The content of the invention
For this reason, the present invention provides a kind of Information Authentication method, apparatus and system, solved or at least alleviated above with trying hard to
Existing at least one problem.
According to an aspect of the invention, there is provided a kind of Information Authentication method, this method perform in the terminal, move
Dynamic terminal can be connected by network with application server, short message server, including step:Under loopback mode, generation verification
Code;In response to user confirm passback operation, call short message interface send comprising identifying code and application account verification short message to
Short message server, verification short message is sent to application server by short message server;Receive application account input by user and verification
Code, in response to user login operation, sends identifying code with application account to application server, so that application server is tested
The corresponding identifying code of application account that card, wherein application server are sent by comparing short message server, sends with mobile terminal
The corresponding identifying code of application account, whether the two consistent, to complete to verify;And receive the verification sent by application server
Described account is applied as a result, being logged in if verification is consistent.
Alternatively, in Information Authentication method according to the present invention, step is further included:Input interface is monitored, when detecting
When the number that user carries out verification operation reaches predetermined threshold, into loopback mode.
Alternatively, in Information Authentication method according to the present invention, identifying code is the numeral generated at random.
According to another aspect of the present invention, there is provided a kind of Information Authentication device, which arranges on mobile terminals, moves
Dynamic terminal can be connected by network with application server, short message server, and device includes:Information generating unit, suitable for into
After entering loopback mode, identifying code is generated;Connection management unit, is adapted to respond to user's operation, sends comprising identifying code and using account
Number verification short message to short message server, verification short message is sent to application server by short message server, and respond user's
Register, application service is sent to by application account and identifying code that the user received inputs on mobile terminal display screen
Device, so that application server is verified, wherein application server is corresponded to by comparing the application account that short message server is sent
Identifying code, the corresponding identifying code of application account sent with mobile terminal, whether the two consistent, to complete to verify, and and also
Suitable for receiving the verification result sent by application server, logged in if verification is consistent and described apply account.
Alternatively, in Information Authentication device according to the present invention, monitoring control unit is further included, it is defeated suitable for monitoring in real time
Incoming interface, when the number for detecting user's progress verification operation reaches predetermined threshold, into loopback mode.
Alternatively, in Information Authentication device according to the present invention, identifying code is the numeral generated at random.
According to another aspect of the present invention, there is provided a kind of Information Authentication method, this method perform in the application server,
Application server can be connected by network with mobile terminal, short message server, including step:Reception is sent by short message server
Verification short message, wherein verification short message includes and apply account and identifying code, verify that short message is that mobile terminal is issued in loopback mode
Give short message server;Storage is using account and identifying code as preset data;Reception is stepped on by mobile terminal in response to user
Identifying code that record operation is sent and using account, by it compared with preset data, if than being verified if more consistent, sends out
Verification result is sent to apply account to mobile terminal so that mobile terminal login is described.
Alternatively, in Information Authentication method according to the present invention, in storage using account and identifying code as preset number
According to the step of before, further include step:Receive the communication account sent in the lump with verification short message by short message server;Judge communication
Whether account and application account consistent, if consistent storage using account and identifying code as preset data to verify;If no
It is consistent then return to authentication failed.
Alternatively, in Information Authentication method according to the present invention, receive the identifying code sent by mobile terminal and answer
With account, by it compared with preset data the step of includes:According to application, account inquiry user whether there is;And if deposit
It is whether consistent using the corresponding identifying code of account then comparing, if identifying code unanimously if be verified.
Alternatively, in Information Authentication method according to the present invention, identifying code is the numeral generated at random.
According to another aspect of the present invention, there is provided a kind of Information Authentication device, the device are arranged in application server
On, application server can be connected by network with mobile terminal, short message server, and device includes:Connection management unit, is suitable for
The verification short message sent by short message server is received, wherein verification short message includes and applies account and identifying code, verification short message is to move
Dynamic terminal is sent to short message server under loopback mode, and receives and sent by mobile terminal in response to user login operation
Identifying code and application account, send verification result to mobile terminal, described apply account so that mobile terminal logs in;Information
Storage unit, suitable for storing the application account sent by short message server and identifying code as preset data;And Information Authentication
Unit, suitable for the identifying code that will be sent by mobile terminal and application account compared with preset data, if than if more consistent
It is verified.
