CN104702406A

CN104702406A - Identity verification method and identity verification device

Info

Publication number: CN104702406A
Application number: CN201310647983.3A
Authority: CN
Inventors: 张彦玲; 王玉叶; 刘金星; 孙淑芹; 谢远辉
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd; Tencent Cloud Computing Beijing Co Ltd
Priority date: 2013-12-04
Filing date: 2013-12-04
Publication date: 2015-06-10
Anticipated expiration: 2033-12-04
Also published as: CN110266497A; CN104702406B

Abstract

The invention discloses an identity verification method and an identity verification device with low cost, strong anti-decryption capability and high safety. The method comprises the following steps: a server receives a verification code pull request sent by a user terminal; the server randomly selects a verification code background image and a sub image corresponding to the selected verification code background image according to the verification code pull request, wherein the verification code background image includes a vacant area corresponding to the sub image; the server sends the selected verification code background image and the selected sub image to the user terminal to enable the user terminal to display the verification code background image and the sub image to a user; and the server receives a spliced image of the verification code background image and the sub image which is returned by the user terminal and spliced according to an instruction of the user, and verification succeeds when the sub image is spliced to the vacant area of the verification code background image according to a predetermined position and a predetermined angle of rotation.

Description

Auth method and device

Technical field

The present invention relates to technical field of the computer network, particularly relate to a kind of auth method and device.

Background technology

Day by day universal along with computer and computer network, the Internet has been deep into the every field of people's work, studying and living.The development of network also brings various challenge provide easily for people while.Some can utilize robot program's improper use Internet resources in large quantities, such as, mass-send spam etc., server usefulness is greatly reduced.Also someone utilizes program constantly to send service request response, carries out " saturation attack " to reach the object making servers go down.Even somebody attempts utilizing sudden huge profits to crack etc. means carries out the behaviors such as malice decryption.For avoiding above-mentioned malicious act, designing a set of automatic resolution information of computer that can allow is instrument from reasonable user or the robot program of improper use, just seems extremely important.

Use image authentication code to be now relatively more current mode, the main purpose of image authentication code is resolution network service user is program or the mankind.Image authentication code is the picture containing character string, requires the content of user inputs character string when verifying.Character string is made up of upper and lower case letter and numeral usually, and part identifying code comprises Chinese character or mathematical formulae, and the length of character string can be random or fixing.In order to avoid automatically being identified by machine, usually can improve the background of picture, such as, increasing various textured patterns etc., thus machine is identified automatically disturb.

But, as long as collect enough samples, use character recognition technologies to carry out machine learning and training, just can develop machine program and carry out decoded picture identifying code.Even the image authentication code improved, if its context vault is huge not, still can by machine recognition.Traditional image authentication code cannot avoid this problem, for character picture identifying code, if capital and small letter character and numeral, only has at most 62.Therefore, existing image authentication code anti-cracks ability, fail safe is not high enough.

In order to improve the anti-ability of cracking of identifying code; research staff develops and clicks identifying code; click identifying code usually to show to comprise to user in use and multiplely comprise the picture of natural forms and the information relevant to these image contents; these pictures are selected according to information by user; the identity of selection to user according to user is verified; because machine all exists very large difficulty in the understanding to information and the classification these two aspects to object, therefore the difficulty that machine cracks identifying code greatly can be increased.

But click identifying code in use, picture resource requires very high, and need artificial screening classification warehouse-in, cost is higher.

Summary of the invention

The object of the embodiment of the present invention is, provides a kind of cost lower and the auth method that the anti-ability of cracking is strong, fail safe is high and device.

In order to solve the problem, the embodiment of the present invention provides a kind of auth method, and described method comprises: the identifying code that server receives user terminal sends pulls request; Pull request according to described identifying code, randomly draw an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, described identifying code background picture comprises the area of absence corresponding with described sub-pictures; Extracted identifying code background picture and sub-pictures are handed down to described user terminal, to make described user terminal, described identifying code background picture and sub-pictures are showed user; And receive that described user terminal returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user splicing picture, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is for passing through.

The embodiment of the present invention also provides a kind of auth method, and described method comprises: user terminal sends identifying code to server and pulls request; Receive and show the identifying code background picture that described server issues and sub-pictures, described identifying code background picture comprises the area of absence corresponding with described sub-pictures; Described sub-pictures and described identifying code background picture splice by the instruction according to described user, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates; And send to described server to verify in the splicing picture of identifying code background picture and sub-pictures, when described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation, the result is for passing through.

Accordingly, the embodiment of the present invention also provides a kind of authentication means, and described device can run on server, and described device can comprise: request receiving module, and the identifying code sent for receiving user terminal pulls request; Picture abstraction module, for pulling request according to described identifying code, randomly draw an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, described identifying code background picture comprises the area of absence corresponding with described sub-pictures; Picture issues module, for extracted identifying code background picture and sub-pictures are handed down to described user terminal, to make described user terminal, described identifying code background picture and sub-pictures is showed user; And authentication module, for receiving that described user terminal returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user splicing picture, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is for passing through.

Accordingly, the embodiment of the present invention also provides a kind of authentication means, can run on user terminal, and described device can comprise: request sending module, pulls request for sending identifying code to server; Display module, for receiving and showing the identifying code background picture that described server issues and sub-pictures, described identifying code background picture comprises the area of absence corresponding with described sub-pictures; Concatenation module, splices described sub-pictures and described identifying code background picture for the instruction according to described user, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates; And authorization information sending module, for sending to described server to verify in the splicing picture of identifying code background picture and sub-pictures, when described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation, the result is for passing through.

