CN104639505A - Short message-based bidirectional safety authentication method and system - Google Patents
Short message-based bidirectional safety authentication method and system Download PDFInfo
- Publication number
- CN104639505A CN104639505A CN201310562250.XA CN201310562250A CN104639505A CN 104639505 A CN104639505 A CN 104639505A CN 201310562250 A CN201310562250 A CN 201310562250A CN 104639505 A CN104639505 A CN 104639505A
- Authority
- CN
- China
- Prior art keywords
- user
- account
- authentication service
- phone number
- center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
Abstract
The invention provides a short message-based bidirectional safety authentication method and system. The method includes: acquiring and buffering a user account and a temporary verification code entered by a user; searching for a corresponding user cellphone number according to the user account, and sending a short message to a user cellphone for verification according to the user cellphone number; receiving a temporary verification code entered via the user cellphone, comparing the temporary verification code with the temporary verification code preliminarily buffered, and returning a verification result to the user if the two temporary verification codes are identical. Compared with the prior art, the short message-based bidirectional safety authentication method and system has the advantages that uniqueness of the user is guaranteed, chances that the user is defrauded by similar phishing sites are avoided, a reliable authentication scheme is provided and system safety is higher.
Description
Technical field
The present invention relates to information technology and field of data storage, particularly relate to a kind of note bidirectional safe auth method and system.
Background technology
Along with the develop rapidly of Internet technology, various forms of internet, applications emerges in an endless stream, colourful service is that the actual life of people brings great convenience, while people have got used to using the Internet to carry out the activities such as social activity, shopping, business transaction, the Thoughts on Safe Identity Verification of the Internet to user it is also proposed higher requirement.
Using user name and static password to log in is the conventional method that most of internet, applications realizes authentication, user is at the login page input username and password of internet, applications, username and password reserved when invoke user is registered by the page is compared with it, there is provided corresponding service if consistent by authorised user's identity, will refuse it if inconsistent and continue to access.
Some authentication system further increases fail safe, provides the function sending random cipher (or identifying code) to user mobile phone.The described authentication system of existing scheme comprises server, client and a mobile phone, and described authentication means and described server comprise transceiver module, memory module, counting module, judge module, generation module, authentication module, control module and computing module.The described auth method based on note generates identifying code by server and the time of record generation identifying code, the identifying code of generation is sent to user mobile phone by tyre mode, client is inputted again by user, server is sent to verify by client, man-in-the-middle attack can be stoped to a certain extent, and the identifying code that server produces possesses ageing, becomes invalid after the specified date.
Specifically, realizing in process of the present invention, inventor finds that existing scheme exists following shortcoming:
There is following defect in the identity validation technology of existing employing static password: due to the memory habit being limited to user cause static password security intensity to do higher, and too complicated password is easy to cause user to forget.
The operation team awareness of safety of some internet, applications is thin, system there is leak or repairing leak causes username and password to be stolen easily by hacker not in time, as user uses same user name and password in multiple internet, applications, the information of leakage will cause great potential safety hazard to these internet, applications simultaneously.
Fishing website can utilize this kind of identity validation technology to steal the information of user, as real username and password can be inputted when user is strayed into fishing website registration or logs in, Fishing net standing-meeting is recorded and is pretended to be user to use this information to be engaged in illegal activity in real website, or the illusion logined successfully is caused to user, and then provide false business function to gain the sensitive informations such as user's Bank Account Number, password by cheating, very easily for user causes economic loss and emotional distress.
There is following defect in the existing authentication system based on note: although this system uses short-message verification mode fishing website can be avoided to steal user name password and manufacture false login, but do not have information to isolate filtering technique between its authentication module and client application, reproducible this kind of authentication system of some fishing website also induces user to register in its system, and then false business user cheating is provided, still there is potential safety hazard.
This system sends expressly random cipher (identifying code) to user, as the out-of-service time arranges too short bringing inconvenience to user's input, long, there is the hidden danger of leakage.This system can be transferred to others to the identifying code that user sends and use, and emphasizes the non repudiation that cannot ensure transaction in the special applications of user's uniqueness, easily cause economic dispute at some.
Summary of the invention
The object of the invention is to the shortcoming and defect overcoming prior art, a kind of note bidirectional safe auth method and system are provided.
A kind of note bidirectional safe auth method, described method comprises:
Obtain and user account, the interim identifying code of user of cache user input;
The subscriber phone number corresponding according to described user account inquiry, and verify to user mobile phone according to subscriber phone number transmission note;
Receive the interim identifying code of user of user mobile phone input and compare with the interim identifying code of user of buffer memory before, when confirmation two interim identifying codes of described user are consistent, returning the result to user.
Described acquisition and cache user input user account, the interim identifying code of user, also comprise:
When determining that described user account does not exist, notify described user, user account does not exist.
Described method also comprises:
When determining that described user account does not exist, described user is pointed out to register or re-enter correct user account.
Described method also comprises:
When determining that described user account exists, notify that described user receives with mobile phone and verify note with reply.
Described method also comprises:
Submit described user account to identity information storage center;
Whether described identity information storage center preserves corresponding phone number according to described user account inquiry, if so, returns described phone number; Otherwise, return and cannot inquire corresponding phone number information.
Described method also comprises:
The checking note comprising application service identification code is sent to user; And obtain the user interim identifying code corresponding with described application service identification code of user mobile phone input.
Described method also comprises:
The result is returned to described user by application service interface; And return the result to authentication service center; Described authentication service center sends the result to short message service center; Described short message service center returns the result by sending note to user.
Described method also comprises:
Receive the application service identification code that the newly-built account of also cache user input, phone number and needs associate; And submit duplication of name inquiry request to;
Inquire about newly-built account and whether phone number exists repetition in data on stock; Return Accounting Check result.
A kind of note bidirectional safe authentication system, described system comprises authentication service terminal, authentication service center, identity information storage center and short message service center, wherein,
Described authentication service terminal, for obtaining and user account, the interim identifying code of user of cache user input; Described user account is sent to described authentication service center; Compare from the interim identifying code of described user of authentication service receive centre and the interim identifying code of user of own cache, when confirmation two interim identifying codes of described user are consistent, return the result to user;
Described authentication service center, for inquiring about described user account association phone number to described identity information storage center; And described phone number is sent to described short message service center; The interim identifying code of the user replied by described user mobile phone sends authentication service terminal;
Described identity information storage center, for storing the incidence relation of described user account and phone number, receives the inquiry request at described authentication service center, and phone number corresponding for described user account is returned to described authentication service center;
Described short message service center, for sending checking note to user; Receive the described interim identifying code of user mobile phone input and send to described authentication service center.
Whether described system also comprises registration service platform, for receiving the registration request of user, be registered by described authentication service central authentication account, cell-phone number, and to user feedback the result.
Described authentication service center, also for receiving and processing the new user's application for registration from described registration service platform, check whether to there is account of the same name and cell-phone number by described identity information storage center, as no, then increase account newly and the selected application service identification code of associated user to described identity information storage center.
The present invention is by the interim check code of user and compared by the interim check code of associated user phone number message reply, realizes the method for bidirectional safe authentication.The variable-length password that user freely edits as user at the interim check code of user logged in and submit to when registering and mobile phone association identifying code, improves fail safe and Consumer's Experience.Authentication service terminal and authentication service center realize that safety is direct-connected, and realize many-to-one bi-directional association by application service identification code, authentication service terminal only preserves user account, user account with associate phone number and be separated.User registers general account at registration service platform, by authentication service central synchronous to authentication service terminal, the corresponding authentication service terminal of each application system, the corresponding application service identification code of each application service, the corresponding multiple application service identification code of each general account, realizing general account can use in the application service system of multiple use certificate service terminal.Authentication service center provides the data dispatch of bidirectional safe authentication.Compared with prior art, the present invention can by by interim for user check code with compared by the interim check code of associated user phone number message reply, while application service provider identifying user identity, user also can verify the identity of application service provider by answer short message, application service provider ensure that uniqueness and the non repudiation of user to a certain extent, and user avoids the possibility suffering that similar fishing website is swindled.Meanwhile, the on-fixed variable-length password that the interim check code of the user used and mobile phone association identifying code are freely edited for user, can use different character strings at every turn, improves security of system.