Alternatively, in Information Authentication device according to the present invention, connection management unit is further adapted for receiving by short message service
The communication account that device is sent in the lump with verification short message;Information Authentication unit is further adapted for receiving testing by short message server transmission
After demonstrate,proving short message and communication account, judge to communicate account and whether application account is consistent, if consistent send an indication to information storage
Unit, by its storage using account and identifying code as preset data.
Alternatively, in Information Authentication device according to the present invention, Information Authentication unit further includes:Information query unit,
Suitable for whether there is according to application account inquiry user;And judging unit, suitable for after inquiry user exists, comparing using account
Whether number corresponding identifying code consistent, if identifying code unanimously if be verified.
Alternatively, in Information Authentication device according to the present invention, identifying code is the numeral generated at random.
According to another aspect of the present invention, there is provided a kind of information authentication system, system include:With as described above
The mobile terminal of Information Authentication device;And the application server with Information Authentication device as described above.
Information Authentication scheme according to the present invention, different from sending identifying code again, but uses the side of identifying code passback
Formula so that Information Authentication is more efficient, and ensure that the safety of user information.
Embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
Limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Completely it is communicated to those skilled in the art.
Fig. 1 is 100 organigram of mobile terminal according to an embodiment of the invention.With reference to Fig. 1, mobile terminal
100 include:Memory interface 102, one or more data processor, image processor and/or central processing unit 104, with
And peripheral interface 106.Memory interface 102, one or more processors 104 and/or peripheral interface 106 are either discrete member
Part, can also be integrated in one or more integrated circuits.In the mobile terminal 100, various elements can pass through one or more
Bar communication bus or signal wire couple.Sensor, equipment and subsystem may be coupled to peripheral interface 106, to help reality
Existing multiple functions.For example, motion sensor 110, optical sensor 112 and range sensor 114 may be coupled to peripheral interface
106, to facilitate the functions such as orientation, illumination and ranging.Other sensors 116 can equally be connected with peripheral interface 106, such as fixed
Position system (such as GPS receiver), temperature sensor, biometric sensor or other sensor devices, it is possible thereby to help reality
Apply relevant function.
Camera sub-system 120 and optical sensor 122 can be used for the camera of convenient such as recording photograph and video clipping
The realization of function, wherein the camera sub-system and optical sensor for example can be charge coupling device (CCD) or complementary gold
Belong to oxide semiconductor (CMOS) optical sensor.It can help to realize by one or more radio communication subsystems 124
Communication function, wherein radio communication subsystem can include radio-frequency transmitter and transmitter and/or light (such as infrared) receiver
And transmitter.The particular design and embodiment of radio communication subsystem 124 can depend on mobile terminal 100 is supported one
A or multiple communication networks.For example, mobile terminal 100 can include being designed to support GSM network, GPRS network, EDGE nets
The communication subsystem 124 of network, Wi-Fi or WiMax network and BlueboothTM networks.Audio subsystem 126 can be with raising one's voice
Device 128 and microphone 130 are coupled, to help to implement the function of enabling voice, such as speech recognition, speech reproduction, number
Word records and telephony feature.
I/O subsystems 140 can include touch screen controller 142 and/or other one or more input controllers 144.
Touch screen controller 142 may be coupled to touch-screen 146.For example, the touch-screen 146 and touch screen controller 142 can be with
The contact carried out therewith and movement or pause are detected using any one of a variety of touch-sensing technologies, wherein sensing skill
Art includes but is not limited to capacitive character, resistive, infrared and surface acoustic wave technique.Other one or more input controllers 144
May be coupled to other input/control devicess 148, for example, one or more buttons, rocker switch, thumb wheel, infrared port,
The pointer device of USB port, and/or stylus etc.One or more of button (not shown)s can include being used to control
The up/down button of 130 volume of loudspeaker 128 and/or microphone.
Memory interface 102 can be coupled with memory 150.The memory 150 can be deposited including high random access
Reservoir and/or nonvolatile memory, such as one or more disk storage equipments, one or more optical storage apparatus, and/
Or flash memories (such as NAND, NOR).Memory 150 can store an operating system 152, for example, Android, IOS or
The operating system of Windows Phone etc.The operating system 152 can include being used to handle basic system services and execution
Instruction dependent on the task of hardware.Memory 150 can also be stored using 154.These applications in operation, can be from memory
150 are loaded on processor 104, and are run on the operating system run via processor 104, and utilize operating system
And the interface that bottom hardware provides realizes the desired function of various users, such as instant messaging, web page browsing, pictures management.
Using can be independently of operating system offer or operating system carries.
According to one embodiment of present invention, there is provided a kind of mobile terminal 100, Ke Yitong with Information Authentication
The client application for crossing placement information authentication function realizes the function, which is stored in using in 154.
Fig. 2 shows information authentication system 200 according to an embodiment of the invention.The system 200 includes mobile whole
End 100, application server 210 and short message server 220, application server for example can be to be physically located at one or more
The remote cloud server in a place, the said equipment are connected with each other by network.
The workflow of the information authentication system 200 is described in detail below.
Under normal circumstances, the process of short message verification code verification is as follows:User is carrying out user's registration, is sending message, download
Data, when pay etc. operation, can show in the client application of mobile terminal 100 and fill in frame, user need to fill in from
Oneself communication account, under normal circumstances, communication account can be phone numbers, and client software is sent to account is communicated using clothes
Business device 210, application server 210 call the server of short message operator, i.e., the short message server 220 in the system is filled out to user
The communication account write sends the short message for including identifying code, and after mobile terminal 100 receives said short message, user is in mobile terminal
The identifying code in short message is write in 100, and application server 210, application server 210 are sent it to by mobile terminal 100
Compare the identifying code issued and whether the identifying code that mobile terminal 100 is sent back be consistent, pass through verification if consistent.
But influenced by a variety of causes, sometimes user can not receive the short message for carrying identifying code in time, or even
In some cases, for example short message is indicated by the security software in mobile terminal and intercepted, and repeats to send short message not under this scene
It can solve the problems, such as.Therefore, present invention proposes the scheme that the mode using short message returning carries out Information Authentication.
According to one embodiment of present invention, set when mobile terminal 100 detects that user carries out the number of verification operation
When reaching predetermined threshold (for example be carried out continuously 3 requests verification operations and still failed), loopback mode is put into.Returning
Under pattern, mobile terminal 100 generates identifying code, according to an embodiment, 6 digits which can be randomly generated
Word.Then identifying code can be shown on the display screen of mobile terminal 100, and needs user to be confirmed whether to postback identifying code,
As shown in Figure 7 A.User clicks on " confirmation ", and the operation of passback is confirmed in response to user, and mobile terminal 100 calls short message interface hair
Sending the verification short message comprising identifying code and application account, according to one embodiment of present invention, verification is short to short message server 220
The content of letter is generated by following form:Using account+identifying code+check code.It should be noted that the present invention is not intended to limit verification
The content and/or form of short message, as long as including in verification short message using account and identifying code, subsequently to carry out Information Authentication
.
After short message server 220 receives verification short message, by verify short message and postback identifying code mobile terminal it is logical
News account is sent to application server 210 in the lump.Application server 210 can judge to communicate first account with verifying answering in short message
It is whether consistent with account, stored if consistent using account and identifying code as preset data;Verification is returned if inconsistent to lose
Lose.Application server 210 has been given below and has obtained the example code that user postbacks the interface of short message verification code:
Then the display screen of mobile terminal 100 jumps to as shown in Figure 7 B, and account and identifying code are applied in user's input, are rung
Should be in the register of user, mobile terminal 100 sends identifying code input by user with application account to application server 210,
Complete to verify by application server 210.Specifically verification step is:The user is inquired about according to application account first whether there is,
Herein using account include as preset data store using account and the application account sent by mobile terminal 100,
And above-mentioned two application account should be consistent.Apply accounts consistent and in the presence of the user when two, it is more above-mentioned
Whether two corresponding identifying codes of application accounts consistent, if identifying code unanimously if be verified, send verification result to it is mobile eventually
End 100, makes it log in this and applies account.So far, information verification process terminates.
Information Authentication scheme according to the present invention, different from sending identifying code again, but uses the side of identifying code passback
Formula so that Information Authentication is more efficient, and can ensure the safety of user information well.
Fig. 3 shows the flow chart of Information Authentication method 300 according to an embodiment of the invention.This method is mobile whole
Performed in end 100, mobile terminal 100 can be connected by network with application server 210, short message server 220, and this method begins
In step S310, under loopback mode, identifying code is generated.According to one embodiment of present invention, mobile terminal 100 monitors in real time
Input interface, when the number for detecting user's progress verification operation reaches predetermined threshold, is put into loopback mode.Wherein verify
The numeral that code can be randomly generated.
Then in step s 320, the operation of passback is confirmed in response to user, calls short message interface to send and includes identifying code
Verification short message with application account sends the verification short message to application server to short message server 220 by short message server 220
210。
Then in step S330, application account input by user and identifying code are received, in response to user login operation, hair
Send identifying code with application account to application server 210, so that application server 210 is verified, wherein application server 210
The corresponding identifying code of application account sent by comparing short message server 220, the application account pair sent with mobile terminal 100
The identifying code answered, whether the two is consistent, to complete to verify.
Then in step S340, the verification result sent by application server 210 is received, being logged in if verification is consistent should
Using account.
Fig. 4 shows the schematic diagram of Information Authentication device 400 according to an embodiment of the invention.The device is arranged in shifting
In dynamic terminal 100, mobile terminal 100 can be connected by network with application server 210, short message server 220, described device
Including:Information generating unit 410 and connection management unit 420.
According to one embodiment of present invention, which further includes monitoring control unit, is connect suitable for real time monitoring input
Mouthful, when the number for detecting user's progress verification operation reaches predetermined threshold, into loopback mode.Predetermined threshold can be set
3 requests verification operations are carried out continuously for user still to fail, certainly, the present invention is not limited this.Monitoring control is single
The information for entering loopback mode is sent to information generating unit 410 coupled thereto by member.
Information generating unit 410 is suitable for after loopback mode is entered, and generates identifying code.Wherein identifying code can be random life
Into numeral.
Connection management unit 420 is adapted to respond to user's operation, send the verification short message comprising identifying code and application account to
Short message server 220, verification short message is sent to application server 210 by short message server 220, and responds the login behaviour of user
Make, the application account and identifying code that the user received is inputted on 100 display screen of mobile terminal are sent to application server
210, so that application server 210 is verified, wherein application server 210 is by comparing answering for the transmission of short message server 220
With the corresponding identifying code of account, identifying code corresponding with the application account that mobile terminal 100 is sent, whether the two is consistent, has come
It is further adapted for receiving the verification result sent by application server into verification, and connection management unit 420, is stepped on if verification is consistent
Record and described apply account.
Fig. 5 shows the flow chart of Information Authentication method 500 in accordance with another embodiment of the present invention.This method is being applied
Performed in server 210, application server can be connected by network with mobile terminal, short message server, and this method starts from step
Rapid S510, receives the verification short message sent by short message server 220, wherein verification short message is contained using account and identifying code,
And it is that mobile terminal 100 is sent to short message server 220 under loopback mode, is sent to and answered by short message server to verify short message
With server 210.
Then in step S520, store by the obtained application accounts of step S510 and identifying code, as preset data.Root
According to one embodiment of the present invention, before step S520, step is further included:Receive short with verifying by short message server 220
Believe the communication account sent in the lump;Judge whether the communication account and application account consistent, if consistent storage using account and
Identifying code is as preset data to verify;Authentication failed is returned if inconsistent.
Then in step S530, the identifying code that is sent by mobile terminal 100 is received and using account, by itself and step
Preset data in S520 is compared, and if than being verified if more consistent, sends verification result to mobile terminal 100.According to
One embodiment of the present of invention, can be completed to verify by following steps.Inquire about whether the user deposits according to using account first
In being answered by what mobile terminal was sent in the preset data and the step S530 that include using account in step S520 herein
With account, and the two should be consistent by comparison using account.If two application account is consistent and user exists,
Whether consistent compare two corresponding identifying codes of application accounts again, if identifying code unanimously if be verified.
Fig. 6 shows the schematic diagram of Information Authentication device 600 in accordance with another embodiment of the present invention.600 cloth of device
To put on application server 210, application server 210 can be connected by network with mobile terminal 100, short message server 220,
The device 600 includes connection management unit 610, information memory cell 620 and Information Authentication unit 630.
Connection management unit 610 is suitable for receiving the verification short message sent by short message server 220, wherein the verification short message
Comprising apply account and identifying code, verification short message be mobile terminal 100 be sent under loopback mode short message server 220, by
Short message server is sent to application server 210.According to one embodiment of present invention, connection management unit 610 is further adapted for
Receive the communication account sent in the lump with the verification short message by short message server 220.Then receive and sent by mobile terminal 100
Identifying code and application account, send verification result to mobile terminal 100.