Relative to prior art, in the embodiment of the present invention, the particular content of identifying code background picture does not need to have very strong classification identification, directly can be obtained from the Internet by server, resource is very abundant, do not need manually to classify, can reduce costs, can increase in addition yet and artificially collect picture as the difficulty cracking exam pool; Take full advantage of the innate advantage that the mankind understand image content, user carries out correct putting according to the understanding of the incidence relation of content in identifying code background picture and sub-pictures to sub-pictures, because machine is all existed very large difficulty to the understanding of image content and sub-pictures by the understanding these two aspects of the incidence relation after rotating and between background picture, therefore considerably increase the difficulty that machine cracks identifying code, fail safe is high; Relative to clicking identifying code, not needing user to carry out classification identification according to problem to picture, providing area of absence and selecting for user, reducing the use threshold of user.That is the present invention greatly can improve the anti-power of cracking of identifying code under the prerequisite not affecting Consumer's Experience, effectively raises the fail safe of user rs authentication.

Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to technological means of the present invention can be better understood, and can be implemented according to the content of specification, and can become apparent to allow above and other object of the present invention, feature and advantage, below especially exemplified by preferred embodiment, and coordinate accompanying drawing, be described in detail as follows.

Accompanying drawing explanation

In order to be illustrated more clearly in the technical scheme in the embodiment of the present invention, below the accompanying drawing used required in describing embodiment is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.

Fig. 1 is the applied environment figure of the embodiment of the present invention.

Fig. 2 is a kind of structured flowchart that can be applicable to the user terminal of the embodiment of the present invention.

Fig. 3 is a kind of structured flowchart that can be applicable to the server of the embodiment of the present invention.

Fig. 4 is the flow chart of a kind of auth method that the embodiment of the present invention provides.

Fig. 5 is the particular flow sheet of the generative process of identifying code background picture and sub-pictures in the embodiment of the present invention.

Fig. 6 is the schematic diagram of identifying code background picture and corresponding sub-pictures in the embodiment of the present invention.

Fig. 7 is the flow chart of the another kind of auth method that the embodiment of the present invention provides.

Fig. 8 is the flow chart of another auth method that the embodiment of the present invention provides.

Fig. 9 is the structured flowchart of a kind of authentication means that the embodiment of the present invention provides.

Figure 10 is the structured flowchart of authentication module in Fig. 9.

Figure 11 is the structured flowchart of identifying code generation module in Fig. 9.

Figure 12 is the structured flowchart of the another kind of authentication means that the invention process provides.

Figure 13 is the structured flowchart of the authentication system in the embodiment of the present invention.

Embodiment

For further setting forth the present invention for the technological means reaching predetermined goal of the invention and take and effect, below in conjunction with accompanying drawing and preferred embodiment, the auth method propose foundation the present invention and the embodiment of authentication means, method, step, structure, feature and effect thereof, be described in detail as follows.

Aforementioned and other technology contents, Characteristic for the present invention, can know and present in the detailed description of following cooperation with reference to graphic preferred embodiment.By the explanation of embodiment, when can to the present invention for the technological means reaching predetermined object and take and effect be able to more deeply and concrete understanding, however institute's accompanying drawings be only to provide with reference to and the use of explanation, be not used for being limited the present invention.

Refer to Fig. 1, be depicted as the applied environment figure of the auth method that the embodiment of the present invention provides.As shown in Figure 1, user terminal 100 and server 200 are arranged in wireless or cable network 300, wireless or cable network 300 by this, user terminal 100 and the intercommunication of server 200 phase.

User terminal 100 specifically can comprise smart mobile phone, panel computer, E-book reader, MP3 player (Moving Picture Experts Group Audio Layer III, dynamic image expert compression standard audio frequency aspect 3), MP4(Moving Picture Experts Group Audio Layer IV, dynamic image expert compression standard audio frequency aspect 4) player, pocket computer on knee, car-mounted terminal etc.

Fig. 2 shows a kind of structured flowchart of the user terminal that can be applicable in the embodiment of the present invention.As shown in Figure 2, user terminal 100 comprises memory 102, storage control 104, one or more (only illustrating one in figure) processor 106, Peripheral Interface 108, radio-frequency module 110, locating module 112, image capture module 114, audio-frequency module 116, Touch Screen 118 and key-press module 120.These assemblies are by one or more communication bus/holding wire 122 communication mutually.

Be appreciated that the structure shown in Fig. 2 is only signal, user terminal 100 also can comprise than assembly more or less shown in Fig. 2, or has the configuration different from shown in Fig. 2.Each assembly shown in Fig. 2 can adopt hardware, software or its combination to realize.

Memory 102 can be used for storing software program and module, as the auth method in the embodiment of the present invention and program command/module corresponding to device, processor 102 is by running the software program and module that are stored in memory 104, thus perform the application of various function and data processing, as the auth method that the embodiment of the present invention provides.

Memory 102 can comprise high speed random asccess memory, also can comprise nonvolatile memory, as one or more magnetic storage device, flash memory or other non-volatile solid state memories.In some instances, memory 102 can comprise the memory relative to the long-range setting of processor 106 further, and these remote memories can be connected to user terminal 100 by network.The example of above-mentioned network includes but not limited to the Internet, intranet, local area network (LAN), mobile radio communication and combination thereof.Processor 106 and other possible assemblies can carry out the access of memory 102 under the control of storage control 104.

Various input/output device is coupled to CPU and memory 102 by Peripheral Interface 108.Various softwares in processor 106 run memory 102, instruction are to perform the various function of user terminal 100 and to carry out data processing.

In certain embodiments, Peripheral Interface 108, processor 106 and storage control 104 can realize in one single chip.In some other example, they can respectively by independently chip realization.