Accompanying drawing explanation
The note bidirectional safe auth method principle flow chart that Fig. 1 provides for the embodiment of the present invention 1;
The note bidirectional safe authentication system structural representation that Fig. 2 provides for the embodiment of the present invention 2.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in detail.But embodiments of the present invention are not limited thereto.
In each embodiment of the present invention, a kind of bidirectional safe auth method based on note and system are provided, employing can, independent of the bidirectional safe authentication system of application end, utilize SMS to realize application end and user, and the bidirectional identification of user and application end is verified.This authentication system has general account service ability simultaneously, and in conjunction with bidirectional safe authentication flow process, user can use a general account to realize secure log in multiple application service.
As shown in Figure 1, be the note bidirectional safe auth method principle flow chart that the embodiment of the present invention 1 provides, specific as follows:
Step 10, obtains and user account, the interim identifying code of user of cache user input.
User is at application service interface input user account and the interim identifying code of user submit registration to;
Whether authentication service terminal inquiry account exists, and the interim identifying code of cache user; When determining that user account does not exist, notify user, user account does not exist; Prompting user registers or re-enters correct user account.
Authentication service terminal returns account state by application service circle user oriented, and need receive reply checking note with mobile phone as account exists prompting user, account does not exist, and requires user to register or re-enters correct account;
Authentication service terminal sends account and application service identification code to authentication service center.
Step 20, the subscriber phone number corresponding according to user account inquiry, and verify to user mobile phone according to subscriber phone number transmission note.
Authentication service central cache application service identification code waits for account relating phone number Query Result;
Authentication service center submits the inquiry request of account relating phone number to identity information storage center;
Identity information storage center inquires about the phone number of this account relating according to account;
Identity information storage center returns the phone number of this account relating to authentication service center;
Short message service center is sent to together with application service identification code after authentication service receive centre to phone number.
Short message service center sends the checking note comprising application service identification code to user according to phone number;
The interim identifying code of user that after user receives checking note, input is same with application service interface phase is also replied;
Short message service center is back to authentication service center by by the interim identifying code of the user of message reply.
Authentication service center is back to authentication service terminal by by the interim identifying code of the user of message reply.
Step 30, receives the interim identifying code of user of user mobile phone input and compares with the interim identifying code of user of buffer memory before, when confirmation two interim identifying codes of user are consistent, returning the result to user.
Authentication service terminal is compared from the interim identifying code of the user of authentication service receive centre and the interim identifying code of user that has been buffered in terminal;
Authentication service terminal returns the result by application service circle user oriented.
Further, authentication service terminal returns the result to authentication service center;
Authentication service center sends the result to short message service center;
Short message service center returns the result by sending note to user;
So far, the bidirectional safe authentication flow process that user logs in terminates.
Further, in the present embodiment, also comprise user and register general account flow process by registration service platform, specific as follows:
User inputs newly-built account, phone number at registration service platform and needs the application service identification code (corresponding with identity authentication service terminal) of association and submit to;
Registration service platform sends newly-built account, phone number and application service identification code to authentication service center and submits duplication of name inquiry request to;
The newly-built account of authentication service central cache, phone number and application service identification code;
Authentication service center submits newly-built account and phone number inquiry request to identity information storage center;
Identity information storage center checks whether newly-built account and phone number exist repetition in data on stock;
Identity information storage center returns Accounting Check result to authentication service center;
Authentication service center returns Accounting Check result to registration service platform;
Be that namely NULL(does not repeat account as repeated account quantity), then point out the mobile phone association identifying code of user's input for verifying account and phone number incidence relation;
User submits mobile phone association identifying code to registration service platform;
Registration service platform buffer memory mobile phone association identifying code;
Registration service platform sends mobile phone association identifying code and checking request to authentication service center;
Authentication service center is extracted newly-built account in the buffer and is associated phone number and be sent to short message service center;
Short message service center sends newly-built account character string by note to user and requires that user replys identical mobile phone association identifying code;
User passes through the identical mobile phone association identifying code of message reply;
Short message service center receives the mobile phone association identifying code of message reply and is sent to authentication service center;
Authentication service center returns mobile phone association identifying code to registration service platform;
Registration service platform is extracted the mobile phone association identifying code of buffer memory and is compared by the mobile phone association identifying code of message reply;
Registration service platform returns comparison result to user, if result is that True then points out and verifies, if result is that False points out user to re-register;
Registration service platform returns comparison result to authentication service center;
If comparison result is that False then removes this concerned account numbers information, if comparison result is that True then extracts account data in the buffer in authentication service central cache;
The application service identification code of the newly-built account extracted in the buffer, phone number and association is sent to identity information storage center by authentication service center;
Identity information storage center increases account data newly;
Identity information storage center returns newly-increased account information summary to authentication service center;
Authentication service center is according to the authentication service terminal transmission account synchronizing information of application service identification code to correspondence;
Authentication service terminal increases account newly;
Authentication service terminal returns newly-built account success message to authentication service center, removes buffer memory;
Authentication service center returns newly-built account success message to registration service platform;
Registration service platform returns newly-built account success message to user.
So far, user registers general account flow process by registration service platform and terminates.
As shown in Figure 2, for the note bidirectional safe authentication system structural representation that the embodiment of the present invention 2 provides, this system comprises authentication service terminal 100, authentication service center 200, identity information storage center 300 and short message service center 400, specific as follows:
Authentication service terminal 100, for obtaining user account, the interim identifying code of user of user's input, when determining that user account exists, cache user account and the interim identifying code of user; And user account and corresponding application service identification code is sent to authentication service center 200; The interim identifying code of user of interim for the user received from authentication service center 200 identifying code and own cache is compared, when confirmation two interim identifying codes of user are consistent, returns the result to user;
Authentication service center 200, for identity information storage center 300 inquiring user account relating phone number; And phone number and application service identification code are sent to short message service center 400; Interim for user identifying code is sent authentication service terminal 200;
Identity information storage center 300, for storing the incidence relation of user account and phone number, receiving the inquiry request at authentication service center, and phone number corresponding for user account is returned to authentication service center 200;
Short message service center 400, for sending the checking note comprising application service identification code to user; Receive the interim identifying code of user's input and send to authentication service center 200.
Further, this system also comprises registration service platform 500, for receiving the registration request of user, verifies whether account, cell-phone number are registered by authentication service center 200, and to user feedback the result.
Further, described authentication service center 200, also for receiving and processing the new user's application for registration from registration service platform 500, check whether to there is account of the same name and cell-phone number by identity information storage center 300, as no, then increase account newly and the selected application service identification code of associated user to identity information storage center 300.
In each embodiment of the present invention, authentication service terminal is connected with application service provider server and authentication service center, whole user account information of terminal storage application service provider.At application service interface input account and the interim check code of user when user logs in, whether the user account that authentication service terminal searches user's submission according to the user account information stored exists, if user account exists, authentication service terminal is by interim for cache user check code and user account, application service identification code are sent to authentication service center and carry out next step bidirectional identification checking.The interim check code of user that authentication service terminal is replied by authentication service receive centre user mobile phone and the interim check code of user that user inputs at application service interface are compared, and oppositely send comparison result.
Authentication service center is the core of system, be connected with authentication service terminal, identity information storage center, short message service center, registration service platform, authentication service center and all authentication service terminal real-time synchronization account information, and account information change conditions is sent to the storage of identity information storage center.
To the phone number of identity information storage center inquiry account relating after the account information that authentication service receive centre authentication service terminal sends and the interim check code of user, sent containing the user of application service identification code interim check code verification note to user mobile phone by short message service center after successful inquiring.The interim check code note of user that authentication service receive centre user is replied by short message service center, the interim check code of extraction user is sent to authentication service terminal and compares for it.
Authentication service receive centre also processes the new user's application for registration from authentication service terminal and registration service platform, check whether to there is account of the same name and cell-phone number by identity information storage center, as met uniqueness principle, then increase account newly and the selected application service identification code of associated user to identity information storage center.
Short message service center is connected with authentication service center, be responsible for sending to user mobile phone the user's interim check code check request note containing application service identification code, receive the interim check code of user that user mobile phone is returned by answer short message mode simultaneously, be committed to authentication service center.
Short message service center receives the check results message from authentication service center, and by short message sending to user mobile phone.
Identity information storage center is connected with authentication service center, store the account information that bidirectional safe authentication system is whole, mainly comprise the phone number, application service identification code etc. of user account, association, the phone number of user account, association has uniqueness, user account can associate multiple application service identification code, for ensureing safety, the account service request at an identity information storage center response identity service for checking credentials center.
Registration service platform is connected with identity information storage center, its major function is the application demand meeting general account, whether registration service platform, after the registration request receiving user, is registered by authentication service central authentication account, cell-phone number, and to user feedback the result.Registration service platform is by authentication service center all application function identification code synchronous with identity information storage center, when user registers general account by registration service platform as user provides a complete application service identification code list, support the application service provider of user's unrestricted choice association.
Bidirectional safe auth method comprises the interim check code bi-directional verification of user, based on the user account of note directive sending reception, the identity uniqueness checking of phone number association.
It should be noted that: the note bidirectional safe authentication system that above-described embodiment provides is when the authentication of note bidirectional safe, only be illustrated with the division of above-mentioned each functional module, in practical application, can distribute as required and by above-mentioned functions and be completed by different functional modules, internal structure by system is divided into different functional modules, to complete all or part of function described above.In addition, the note bidirectional safe authentication system that above-described embodiment provides and note bidirectional safe auth method embodiment belong to same design, and its specific implementation process refers to embodiment of the method, repeats no more here.
The invention described above embodiment sequence number, just to describing, does not represent the quality of embodiment.
To sum up, in each embodiment of the present invention, the existing auth method based on note is, by note, the random cipher that server generates is sent to user mobile phone, then is verified at application service interface input random cipher by user, the method can copy easily, there is potential safety hazard.The interim check code of user submitted to by application service interface of bidirectional safe authentication system with compared by the interim check code of associated user phone number message reply, while application service provider identifying user identity, user also can verify the identity of application service provider by answer short message, application service provider ensure that uniqueness and the non repudiation of user to a certain extent, and user avoids the possibility suffering that similar fishing website is swindled.
The mode of existing account, fixed password exists simply dangerous, the complicated defect not easily remembered, the interim check code of user that bidirectional safe authentication system uses and the on-fixed variable-length password that mobile phone association identifying code is freely edited for user, different character strings can be used at every turn, coding can simple and easy can be complicated, single use fail safe is high.
The mode of existing account, fixed password is easily because system vulnerability or artificial mode are revealed, and to realize safety direct-connected authentication service terminal in bidirectional safe authentication system and authentication service center, many-to-one bi-directional association is realized by application service identification code, authentication service terminal only preserves user account, even if reveal account also avoid illegal login because lawless person cannot receive the interim check code of user, user account ensure that the firm of account system and safety with the separate mode associating phone number.
Existing identity authorization system all adopts the mode of the corresponding account of a kind of application service substantially, in the face of multiple application service user needs to remember many cover accounts and password, bidirectional safe identity authorization system based on note supports that user registers general account at registration service platform, by authentication service central synchronous to authentication service terminal, realize general account to use in the application service system of multiple use certificate service terminal, user only just can log in multiple application service system by a memory account matching with mobile phone, decrease the memory difficulty of user to greatest extent, improve Consumer's Experience.
Existing identity authorization system is all exist as the part of application service system substantially, cannot be separated with application service system, bidirectional safe identity authorization system based on note can be used as independently third party's authentication system and application service system isolates, the flexibility of the system integration is higher, can be suitable for the authentication service of the polytype application systems such as website log checking, client logs checking, mobile Internet application service login authentication, network trading authentication.
Above-described embodiment is the present invention's preferably execution mode; but embodiments of the present invention are not restricted to the described embodiments; change, the modification done under other any does not deviate from Spirit Essence of the present invention and principle, substitute, combine, simplify; all should be the substitute mode of equivalence, be included within protection scope of the present invention.
Claims (11)
1. a note bidirectional safe auth method, is characterized in that, described method comprises:
Obtain and user account, the interim identifying code of user of cache user input;
The subscriber phone number corresponding according to described user account inquiry, and verify to user mobile phone according to subscriber phone number transmission note;
Receive the interim identifying code of user of user mobile phone input and compare with the interim identifying code of user of buffer memory before, when confirmation two interim identifying codes of described user are consistent, returning the result to user.
2. the method for claim 1, is characterized in that, described acquisition and cache user input user account, the interim identifying code of user, also comprise:
When determining that described user account does not exist, notify described user, user account does not exist.
3. method as claimed in claim 2, it is characterized in that, described method also comprises:
When determining that described user account does not exist, described user is pointed out to register or re-enter correct user account.
4. the method for claim 1, is characterized in that, described method also comprises:
When determining that described user account exists, notify that described user receives with mobile phone and verify note with reply.
5. the method for claim 1, is characterized in that, described method also comprises:
Submit described user account to identity information storage center;
Whether described identity information storage center preserves corresponding phone number according to described user account inquiry, if so, returns described phone number; Otherwise, return and cannot inquire corresponding phone number information.
6. the method for claim 1, is characterized in that, described method also comprises:
The checking note comprising application service identification code is sent to user; And obtain the user interim identifying code corresponding with described application service identification code of user mobile phone input.
7. the method for claim 1, is characterized in that, described method also comprises:
The result is returned to described user by application service interface; And return the result to authentication service center; Described authentication service center sends the result to short message service center; Described short message service center returns the result by sending note to user.
8. the method for claim 1, is characterized in that, described method also comprises:
Receive the application service identification code that the newly-built account of also cache user input, phone number and needs associate; And submit duplication of name inquiry request to;
Inquire about newly-built account and whether phone number exists repetition in data on stock; Return Accounting Check result.
9. a note bidirectional safe authentication system, is characterized in that, described system comprises authentication service terminal, authentication service center, identity information storage center and short message service center, wherein,
Described authentication service terminal, for obtaining and user account, the interim identifying code of user of cache user input; Described user account is sent to described authentication service center; Compare from the interim identifying code of described user of authentication service receive centre and the interim identifying code of user of own cache, when confirmation two interim identifying codes of described user are consistent, return the result to user;
Described authentication service center, for inquiring about described user account association phone number to described identity information storage center; And described phone number is sent to described short message service center; The interim identifying code of the user replied by described user mobile phone sends authentication service terminal;
Described identity information storage center, for storing the incidence relation of described user account and phone number, receives the inquiry request at described authentication service center, and phone number corresponding for described user account is returned to described authentication service center;
Described short message service center, for sending checking note to user; Receive the described interim identifying code of user mobile phone input and send to described authentication service center.
10. system as claimed in claim 9, it is characterized in that, described system also comprises registration service platform, for receiving the registration request of user, whether be registered by described authentication service central authentication account, cell-phone number, and to user feedback the result.
11. systems as claimed in claim 10, it is characterized in that, described authentication service center, also for receiving and processing the new user's application for registration from described registration service platform, check whether to there is account of the same name and cell-phone number by described identity information storage center, as no, then increase account newly and the selected application service identification code of associated user to described identity information storage center.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310562250.XA CN104639505B (en) | 2013-11-11 | 2013-11-11 | A kind of short message bidirectional safe auth method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310562250.XA CN104639505B (en) | 2013-11-11 | 2013-11-11 | A kind of short message bidirectional safe auth method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104639505A true CN104639505A (en) | 2015-05-20 |
| CN104639505B CN104639505B (en) | 2018-06-26 |
Family
ID=53217828
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310562250.XA Active CN104639505B (en) | 2013-11-11 | 2013-11-11 | A kind of short message bidirectional safe auth method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104639505B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105246058A (en) * | 2015-09-01 | 2016-01-13 | 中国联合网络通信集团有限公司 | Short message verification method and short message server |
| CN105915348A (en) * | 2016-05-25 | 2016-08-31 | 天津光电安辰信息技术有限公司 | Voice encryption system based on domestic commercial cipher algorithm and realization method thereof |
| CN106027531A (en) * | 2016-05-25 | 2016-10-12 | 天津光电安辰信息技术有限公司 | Voice encryption system based on smartphone and realization method thereof |
| CN106296202A (en) * | 2016-08-15 | 2017-01-04 | 沈阳林科信息技术有限公司 | A kind of method of consumer's risk prevention and control in terminal charge payment process |
| CN107018117A (en) * | 2016-01-27 | 2017-08-04 | 广州博鳌纵横网络科技有限公司 | A kind of method and system for preventing that webpage from maliciously being verified |
| CN108737366A (en) * | 2017-04-17 | 2018-11-02 | 王正伟 | Binding method |
| CN110020950A (en) * | 2019-04-10 | 2019-07-16 | 湖北风口网络科技有限公司 | A kind of on-line finance method of commerce and device |
| CN110298148A (en) * | 2019-05-21 | 2019-10-01 | 视联动力信息技术股份有限公司 | A kind of method and device of login authentication |
| CN112383467A (en) * | 2020-11-12 | 2021-02-19 | 拉扎斯网络科技(上海)有限公司 | Verification method, verification device, electronic equipment and computer-readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1633072A (en) * | 2005-01-10 | 2005-06-29 | 虞淑瑶 | A dual-server authentication scheme supporting weak password |
| CN102164141A (en) * | 2011-04-24 | 2011-08-24 | 陈珂 | Method for protecting security of account |
| CN102457373A (en) * | 2010-10-19 | 2012-05-16 | 捷达世软件(深圳)有限公司 | System and method for bidirectionally authenticating handheld equipment |
| CN102984261A (en) * | 2012-12-04 | 2013-03-20 | 中国联合网络通信集团有限公司 | Network service login method, equipment and system based on mobile telephone terminal |
| CN103024706A (en) * | 2013-01-10 | 2013-04-03 | 甘肃省科学技术情报研究所 | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication |
| CN102300182B (en) * | 2011-09-07 | 2013-08-14 | 飞天诚信科技股份有限公司 | Short-message-based authentication method, system and device |
-
2013
- 2013-11-11 CN CN201310562250.XA patent/CN104639505B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1633072A (en) * | 2005-01-10 | 2005-06-29 | 虞淑瑶 | A dual-server authentication scheme supporting weak password |
| CN102457373A (en) * | 2010-10-19 | 2012-05-16 | 捷达世软件(深圳)有限公司 | System and method for bidirectionally authenticating handheld equipment |
| CN102164141A (en) * | 2011-04-24 | 2011-08-24 | 陈珂 | Method for protecting security of account |
| CN102300182B (en) * | 2011-09-07 | 2013-08-14 | 飞天诚信科技股份有限公司 | Short-message-based authentication method, system and device |
| CN102984261A (en) * | 2012-12-04 | 2013-03-20 | 中国联合网络通信集团有限公司 | Network service login method, equipment and system based on mobile telephone terminal |