Information memory cell 620 is suitable for storing the application account sent by short message server 220 and identifying code as preset
Data.
Information Authentication unit 630 is suitable for the identifying code that will be sent by mobile terminal 100 and applies account and preset data
It is compared, if than being verified if more consistent.Specifically, Information Authentication unit 630 can include:Information query unit and sentence
Disconnected unit.Information query unit is suitable for whether there is according to application account inquiry user, if sending an indication to preset coupling in the presence of if
The judging unit connect, whether judging unit is suitable for comparing two corresponding identifying codes of application accounts consistent, if identifying code unanimously if
It is verified.
According to one embodiment of present invention, Information Authentication unit 630 is further adapted for being sent out by short message server 220 receiving
After the verification short message and communication account sent, judge to communicate account and whether application account is consistent, if unanimously sending an indication to letter
Storage unit is ceased, by its storage using account and identifying code as preset data.
It should be appreciated that in order to simplify the disclosure and help to understand one or more of each inventive aspect, it is right above
The present invention exemplary embodiment description in, each feature of the invention be grouped together into sometimes single embodiment, figure or
In person's descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. claimed hair
The bright feature more features required than being expressly recited in each claim.More precisely, as the following claims
As book reflects, inventive aspect is all features less than single embodiment disclosed above.Therefore, it then follows specific real
Thus the claims for applying mode are expressly incorporated in the embodiment, wherein each claim is used as this hair in itself
Bright separate embodiments.
Those skilled in the art should understand that the module or unit or group of the equipment in example disclosed herein
Part can be arranged in equipment as depicted in this embodiment, or alternatively can be positioned at and the equipment in the example
In different one or more equipment.Module in aforementioned exemplary can be combined as a module or be segmented into addition multiple
Submodule.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment
Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.In addition at least some in such feature and/or process or unit exclude each other, it can use any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, summary and attached drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit requires, summary and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation
Replace.
C1, the method as described in 7 or 8, wherein receiving the identifying code sent by mobile terminal and using account, by it
The step of compared with preset data, includes:According to application, account inquiry user whether there is;And should if comparing in the presence of if
It is whether consistent with the corresponding identifying code of account, if identifying code unanimously if be verified.C2, as any one of 7-8 or C1
Method, wherein identifying code are the numeral generated at random.D12, the device as described in D11, wherein, connection management unit is further adapted for connecing
Receive the communication account sent in the lump with the verification short message by short message server;Information Authentication unit is further adapted for receiving by short
After verification short message and communication account that telecommunications services device is sent, judge to communicate account and whether application account is consistent, if consistent hair
Send and be indicated to information memory cell, by its storage using account and identifying code as preset data.D13, such as D11 or D12 institutes
The device stated, wherein Information Authentication unit further include:Information query unit, suitable for whether being deposited according to application account inquiry user
;And judging unit, it is whether consistent using the corresponding identifying code of account suitable for after inquiry user exists, comparing, if verification
Code is unanimously then verified.D14, the device as any one of D11-13, wherein identifying code are the numeral generated at random.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
One of meaning mode can use in any combination.
In addition, be described as herein can be by the processor of computer system or by performing for some in the embodiment
The method or the combination of method element that other devices of the function are implemented.Therefore, have and be used to implement the method or method
The processor of the necessary instruction of element forms the device for being used for implementing this method or method element.In addition, device embodiment
Element described in this is the example of following device:The device is used to implement as in order to performed by implementing the element of the purpose of the invention
Function.
As used in this, unless specifically stated, come using ordinal number " first ", " second ", " the 3rd " etc.
Description plain objects are merely representative of the different instances for being related to similar object, and are not intended to imply that the object being so described must
Must have the time it is upper, spatially, in terms of sequence or given order in any other manner.
Although according to the embodiment of limited quantity, the invention has been described, benefits from above description, the art
It is interior it is clear for the skilled person that in the scope of the present invention thus described, it can be envisaged that other embodiments.Additionally, it should be noted that
The language that is used in this specification primarily to readable and teaching purpose and select, rather than in order to explain or limit
Determine subject of the present invention and select.Therefore, in the case of without departing from the scope and spirit of the appended claims, for this
Many modifications and changes will be apparent from for the those of ordinary skill of technical field.For the scope of the present invention, to this
The done disclosure of invention is illustrative and not restrictive, and it is intended that the scope of the present invention be defined by the claims appended hereto.