Radio-frequency module 110, for receiving and sending electromagnetic wave, realizes the mutual conversion of electromagnetic wave and the signal of telecommunication, thus carries out communication with communication network or other equipment.Radio-frequency module 110 can comprise the various existing circuit element for performing these functions, such as, and antenna, radio-frequency (RF) transceiver, digital signal processor, encrypt/decrypt chip, subscriber identity module (SIM) card, memory etc.Radio-frequency module 110 can with various network as the Internet, intranet, wireless network carry out communication or carry out communication by wireless network and other equipment.Above-mentioned wireless network can comprise cellular telephone networks, WLAN (wireless local area network) or metropolitan area network.Above-mentioned wireless network can use various communication standard, agreement and technology, include, but are not limited to global system for mobile communications (Global System for MobileCommunication, GSM), enhancement mode mobile communication technology (Enhanced Data GSMEnvironment, EDGE), Wideband CDMA Technology (wideband code division multipleaccess, W-CDMA), CDMA (Code Division Multiple Access) (Code division access, CDMA), tdma (time division multiple access, TDMA), bluetooth, adopting wireless fidelity technology (Wireless, Fidelity, WiFi) (as IEEE-USA standard IEEE 802.11a, IEEE802.11b, IEEE802.11g and/or IEEE802.11n), the networking telephone (Voice over internetprotocal, VoIP), worldwide interoperability for microwave access (Worldwide Interoperability for MicrowaveAccess, Wi-Max), other are for mail, the agreement of instant messaging and short message, and any other suitable communications protocol, even can comprise those current agreements be developed not yet.

Locating module 112 is for obtaining the current location of user terminal 100.The example of locating module 112 includes but not limited to GPS (Global Position System) (GPS), location technology based on WLAN (wireless local area network) or mobile radio communication.

Image capture module 114 is for taking pictures or video.Photo or the video of shooting can be stored in memory 102, and send by radio-frequency module 110.

Audio-frequency module 116 provides audio interface to user, and it can comprise one or more microphone, one or more loud speaker and voicefrequency circuit.Voicefrequency circuit receives voice data from Peripheral Interface 108, voice data is converted to telecommunications breath, and telecommunications breath is transferred to loud speaker.Telecommunications breath is changed the sound wave can heard into people's ear by loud speaker.Voicefrequency circuit also from microphone receive telecommunications breath, convert electrical signals to voice data, and by data transmission in network telephony to Peripheral Interface 108 to be further processed.Voice data can obtain from memory 102 or by radio-frequency module 110.In addition, voice data also can be stored in memory 102 or by radio-frequency module 110 and send.In some instances, audio-frequency module 116 also can comprise an earphone and broadcast hole, for providing audio interface to earphone or other equipment.

Touch Screen 118 provides one simultaneously and exports and inputting interface between user terminal 100 and user.Particularly, Touch Screen 118 exports to user's display video, and the content of these video frequency output can comprise word, figure, video and combination in any thereof.Some Output rusults correspond to some user interface object.Touch Screen 118 also receives the input of user, and the gesture operation such as click, slip of such as user, so that response is made in the input of user interface object to these users.The technology detecting user's input can be based on resistance-type, condenser type or other touch control detection technology possible arbitrarily.The instantiation of Touch Screen 118 display unit includes, but are not limited to liquid crystal display or light emitting polymer displays.

Key-press module 120 provides user to carry out the interface inputted to user terminal 100 equally, and user can perform different functions by pressing different buttons to make user terminal 100.

Fig. 3 is a kind of structured flowchart of the server that can be applicable in the embodiment of the present invention.As shown in Figure 3, server 200 comprises: memory 201, processor 202 and mixed-media network modules mixed-media 203.Be appreciated that the structure shown in Fig. 3 is only signal, it does not cause restriction to the structure of the server in the embodiment of the present invention.Such as, the server in the embodiment of the present invention also can comprise than assembly more or less shown in Fig. 3, or has the configuration different from shown in Fig. 3.In addition, the server in the embodiment of the present invention can also comprise the server of multiple concrete difference in functionality.

Memory 201 can be used for storing software program and module, as the auth method in the embodiment of the present invention and program command/module corresponding to device, processor 202 is by running the software program and module that are stored in memory 201, thus perform the application of various function and data processing, namely realize the auth method in the embodiment of the present invention.Memory 201 can comprise high speed random asccess memory, also can comprise nonvolatile memory, as one or more magnetic storage device, flash memory or other non-volatile solid state memories.In some instances, memory 201 can comprise the memory relative to the long-range setting of processor 202 further, and these remote memories can be connected to server 200 by network.

Mixed-media network modules mixed-media 203 is for receiving and sending network signal.Above-mentioned network signal can comprise wireless signal or wire signal.In an example, above-mentioned network signal is cable network signal.Now, mixed-media network modules mixed-media 203 can comprise the elements such as processor, random asccess memory, transducer, crystal oscillator.

Above-mentioned software program and module also comprise operating system, such as can be LINUX, UNIX, WINDOWS, it can comprise the various component software for management system task (such as memory management, memory device control, power management etc.) and/or driving, and can with various hardware or the mutual communication of component software, thus provide the running environment of other component softwares.

Below in conjunction with accompanying drawing, the auth method provided the embodiment of the present invention, device are described in detail.

Refer to Fig. 4, be depicted as the flow chart of a kind of auth method that the embodiment of the present invention provides.Composition graphs 1, what the present embodiment described is the handling process of server, and the auth method that the present embodiment provides comprises the following steps:

Step S11, the identifying code that server receives user terminal sends pulls request.

In this step, user terminal can to pre-configured server, such as, can be a web page address, sends identifying code and pulls request, to obtain identifying code.Concrete, identifying code pulls in request and can carry page iden-tity (check code), and page iden-tity for identifying a unique page, such as, can be a numeral, during each refresh page, page iden-tity all can change, and pulls request have corresponding relation with identifying code.

Step S12, pulls request according to described identifying code, randomly draws an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, and described identifying code background picture comprises the area of absence corresponding with described sub-pictures.

Server, after the identifying code receiving user terminal transmission pulls request, can randomly draw an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture from authentication code database.

The identifying code background picture and sub-pictures that generate in advance is deposited in authentication code database.Each identifying code background picture has the one or more sub-pictures corresponding with it, in each identifying code background picture, there is the area of absence corresponding with sub-pictures, when sub-pictures according to preposition and the splicing of the predetermined anglec of rotation when the area of absence of identifying code background picture, a complete picture can be formed.

Please refer to Fig. 5, the generative process of identifying code background picture and sub-pictures can comprise the following steps:

Step S101, choose the picture in Background valut, cut at least one sub-pictures by described picture, described picture after being cut sub-pictures remaining part form described identifying code background picture, region cut in described identifying code background picture forms described area of absence.

Background valut can establish in advance, arranges in the server.The embodiment of the present invention does not need to have very strong classification identification to the particular content of identifying code background picture, the picture that direct use occurring in nature gathers, such as landscape, animal, building etc., picture in Background valut directly can be obtained from the Internet by server, resource is very abundant, therefore, the picture number of Background valut is easy to reach certain scale, can increase and artificially collect picture as the difficulty cracking exam pool.Picture in Background valut also can be by the advertising pictures that advertising pictures publisher server obtains, thus, when sub-pictures splices when the area of absence of identifying code background picture according to preposition and the predetermined anglec of rotation by user, a complete advertising pictures can be seen, thus identifying code can be utilized to carry out the services such as product promotion.

After selecting picture in Background valut, server can cut one or more (more than two or two) sub-pictures by described picture, described picture after being cut sub-pictures remaining part form described identifying code background picture, region cut in described identifying code background picture forms described area of absence.

When cutting out multiple sub-pictures by described picture, multiple sub-pictures described preferably have formed objects and shape.

Be the picture be selected for the scenery picture in Fig. 6, Fig. 6, server is by the sub-pictures this scenery picture cutting out 4 large little identical circles, and the region of former picture empty is area of absence.

Cutting picture can from the optional position of picture, and the shape of cutting can comprise the shape that circle, square, polygon etc. have multiple symmetry axis, does not allow like this to be cracked by machine or artificial malice.

Step S102, carries out the rotation of random angles by the sub-pictures cut out, the described predetermined anglec of rotation corresponding with described sub-pictures according to rotated angle calculation.

The rotation sub-pictures cut out being carried out random angles can increase further and cracks difficulty.With existing development of computer level, target location and the angle of directly recognizing picture are more difficult, crack difficulty relevant with the anglec of rotation b of sub-pictures to the number a of optional target area of absence, crack difficulty=1/ ( * b ^a).Immediately have collected picture, owing to cutting the position of picture and angle is all random, if therefore want that position by artificially collecting identifying code background picture and sub-pictures and angle are as cracking exam pool, be very difficult substantially, therefore, there is the very strong anti-ability of cracking.

The predetermined anglec of rotation corresponding with sub-pictures can be calculated according to the angle that sub-pictures rotates.Suppose that sub-pictures is circular picture, be have rotated 50 degree, when its by opposite spin 50 degree or rotate again 310 degree just can be correct by sub-pictures splicing in identifying code background picture.That is, suppose that certain sub-pictures be have rotated x degree when generating, its predetermined anglec of rotation can be (-x ± n*360) degree or (360-x ± n*360) degree, and wherein, n is natural number.

Step S103, preserve described identifying code background picture and postrotational sub-pictures, generate mapping table, described mapping table comprises: the corresponding relation between the sequence number of the numbering of described sub-pictures, the predetermined anglec of rotation and target area of absence, wherein, the position at target area of absence place is described preposition; Or comprise: the corresponding relation between the sequence number of the precalculated position of described sub-pictures in described identifying code background picture, the predetermined anglec of rotation and target area of absence, wherein, the error between the position at the target area of absence place that the precalculated position of described sub-pictures in described identifying code background picture is corresponding with described sub-pictures is in preset range.

In one embodiment, mapping table can comprise: the corresponding relation between the sequence number of the numbering of described sub-pictures, the predetermined anglec of rotation and target area of absence, and wherein, the position at target area of absence place is described preposition.Suppose an identifying code background picture multiple sub-pictures corresponding, multiple sub-pictures each self-corresponding numbering s=(s1, s2 ... sn), the predetermined anglec of rotation a=(a1 that multiple sub-pictures are corresponding, a2 ... am), the sequence number of the area of absence in identifying code background picture is t1, t2 ... tn.Correct identifying code answer can refer to definite sequence (s, a) combines, and appointment order refers to sub-pictures and correctly splices and be followed successively by t1 in sequence number, the order of the area of absence of t2 ..tn.Such as, sub-pictures is s1, s2, s3, s4, the predetermined anglec of rotation that s1 is corresponding to be the predetermined anglec of rotation that a1, s2 are corresponding the be predetermined anglec of rotation that a2, s3 are corresponding is the predetermined anglec of rotation that a3, s4 are corresponding is a4, the sequence number of the area of absence in identifying code background picture is t1, t2, t3, t4.Suppose according to correct answer, splicing is s2 at the sub-pictures of t1 position, the sub-pictures of splicing in t2 position is s1, the sub-pictures of splicing in t3 position is s4, and the sub-pictures spliced in t4 position is s3, then correct identifying code answer is order for (s2, a2), (s1, a1), the combination of (s4, a4), (s3, a3).

In another embodiment, comprise: the corresponding relation between the sequence number of the precalculated position of described sub-pictures in described identifying code background picture, the predetermined anglec of rotation and target area of absence, wherein, allow certain error between the position at the target area of absence place that the precalculated position of described sub-pictures in described identifying code background picture is corresponding with described sub-pictures, its error range can be such as 5%.The numbering of sub-pictures is replaced with the precalculated position of sub-pictures in described identifying code background picture, the threshold cracked can be improved, because in an identifying code, the quantity of sub-pictures is limited, and namely numbering is limited, but, the possibility of the position of sub-pictures in identifying code background picture is a lot, the picture being 400*500 for a resolution, if the error allowed is 5%, just there is 19W kind possibility, therefore can increase substantially to resist and crack ability.

Suppose an identifying code background picture multiple sub-pictures corresponding, precalculated position p=((x1, y1 in each comfortable identifying code background picture of multiple sub-pictures), (x2, y2) ... (xn, yn)), the predetermined anglec of rotation a=(a1 that multiple sub-pictures are corresponding, a2,, am), the sequence number of the area of absence in identifying code background picture is t1, t2 ... tn.Correct identifying code answer can be (p, s, a) array.Such as, the precalculated position that sub-pictures is corresponding is p1, p2, p3, the predetermined anglec of rotation that p4, p1 are corresponding is the predetermined anglec of rotation that a1, p2 are corresponding is a2, the predetermined anglec of rotation that p3 is corresponding is a3, the predetermined anglec of rotation that p4 is corresponding is a4, and the sequence number of the area of absence in identifying code background picture is t1, t2, t3, t4.Suppose according to correct answer, splicing at the sub-pictures of t1 position is s2, and the sub-pictures spliced in t2 position is s1, the sub-pictures of splicing in t3 position is s4, and the sub-pictures spliced in t4 position is s3, then correct identifying code answer is (p2, t1, a2), (p1, t2, a1), (p4, t3, a4), the combination of (p3, t4, a3).The numbering of described sub-pictures or described sub-pictures can also be handed down to described user terminal in the precalculated position in described identifying code background picture while extracted identifying code background picture and sub-pictures are handed down to described user terminal by described server

Step S13, is handed down to described user terminal by extracted identifying code background picture and sub-pictures, to make described user terminal, described identifying code background picture and sub-pictures is showed user.

Further, described server is also handed down to described user terminal verification tip information, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.Certainly, this information also can be generated by user terminal and show, the specific embodiment of the present invention is not as limit.

Step S14, receive that described user terminal returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user splicing picture, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is for passing through.

Concrete, when server receives the splicing picture of identifying code background picture that user terminal returns and sub-pictures, also receive the splicing picture of the identifying code background picture that returns of user terminal and sub-pictures simultaneously, the numbering of described sub-pictures, described sub-pictures is actual be spliced the area of absence in described identifying code background picture sequence number and when splicing described sub-pictures by the angle rotated, or the identifying code background picture that described user terminal returns and the splicing picture of sub-pictures, the precalculated position of described sub-pictures in described identifying code background picture, described sub-pictures is actual be spliced position in described identifying code background picture and when splicing described sub-pictures by the angle rotated.

According to numbering or the precalculated position of described sub-pictures in described identifying code background picture of described sub-pictures, search described mapping table, judge whether described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation according to described mapping table, if, then the result is for passing through, if not, then the result is not for pass through.

The result can also be returned user terminal and show user by server.

In the embodiment of the present invention, the particular content of identifying code background picture does not need to have very strong classification identification, directly can be obtained from the Internet by server, resource is very abundant, do not need manually to classify, can reduce costs, also can increase in addition and artificially collect picture as the difficulty cracking exam pool; Take full advantage of the innate advantage that the mankind understand image content, user carries out correct putting according to the understanding of the incidence relation of content in identifying code background picture and sub-pictures to sub-pictures, because machine is all existed very large difficulty to the understanding of image content and sub-pictures by the understanding these two aspects of the incidence relation after rotating and between background picture, therefore considerably increase the difficulty that machine cracks identifying code, fail safe is high; Relative to clicking identifying code, not needing user to carry out classification identification according to problem to picture, providing area of absence and selecting for user, reducing the use threshold of user.That is the present invention greatly can improve the anti-power of cracking of identifying code under the prerequisite not affecting Consumer's Experience, effectively raises the fail safe of user rs authentication.

Fig. 7 is the schematic flow sheet of the another kind of auth method in the embodiment of the present invention.Incorporated by reference to Fig. 1, what this embodiment described is the handling process of user terminal, and the auth method in the present embodiment comprises:

Step S21, user terminal sends identifying code to server and pulls request.

Step S22, receive and show the identifying code background picture that described server issues and sub-pictures, described identifying code background picture comprises the area of absence corresponding with described sub-pictures.

Described user terminal can also receive and show the verification tip information that described server issues, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

Step S23, described sub-pictures and described identifying code background picture splice by the instruction according to described user, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates.

The instruction of described user can comprise described user inputs to described user terminal instruction by modes such as gesture input, phonetic entry or character string inputs.

Be input as example with gesture, user terminal can in response to described user to the drag operation of described sub-pictures or in response to described user to the dragging of described sub-pictures and rotation process, by the splicing of described sub-pictures in described identifying code background picture.User terminal can obtain angle that sub-pictures rotates and the path of movement or the target location of movement in response user is to the dragging of sub-pictures and the process of rotation process.

For phonetic entry, user can the target location of the angle of phonetic entry picture rotation and the path of movement or movement, such as rotated ninety degrees clockwise, move to first area of absence etc., user terminal is changed into digital signal after receiving above-mentioned voice signal, and according to the operation that digital information responds sub-pictures.

User directly can also input instructions such as " rotated ninety degrees clockwise move to first area of absence ".

Step S24, sends to described server to verify in the splicing picture of identifying code background picture and sub-pictures, and when described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation, the result is for passing through.

Refer to Fig. 8, be depicted as the flow chart of another auth method that the embodiment of the present invention provides.Composition graphs 1, what this embodiment described is interaction process flow process between user terminal and server.The present embodiment is by specifically to click identifying code, the present invention will be described.Auth method in the present embodiment can comprise:

Step S301, server chooses the picture in Background valut, cut at least one sub-pictures by described picture, described picture after being cut sub-pictures remaining part form described identifying code background picture, region cut in described identifying code background picture forms described area of absence.

Step S302, the sub-pictures cut out is carried out the rotation of random angles by server, the described predetermined anglec of rotation corresponding with described sub-pictures according to rotated angle calculation.

Step S303, server preserves described identifying code background picture and postrotational sub-pictures, generate mapping table, described mapping table comprises: the corresponding relation between the sequence number of the numbering of described sub-pictures, the predetermined anglec of rotation and target area of absence, wherein, the position at target area of absence place is described preposition.

Step S304, user terminal sends identifying code to server and pulls request.

Step S305, server pulls request according to described identifying code, randomly draws an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, and described identifying code background picture comprises the area of absence corresponding with described sub-pictures.

Step S306, extracted identifying code background picture and sub-pictures are handed down to described user terminal by server, to make described user terminal, described identifying code background picture and sub-pictures are showed user.

Step S307, user terminal receives and shows the identifying code background picture that described server issues and sub-pictures, and points out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

Step S308, described sub-pictures and described identifying code background picture splice according to the instruction of described user by user terminal, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates.

Step S309, the sequence number that user terminal is spliced area of absence in described identifying code background picture by actual to identifying code background picture and the splicing picture of sub-pictures, the numbering of described sub-pictures, described sub-pictures and when splicing described sub-pictures sent to described server to verify by the angle rotated.

Step S310, server is according to the numbering of described sub-pictures, search described mapping table, judge whether described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation according to described mapping table, if, then the result is for passing through, if not, then the result is not for pass through.

Step S311, the result is returned user terminal and shows user by server.

The structural representation of a kind of authentication means that Fig. 9 provides for the embodiment of the present invention.Please refer to Fig. 9, the device that the present embodiment proposes can run on server, and for the auth method that above-described embodiment proposes, the device 40 in the present embodiment can comprise:

Request receiving module 41, the identifying code sent for receiving user terminal pulls request;

Picture abstraction module 42, for pulling request according to described identifying code, randomly draw an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, described identifying code background picture comprises the area of absence corresponding with described sub-pictures;

Picture issues module 43, for extracted identifying code background picture and sub-pictures are handed down to described user terminal, to make described user terminal, described identifying code background picture and sub-pictures is showed user; And

Authentication module 44, for receiving that described user terminal returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user splicing picture, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is for passing through.

Further, described picture issues module 43 can also be used for issuing verification tip information to described user terminal, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

When described picture issues module 43 also for extracted identifying code background picture and sub-pictures being handed down to described user terminal, also by the numbering of described sub-pictures or described sub-pictures, described user terminal is handed down in the precalculated position in described identifying code background picture.

Further, please refer to Figure 10, described authentication module 44 can comprise:

Receiving element 441, for receiving the splicing picture of identifying code background picture that described user terminal returns and sub-pictures, the numbering of described sub-pictures, described sub-pictures is actual be spliced the area of absence in described identifying code background picture sequence number and when splicing described sub-pictures by the angle rotated, or the identifying code background picture that described user terminal returns and the splicing picture of sub-pictures, the precalculated position of described sub-pictures in described identifying code background picture, described sub-pictures is actual be spliced position in described identifying code background picture and when splicing described sub-pictures by the angle rotated,

Authentication unit 442, for the numbering according to described sub-pictures, search described mapping table, judge whether described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation according to described mapping table, if, then the result is for passing through, if not, then the result is not for pass through.

Further, described device can also comprise identifying code generation module 45, please refer to Figure 11, and identifying code generation module 45 can comprise:

Generation unit 451, for choosing the picture in Background valut, cut at least one sub-pictures by described picture, described picture after being cut sub-pictures remaining part form described identifying code background picture, region cut in described identifying code background picture forms described area of absence;

Computing unit 452, the sub-pictures for cutting out carries out the rotation of random angles, the described predetermined anglec of rotation corresponding with described sub-pictures according to rotated angle calculation;

Storage unit 453, for preserving described identifying code background picture and postrotational sub-pictures, generate mapping table, described mapping table comprises: the corresponding relation between the sequence number of the numbering of described sub-pictures, the predetermined anglec of rotation and target area of absence, wherein, the position at target area of absence place is described preposition; Or comprise: the corresponding relation between the sequence number of the precalculated position of described sub-pictures in described identifying code background picture, the predetermined anglec of rotation and target area of absence.

Described generation unit 451 can cut multiple sub-pictures by described picture, and multiple sub-pictures described have formed objects and shape.

Each module can be by software code realization above, and now, above-mentioned each module can be stored in the memory of server.Each module can be realized by hardware such as integrated circuit (IC) chip equally above.

It should be noted that, the function of each functional module of the server of the embodiment of the present invention can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can be not repeated herein.

It should be noted that, module in above-described embodiment can run on a total server also can run on multiple server, such as, picture library can be stored by former figure storage server, generate identifying code background picture and sub-pictures by identifying code generation server, issued checking background picture and corresponding sub-pictures by authentication server and user identity is verified, etc.The quantity of server and the setting of buffering area also change according to concrete enforcement scene and implementation condition, and such change does not affect protection scope of the present invention.

The structural representation of a kind of authentication means that Figure 12 provides for the embodiment of the present invention.Please refer to Figure 12, the device that the present embodiment proposes can run on user terminal, may be used for the auth method realizing above-described embodiment proposition, comprising: described device 50 comprises:

Request sending module 51, pulls request for sending identifying code to server;

Display module 52, for receiving and showing the identifying code background picture that described server issues and sub-pictures, described identifying code background picture comprises the area of absence corresponding with described sub-pictures;

Concatenation module 53, splices described sub-pictures and described identifying code background picture for the instruction according to described user, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates; And

Authorization information sending module 54, for sending to described server to verify in the splicing picture of identifying code background picture and sub-pictures, when described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation, the result is for passing through.

Further, described display module 52 can also be used for receiving and show the verification tip information that described server issues, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

The instruction of described user can comprise described user inputs to described user terminal instruction by gesture input, phonetic entry or character string input mode.

In a kind of embodiment, described concatenation module 53 in response to described user to the drag operation of described sub-pictures or in response to described user to the dragging of described sub-pictures and rotation process, by the splicing of described sub-pictures in described identifying code background picture.

Figure 13 is the structured flowchart of the authentication system in the embodiment of the present invention.Please refer to Figure 13, the authentication system 60 that the present embodiment proposes may be used for the auth method realizing above-described embodiment proposition, and the authentication system 60 in the present embodiment can comprise: user terminal 61 and server 62.

User terminal 61 may be used for sending identifying code to server 62 and pulls request; Receive and show the identifying code background picture that described server 62 issues and sub-pictures, described identifying code background picture comprises the area of absence corresponding with described sub-pictures; Described sub-pictures and described identifying code background picture splice by the instruction according to described user, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates; And send to described server to verify in the splicing picture of identifying code background picture and sub-pictures, when described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation, the result is for passing through.

The identifying code that server 62 may be used for receiving user terminal 61 transmission pulls request; Pull request according to described identifying code, randomly draw an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, described identifying code background picture comprises the area of absence corresponding with described sub-pictures; Extracted identifying code background picture and sub-pictures are handed down to described user terminal 61, to make described user terminal 61, described identifying code background picture and sub-pictures are showed user; And receive that described user terminal returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user splicing picture, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is for passing through.

It should be noted that, each embodiment in this specification all adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar part mutually see.For device class embodiment, due to itself and embodiment of the method basic simlarity, so description is fairly simple, relevant part illustrates see the part of embodiment of the method.

It should be noted that, in this article, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or device and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or device.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the device comprising this key element and also there is other identical element.

One of ordinary skill in the art will appreciate that all or part of step realizing above-described embodiment can have been come by hardware, the hardware that also can carry out instruction relevant by program completes, the program of being somebody's turn to do can be stored in a kind of computer-readable recording medium, the above-mentioned storage medium mentioned can be read-only memory, disk or CD etc.

The above, it is only preferred embodiment of the present invention, not any pro forma restriction is done to the present invention, although the present invention discloses as above with preferred embodiment, but and be not used to limit the present invention, any those skilled in the art, do not departing within the scope of technical solution of the present invention, make a little change when the technology contents of above-mentioned announcement can be utilized or be modified to the Equivalent embodiments of equivalent variations, in every case be do not depart from technical solution of the present invention content, according to any simple modification that technical spirit of the present invention is done above embodiment, equivalent variations and modification, all still belong in the scope of technical solution of the present invention.

Claims

1. an auth method, is characterized in that, described method comprises:

The identifying code that server receives user terminal sends pulls request;

Pull request according to described identifying code, randomly draw an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, described identifying code background picture comprises the area of absence corresponding with described sub-pictures;

Extracted identifying code background picture and sub-pictures are handed down to described user terminal, to make described user terminal, described identifying code background picture and sub-pictures are showed user; And

Receive that described user terminal returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user splicing picture, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is for passing through.

2. the method for claim 1, is characterized in that, before the identifying code that described server receives user terminal sends pulls the step of request, also comprises:

Choose the picture in Background valut, cut at least one sub-pictures by described picture, described picture after being cut sub-pictures remaining part form described identifying code background picture, region cut in described identifying code background picture forms described area of absence;

The sub-pictures cut out is carried out the rotation of random angles, the described predetermined anglec of rotation corresponding with described sub-pictures according to rotated angle calculation;

Preserve described identifying code background picture and postrotational sub-pictures, generate mapping table, described mapping table comprises: the corresponding relation between the sequence number of the numbering of described sub-pictures, the predetermined anglec of rotation and target area of absence, wherein, the position at target area of absence place is described preposition; Or comprise: the corresponding relation between the sequence number of the precalculated position of described sub-pictures in described identifying code background picture, the predetermined anglec of rotation and target area of absence, wherein, the error between the position at the target area of absence place that the precalculated position of described sub-pictures in described identifying code background picture is corresponding with described sub-pictures is in preset range;

When extracted identifying code background picture and sub-pictures are handed down to described user terminal by described server, also by the numbering of described sub-pictures or described sub-pictures, described user terminal is handed down in the precalculated position in described identifying code background picture.

3. method as claimed in claim 2, it is characterized in that, cut multiple sub-pictures by described picture, multiple sub-pictures described have formed objects and shape.

4. method as claimed in claim 2, it is characterized in that, splicing picture that the described user terminal of described reception returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is the step passed through, and comprising:

Receive the splicing picture of identifying code background picture that described user terminal returns and sub-pictures, the numbering of described sub-pictures, described sub-pictures is actual be spliced the area of absence in described identifying code background picture sequence number and when splicing described sub-pictures by the angle rotated, or the identifying code background picture that described user terminal returns and the splicing picture of sub-pictures, the precalculated position of described sub-pictures in described identifying code background picture, described sub-pictures is actual be spliced position in described identifying code background picture and when splicing described sub-pictures by the angle rotated

5. the method for claim 1, is characterized in that, the picture in described Background valut comprises by the advertising pictures that advertising pictures publisher server obtains.

6. the method for claim 1, is characterized in that, described server is also handed down to described user terminal verification tip information, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

7. an auth method, is characterized in that, described method comprises:

User terminal sends identifying code to server and pulls request;

Receive and show the identifying code background picture that described server issues and sub-pictures, described identifying code background picture comprises the area of absence corresponding with described sub-pictures;

Described sub-pictures and described identifying code background picture splice by the instruction according to described user, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates; And

Send to described server to verify in the splicing picture of identifying code background picture and sub-pictures, when described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation, the result is for passing through.

8. method as claimed in claim 7, it is characterized in that, described user terminal also receives and shows the verification tip information that described server issues, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

9. method as claimed in claim 7, is characterized in that, the instruction of described user comprises described user inputs to described user terminal instruction by gesture input, phonetic entry or character string input mode.

10. method as claimed in claim 7, it is characterized in that, described step of splicing described identifying code background picture and sub-pictures according to the instruction of described user, comprising:

In response to described user to the drag operation of described sub-pictures or in response to described user to the dragging of described sub-pictures and rotation process, by the splicing of described sub-pictures in described identifying code background picture.

11. 1 kinds of authentication means, run on server, it is characterized in that, described device comprises:

Request receiving module, the identifying code sent for receiving user terminal pulls request;

Picture abstraction module, for pulling request according to described identifying code, randomly draw an identifying code background picture and the sub-pictures corresponding with extracted identifying code background picture, described identifying code background picture comprises the area of absence corresponding with described sub-pictures;

Picture issues module, for extracted identifying code background picture and sub-pictures are handed down to described user terminal, to make described user terminal, described identifying code background picture and sub-pictures is showed user; And

Authentication module, for receiving that described user terminal returns, carry out identifying code background picture and the sub-pictures spliced according to the instruction of described user splicing picture, when described sub-pictures splices when the area of absence of described identifying code background picture according to preposition and the predetermined anglec of rotation, the result is for passing through.

12. devices as claimed in claim 11, it is characterized in that, described device also comprises identifying code generation module, and described identifying code generation module comprises:

Generation unit, for choosing the picture in Background valut, cut at least one sub-pictures by described picture, described picture after being cut sub-pictures remaining part form described identifying code background picture, region cut in described identifying code background picture forms described area of absence;

Computing unit, the sub-pictures for cutting out carries out the rotation of random angles, the described predetermined anglec of rotation corresponding with described sub-pictures according to rotated angle calculation;

Storage unit, for preserving described identifying code background picture and postrotational sub-pictures, generate mapping table, described mapping table comprises: the corresponding relation between the sequence number of the numbering of described sub-pictures, the predetermined anglec of rotation and target area of absence, wherein, the position at target area of absence place is described preposition; Or comprise: the corresponding relation between the sequence number of the precalculated position of described sub-pictures in described identifying code background picture, the predetermined anglec of rotation and target area of absence;

13. devices as claimed in claim 12, it is characterized in that, described generation unit cuts multiple sub-pictures by described picture, and multiple sub-pictures described have formed objects and shape.

14. devices as claimed in claim 12, it is characterized in that, described authentication module comprises:

Receiving element, for receiving the splicing picture of identifying code background picture that described user terminal returns and sub-pictures, the numbering of described sub-pictures, described sub-pictures is actual be spliced the area of absence in described identifying code background picture sequence number and when splicing described sub-pictures by the angle rotated, or the identifying code background picture that described user terminal returns and the splicing picture of sub-pictures, the precalculated position of described sub-pictures in described identifying code background picture, described sub-pictures is actual be spliced position in described identifying code background picture and when splicing described sub-pictures by the angle rotated,

Authentication unit, for the numbering according to described sub-pictures, search described mapping table, judge whether described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation according to described mapping table, if, then the result is for passing through, if not, then the result is not for pass through.

15. devices as claimed in claim 12, it is characterized in that, the picture in described Background valut comprises by the advertising pictures that advertising pictures publisher server obtains.

16. devices as claimed in claim 11, it is characterized in that, described picture issues module also for issuing verification tip information to described user terminal, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

17. 1 kinds of authentication means, run on client terminal, it is characterized in that, described device comprises:

Request sending module, pulls request for sending identifying code to server;

Display module, for receiving and showing the identifying code background picture that described server issues and sub-pictures, described identifying code background picture comprises the area of absence corresponding with described sub-pictures;

Concatenation module, splices described sub-pictures and described identifying code background picture for the instruction according to described user, and the instruction of described user comprises the angle and the path of movement or the target location of movement that described sub-pictures rotates; And

Authorization information sending module, for sending to described server to verify in the splicing picture of identifying code background picture and sub-pictures, when described sub-pictures splices in described area of absence according to preposition and the predetermined anglec of rotation, the result is for passing through.

18. devices as claimed in claim 17, it is characterized in that, described display module also for receiving and showing the verification tip information that described server issues, in order to point out user by sub-pictures by the mobile and rotary splicing area of absence at described identifying code background picture.

19. devices as claimed in claim 17, is characterized in that, the instruction of described user comprises described user inputs to described user terminal instruction by gesture input, phonetic entry or character string input mode.

20. devices as claimed in claim 17, it is characterized in that, described concatenation module in response to described user to the drag operation of described sub-pictures or in response to described user to the dragging of described sub-pictures and rotation process, by the splicing of described sub-pictures in described identifying code background picture.