| CN103024706A (en) * | 2013-01-10 | 2013-04-03 | 甘肃省科学技术情报研究所 | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105246058A (en) * | 2015-09-01 | 2016-01-13 | 中国联合网络通信集团有限公司 | Short message verification method and short message server |
| CN107018117A (en) * | 2016-01-27 | 2017-08-04 | 广州博鳌纵横网络科技有限公司 | A kind of method and system for preventing that webpage from maliciously being verified |
| CN105915348A (en) * | 2016-05-25 | 2016-08-31 | 天津光电安辰信息技术有限公司 | Voice encryption system based on domestic commercial cipher algorithm and realization method thereof |
| CN106027531A (en) * | 2016-05-25 | 2016-10-12 | 天津光电安辰信息技术有限公司 | Voice encryption system based on smartphone and realization method thereof |
| CN106296202A (en) * | 2016-08-15 | 2017-01-04 | 沈阳林科信息技术有限公司 | A kind of method of consumer's risk prevention and control in terminal charge payment process |
| CN108737366A (en) * | 2017-04-17 | 2018-11-02 | 王正伟 | Binding method |
| CN108737366B (en) * | 2017-04-17 | 2022-04-22 | 王正伟 | Binding method |
| CN110020950A (en) * | 2019-04-10 | 2019-07-16 | 湖北风口网络科技有限公司 | A kind of on-line finance method of commerce and device |
| CN110298148A (en) * | 2019-05-21 | 2019-10-01 | 视联动力信息技术股份有限公司 | A kind of method and device of login authentication |
| CN112383467A (en) * | 2020-11-12 | 2021-02-19 | 拉扎斯网络科技(上海)有限公司 | Verification method, verification device, electronic equipment and computer-readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104639505B (en) | 2018-06-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104639505A (en) | Short message-based bidirectional safety authentication method and system | |
| US11068575B2 (en) | Authentication system | |
| CN102790674B (en) | Auth method, equipment and system | |
| CN102164141B (en) | Method for protecting security of account | |
| CN105246073B (en) | The access authentication method and server of wireless network | |
| US20150278805A1 (en) | Authentication system | |
| CN101257489A (en) | Method for protecting account number safety | |
| CN102130909A (en) | Authentication method and system | |
| CN101997824A (en) | Identity authentication method based on mobile terminal as well as device and system thereof | |
| CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
| TW201816648A (en) | Business realization method and apparatus | |
| JP2013097650A (en) | Authentication system, authentication method and authentication server | |
| CN103209074A (en) | Security authentication method and system and short message processor | |
| CN106789924A (en) | The method and system that a kind of digital certificate protection web site of use mobile terminal is logged in | |
| CN107113613A (en) | Server, mobile terminal, real-name network authentication system and method | |
| CN103458407A (en) | Internet account number login management system and method based on short message | |
| CN110164005A (en) | A kind of cancellation method and device of Intelligent key | |
| WO2014055279A1 (en) | Authentication system | |
| CN105871903A (en) | Information security control method and system as well as mobile terminal | |
| WO2015176500A1 (en) | Single sign-on authentication method, device and system, and computer storage medium | |
| JP2017102842A (en) | Personal identification system, personal identification information output system, authentication server, personal identification method, personal identification information output method, and program | |
| KR101294805B1 (en) | 2-channel authentication method and system based on authentication application | |
| CN103854177A (en) | Safe E-bank implementation method | |
| EP3217593A1 (en) | Two-factor authentication method for increasing the security of transactions between a user and a transaction point or system | |
| KR20160088510A (en) | System for mobile confirmation of identity and method for mobile confirmation of identity using the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |