络科技有限公司 Method and client for improving equipment ID security
CN109218009A (en) * 2017-06-30 2019-01-15 武汉斗鱼网络科技有限公司 It is a kind of to improve the method for device id safety, client and server
CN109218009B (en) * 2017-06-30 2021-11-09 武汉斗鱼网络科技有限公司 Method, client and server for improving equipment ID security
CN107948973A (en) * 2017-11-01 2018-04-20 南京欣网互联网络科技有限公司 A kind of device-fingerprint generation method of IOS systems applied to security risk control
CN108566279A (en) * 2018-03-19 2018-09-21 深圳市敢为特种设备物联网技术有限公司 Synchronous dynamic two dimension code generation method, equipment and system, storage medium
CN109547217A (en) * 2019-01-11 2019-03-29 北京中实信达科技有限公司 One-to-many identity authorization system and method based on dynamic password
CN109547217B (en) * 2019-01-11 2021-10-22 北京中实信达科技有限公司 One-to-many identity authentication system and method based on dynamic password
CN109951293A (en) * 2019-02-20 2019-06-28 深圳市朗石科学仪器有限公司 Water quality monitoring end-user verification method, system and water quality monitoring Internet of Things terminal system
CN109951293B (en) * 2019-02-20 2023-12-05 深圳市朗石科学仪器有限公司 Water quality monitoring terminal user verification method and system and water quality monitoring Internet of things terminal system
CN113037682A (en) * 2019-12-09 2021-06-25 西安诺瓦星云科技股份有限公司 Encrypted communication method, encrypted communication device, and encrypted communication system
CN113516812A (en) * 2021-06-01 2021-10-19 深圳市巨鼎医疗股份有限公司 Remote control method, device, equipment and storage medium for medical self-service terminal

Also Published As

Publication number Publication date
WO2015062461A1 (en) 2015-05-07
CN104579649B (en) 2019-01-11

Similar Documents

Publication Publication Date Title
CN104579649A (en) Identity recognition method and system
US11323260B2 (en) Method and device for identity verification
CN109150548B (en) Digital certificate signing and signature checking method and system and digital certificate system
CN106330850B (en) Security verification method based on biological characteristics, client and server
US20200265438A1 (en) Systems and methods for estimating authenticity of local network of device initiating remote transaction
US7000117B2 (en) Method and device for authenticating locally-stored program code
CN102761870B (en) Terminal authentication and service authentication method, system and terminal
CN105144670A (en) Wireless networking-enabled personal identification system
CN101577917A (en) Safe dynamic password authentication method based on mobile phone
CN109446788B (en) Identity authentication method and device of equipment and computer storage medium
CN102946392A (en) URL (Uniform Resource Locator) data encrypted transmission method and system
CN107113613B (en) Server, mobile terminal, network real-name authentication system and method
US20220239509A1 (en) Method for storing and recovering key for blockchain-based system, and device therefor
KR20180003113A (en) Server, device and method for authenticating user
TW200910894A (en) Authentication system and method thereof for wireless networks
US20220255929A1 (en) Systems and methods for preventing unauthorized network access
CN101944216A (en) Two-factor online transaction safety authentication method and system
CN100476844C (en) Method for realizing binding function between electronic key and computer
CN106559386A (en) A kind of authentication method and device
CN105427102A (en) Financial IC card based authentication method and corresponding device and system
CN106980977B (en) Payment method and system based on Internet of things
Baek et al. Secure and lightweight authentication protocol for NFC tag based services
CN111371555A (en) Signature authentication method and system
CN108574658B (en) Application login method and device
CN106533685B (en) Identity authentication method, device and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant