CN105100108A - Login authentication method, device and system based on face identification - Google Patents
Login authentication method, device and system based on face identification Download PDFInfo
- Publication number
- CN105100108A CN105100108A CN201510507946.1A CN201510507946A CN105100108A CN 105100108 A CN105100108 A CN 105100108A CN 201510507946 A CN201510507946 A CN 201510507946A CN 105100108 A CN105100108 A CN 105100108A
- Authority
- CN
- China
- Prior art keywords
- server
- user
- authentication
- application
- mobile terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
Abstract
The invention discloses a login authentication method based on face identification. A first server can be connected with a mobile terminal, a second server, a third server and an application server through a network. The method comprises the following steps: after a user inputs an account name and a password on a third-party application, the application server sends a login request to the first server; the first server sends authentication information to the second server, and the second server verifies the authentication information is successful; the first server sends a push message to the mobile terminal, and the mobile terminal collects a face image of the user and returns the face image to the first server; and after the second server verifies the face image is successful, the application server polls the authentication result to the first server. The invention also discloses a corresponding login authentication device and system based on face identification.
Description
Technical field
The present invention relates to communication technical field, especially a kind of login authentication method based on recognition of face, Apparatus and system.
Background technology
Along with the development of Internet technology, user's safety certification problem in various applications also becomes a large focus, and particularly the authentication mode of some application is comparatively complicated at present, and user uses more loaded down with trivial details.
In fact, current user often opens a different APP application and will experience loaded down with trivial details registration process application side could be allowed to identify account, in addition, registered account also must be loaded down with trivial details input account name and password complete certification log in, because user often forgets various account and password, so occurred that to different APP application be all the account and the password that use same set of static state, but account and the cipher safety of this general static state are extremely low, once stolen, account and the password of all APP application are revealed all completely, the property safety of user will be on the hazard.
From enterprise's angle, in the development teams that smart mobile phone APP applies, because each team all will make certification work to the account of user, the cost plenty of time is made a set of authentication system to the safety of account, certification by development teams, greatly reduce operating efficiency, and during authentication system development, because the self-ability of different development teams is limited, a lot of team all cannot guarantee the safety of user account.
For this reason, in order to adapt to modern high technology, ensure user account safety, simplify the operation of user simultaneously, just need a kind of safe, easy login authentication mode.
Summary of the invention
For this reason, the invention provides a kind of login authentication method based on recognition of face, Apparatus and system, to try hard to solve or at least alleviate at least one problem existed above.
According to an aspect of the present invention, provide a kind of login authentication method based on recognition of face, the method performs in first server, first server can be connected with mobile terminal, second server, the 3rd server, application server by network, comprise step: receive sent by application server, user asks to log in the logging request of third-party application, generate event identifier, wherein logging request comprises the authentication information with application identities, user ID and auth type, and wherein auth type is recognition of face; Send authentication information to second server, return the user mobile phone number corresponding with user ID by second server; Send propelling movement task to the 3rd server, so that the 3rd server push instruction display authorizes the message at interface to mobile terminal corresponding to user mobile phone number; Send event identifier to application server, and transmission comprises the authentication request of authentication information to mobile terminal; Receive the facial image of user that sent by mobile terminal, that collect on mandate interface; And transmission comprises the authentication information of facial image to second server, user ID and auth type is returned by second server, and associated user mark, event identifier and auth type, so that the authentication result that application server is corresponding with user ID according to event identifier inquiry.
Alternatively, based in the login authentication method of recognition of face, authentication information also comprises signing messages according to of the present invention, signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.
Alternatively, according to of the present invention based in the login authentication method of recognition of face, send authentication information to second server, the step being returned the user mobile phone number corresponding with user ID and auth type by second server comprises: send authentication information to second server, so that whether second server certifying signature information is correct; And if be verified, receive by second server send first checking message, wherein, first checking message comprise user mobile phone number.
Alternatively, according to of the present invention based in the login authentication method of recognition of face, also comprise step: associated user cell-phone number and event identifier, to determine the request type of active user according to the event identifier of user mobile phone number association.
Alternatively, according to of the present invention based in the login authentication method of recognition of face, comprise request type in propelling movement task.
Alternatively, according to of the present invention based in the login authentication method of recognition of face, transmission comprises the authentication information of facial image to second server, the step being returned user ID by second server comprises: transmission comprises the authentication information of facial image to second server, so that whether second server checking facial image is correct; And if be verified, receive by second server send second checking message, wherein second checking message comprise user ID and auth type.
Alternatively, according to of the present invention based in the login authentication method of recognition of face, send propelling movement task to before the step of the 3rd server, also comprise step: carry out to the 3rd server propellings movement and verify, if authentication failed, then send authentication failed message to application server.
According to a further aspect in the invention, provide a kind of login authentication device based on recognition of face, device resides in first server, first server can by network and mobile terminal, second server, 3rd server, application server is connected, device comprises: connection management unit, be suitable for receiving and sent by application server, user asks the logging request logging in third-party application, and to be sent by mobile terminal, authorizing the facial image of the user that interface collects, also be suitable for sending authentication information to second server, and receive the user mobile phone number returned by second server, and transmission comprises the authentication information of facial image to second server, and receive the user ID and auth type that are returned by second server, send event identifier to application server, send authentication request to mobile terminal, and send propelling movement task to the 3rd server, so that the 3rd server push instruction display authorizes the message at interface to mobile terminal corresponding to user mobile phone number, wherein logging request and authentication request all comprise and have application identities, the authentication information of user ID and auth type, and auth type is recognition of face, user mobile phone number is corresponding with user ID, information generating unit, is suitable for after receiving logging request, generates event identifier, and information association unit, be suitable for associated user mark, event identifier and auth type, so that the authentication result that application server is corresponding with user ID according to event identifier inquiry.
Alternatively, based in the login authentication device of recognition of face, authentication information also comprises signing messages according to of the present invention, signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.
Alternatively, according to of the present invention based in the login authentication device of recognition of face, connection management unit is also suitable for sending authentication information to second server, whether correct by its certifying signature information, if be verified, then receive the first checking message, it comprises the user mobile phone number corresponding with user ID.
Alternatively, based in the login authentication device of recognition of face, information association unit is also suitable for associated user cell-phone number and event identifier according to of the present invention, to determine the request type of active user according to the event identifier of user mobile phone number association.
Alternatively, according to of the present invention based in the login authentication device of recognition of face, comprise request type in propelling movement task.
Alternatively, according to of the present invention based in the login authentication device of recognition of face, connection management unit be also suitable for sending comprise facial image authentication information to second server, whether correct by its checking facial image, if be verified, then receive the second checking message, it comprises user ID and auth type.
Alternatively, according to of the present invention based in the login authentication device of recognition of face, also comprise: push authentication unit, be suitable for before transmission propelling movement task is to the 3rd server, carry out propelling movement checking to the 3rd server, if authentication failed, then send authentication failed message to application server.
According to a further aspect in the invention, provide another login authentication method based on recognition of face, method performs in second server, second server can by network and mobile terminal, first server, 3rd server, application server is connected, comprise step: receive the first checking request that first server sends, comprise in first checking request and there is application identities, the authentication information of user ID and auth type, authentication information is sent from application server by first server, user asks to obtain in the logging request of login third-party application, and first server also generates the event identifier associated with logging request, whether authentication verification information is correct, if be verified, return the user mobile phone number corresponding with user ID to first server, so that first server sends event identifier to application server and send propelling movement task to the 3rd server, display is indicated to authorize the message at interface to mobile terminal corresponding to user mobile phone number by the 3rd server push, receive the second checking request that first server sends, also facial image is comprised in second checking request, wherein first server transmission comprises the authentication request of authentication information to after mobile terminal, after receiving the facial image of user that sent by mobile terminal, that collect on mandate interface, send the second checking request, and whether checking facial image is correct, if be verified, return user ID and auth type to first server, identified by first server associated user, event identifier and auth type so that the authentication result that application server is corresponding with user ID according to event identifier inquiry.
Alternatively, based in the login authentication method of recognition of face, authentication information also comprises signing messages according to of the present invention, signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.
Alternatively, according to of the present invention based in the login authentication method of recognition of face, the step that whether authentication verification information correct after receiving the first checking request comprises: whether correctly carry out certifying signature information by cryptographic algorithm.
Alternatively, according to of the present invention based in the login authentication method of recognition of face, the step that whether identifier's face image is correct after receiving the second checking request comprises: extract the characteristic information in facial image, mate with the facial image feature templates of this preset user, if similarity is greater than threshold value, think that checking is correct.
According to a further aspect in the invention, provide another login authentication device based on recognition of face, device resides in second server, second server can by network and mobile terminal, first server, 3rd server, application server is connected, device comprises: connection management unit, be suitable for receiving the first checking request sent by first server, comprise in first checking request and there is application identities, the authentication information of user ID and auth type, authentication information is sent from application server by first server, user asks to obtain in the logging request of login third-party application, and first server is also suitable for generating the event identifier associated with logging request, user mobile phone number be returned to first server when being verified, so that first server transmission event identifier is to application server and send propelling movement task to the 3rd server, display is indicated to authorize the message at interface to mobile terminal corresponding to user mobile phone number by the 3rd server push, also be suitable for receiving the second checking request sent by first server, facial image is comprised in second checking request, wherein first server transmission comprises the authentication request of authentication information to after mobile terminal, reception is sent by mobile terminal, authorizing the facial image of the user that interface gathers, send the second checking request, user ID and auth type be returned to first server when being verified, identified by first server associated user, event identifier and auth type, so that the authentication result that application server is corresponding with user ID according to event identifier inquiry, and Information Authentication unit, be suitable for authentication verification information and whether facial image is correct.
Alternatively, based in the login authentication device of recognition of face, authentication information also comprises signing messages according to of the present invention, signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.
Alternatively, according to of the present invention based in the login authentication device of recognition of face, whether Information Authentication unit is also suitable for carrying out certifying signature information by cryptographic algorithm correct.
Alternatively, according to of the present invention based in the login authentication device of recognition of face, Information Authentication unit is also suitable for extracting the characteristic information in facial image, and mate with the facial image feature templates of this preset user, if judge, similarity is greater than threshold value, thinks that checking is correct.
According to another aspect of the present invention, provide a kind of accession authorization system based on recognition of face, system comprises: have as above based on the first server of the login authentication device of recognition of face; Have as above based on the second server of the login authentication device of recognition of face; 3rd server, is suitable for the PUSH message of propelling movement first server to mobile terminal; The application server be connected with third-party application; And mobile terminal, be suitable for analyzing by the PUSH message of the 3rd server push, and obtain authentication request to first server, and be sent in and authorize the facial image of the user that interface gathers to first server.
According to the login authentication scheme based on recognition of face of the present invention, guaranteed the fail safe of user account by re-authentication, when especially having needed the sensitive operation such as payment transaction user, adopt the mode of recognition of face to carry out certification and log in; Further, communicated by user ID between first server with application server, so first server can not obtain the accounts information of user in third-party application, ensured the account number safety of user further.
Accompanying drawing explanation
In order to realize above-mentioned and relevant object; combine description below and accompanying drawing herein to describe some illustrative aspect; these aspects indicate the various modes can putting into practice principle disclosed herein, and all aspects and equivalent aspect thereof are intended to fall in the scope of theme required for protection.Read detailed description below in conjunction with the drawings, above-mentioned and other object of the present disclosure, Characteristics and advantages will become more obvious.Throughout the disclosure, identical Reference numeral is often referred to for identical parts or element.
Fig. 1 shows the structure block diagram of the mobile terminal 100 according to an exemplary embodiment of the present invention;
Fig. 2 shows according to an embodiment of the invention based on the schematic diagram of the accession authorization system 200 of recognition of face;
Fig. 3 shows according to an embodiment of the invention based on the flow chart of the login authentication method 300 of recognition of face;
Fig. 4 shows according to an embodiment of the invention based on the schematic diagram of the login authentication device 400 of recognition of face;
Fig. 5 shows in accordance with another embodiment of the present invention based on the flow chart of the login authentication method 500 of recognition of face;
Fig. 6 shows in accordance with another embodiment of the present invention based on the schematic diagram of the login authentication device 600 of recognition of face;
Fig. 7 A shows the interface schematic diagram of third party website display logging request according to an embodiment of the invention; And
Fig. 7 B shows interface schematic diagram mobile terminal according to an embodiment of the invention showing and gathers facial image.
Embodiment
Below with reference to accompanying drawings exemplary embodiment of the present disclosure is described in more detail.Although show exemplary embodiment of the present disclosure in accompanying drawing, however should be appreciated that can realize the disclosure in a variety of manners and not should limit by the embodiment set forth here.On the contrary, provide these embodiments to be in order to more thoroughly the disclosure can be understood, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
Fig. 1 is mobile terminal 100 organigram according to an embodiment of the invention.With reference to Fig. 1, mobile terminal 100 comprises: memory interface 102, one or more data processor, image processor and/or CPU 104, and peripheral interface 106.Memory interface 102, one or more processor 104 and/or peripheral interface 106 both can be discrete components, also can be integrated in one or more integrated circuit.In the mobile terminal 100, various element can be coupled by one or more communication bus or holding wire.Transducer, equipment and subsystem can be coupled to peripheral interface 106, to help to realize several functions.Such as, motion sensor 110, optical sensor 112 and range sensor 114 can be coupled to peripheral interface 106, to facilitate the functions such as orientation, illumination and range finding.Other transducers 116 can be connected with peripheral interface 106 equally, such as navigation system (such as GPS), temperature sensor, biometric sensor or other sensor devices, can help thus to implement relevant function.
Camera sub-system 120 and optical pickocff 122 may be used for the realization of the camera function of convenient such as recording photograph and video clipping, and wherein said camera sub-system and optical pickocff can be such as charge coupled device (CCD) or complementary metal oxide semiconductors (CMOS) (CMOS) optical pickocff.Can help realize communication function by one or more radio communication subsystem 124, wherein radio communication subsystem can comprise radio-frequency transmitter and transmitter and/or light (such as infrared) Receiver And Transmitter.The particular design of radio communication subsystem 124 and execution mode can depend on one or more communication networks that mobile terminal 100 is supported.Such as, mobile terminal 100 can comprise the communication subsystem 124 being designed to support GSM network, GPRS network, EDGE network, Wi-Fi or WiMax network and BlueboothTM network.Audio subsystem 126 can be coupled with loud speaker 128 and microphone 130, such as, to help the function of implementing to enable voice, speech recognition, speech reproduction, digital record and telephony feature.
I/O subsystem 140 can comprise touch screen controller 142 and/or other input control devices 144 one or more.Touch screen controller 142 can be coupled to touch-screen 146.For example, what this touch-screen 146 and touch screen controller 142 can use any one in multiple touch-sensing technology to detect to carry out with it contact and movement or time-out, and wherein detection technology is including, but not limited to capacitive character, resistive, infrared and surface acoustic wave technique.Other input control devices 144 one or more can be coupled to other input/control devicess 148, the indication equipment of such as one or more button, rocker switch, thumb wheel, infrared port, USB port and/or stylus and so on.Described one or more button (not shown) can comprise the up/down button for control loudspeaker 128 and/or microphone 130 volume.
Memory interface 102 can be coupled with memory 150.This memory 150 can comprise high-speed random access memory and/or nonvolatile memory, such as one or more disk storage device, one or more optical storage apparatus, and/or flash memories (such as NAND, NOR).Memory 150 can storage operation system 152, the operating system of such as Android, IOS or WindowsPhone and so on.This operating system 152 can comprise the instruction of the task of depending on hardware for the treatment of basic system services and execution.Memory 150 can also store application 154.When these are applied in operation, can be loaded into processor 104 from memory 150, and run on the operating system run by processor 104, and the function that the various user of the Interface realization utilizing operating system and bottom hardware to provide expects, as instant messaging, web page browsing, pictures management etc.Application can provide independent of operating system, also can be that operating system carries.
According to one embodiment of present invention, provide a kind of mobile terminal 100 with login authentication function based on recognition of face, can by arranging that the client application had based on the login authentication function of recognition of face realizes this function, this client application is stored in application 154.
Fig. 2 shows the accession authorization system 200 based on recognition of face according to an embodiment of the invention.This system 200 comprises mobile terminal 100, first server 210, second server 220, the 3rd server 230 and application server 240, server can be such as the remote cloud server being physically located at one or more place, and the said equipment is interconnected by network.According to one embodiment of present invention, the said equipment can be bound by the mode scanning Quick Response Code.And the 3rd server 230 has APN pushing module, such as this APN pushing module contains the propelling movement based on iOS, Android, WindowsPhone; Application server 240, as third-party server, is connected with third-party application.
This workflow based on the accession authorization system 200 of recognition of face will be introduced in detail below.User inputs account name and password on third-party application, selects to confirm, as shown in Figure 7 A.In response to the logging request of user, third-party application generates login request message and sends to first server 210 by application server 240.According to an embodiment of the invention, comprise in this login request message: application identities, user ID, auth type and signing messages.According to one embodiment of present invention, application identities, user ID and auth type are referred to as authentication information.Wherein application identities is used for the identity identifying this application uniquely; Auth type is the type determining this login authentication, according to some execution mode, auth type can comprise the modes such as recognition of face, gesture identification, Application on Voiceprint Recognition, a key login, even more meticulously, it can be the living things feature recognition such as iris recognition, fingerprint recognition mode, in embodiments of the present invention, auth type refers to recognition of face; Signing messages comprises application identities, user ID and auth type to authentication information to be encrypted algorithm in interior transmission data and to obtain, in order to ensure the mutual safety of system, all transmission data all need to calculate a signing messages incidentally in the request through special algorithm.According to one embodiment of present invention, the generation principle of signing messages is: by the interface parameters outside signing messages by after the sequence of parameter name dictionary, be spliced into character string by following form:
$ parameter name 1=$ parameter value 1 $ parameter name 2=$ parameter value 2... $ parameter name n=$ parameter value n $ app_key
Wherein, app_key signs to request each time, to guarantee the fail safe of data.Again the character string of having spelled is used md5 encryption.
Such as, when supposing that certain is once mutual, the data of transmission have:
$ app_id='Fqlw4Z2KCqHzvw3YN0eUpM9KgTQ47iWf'; // application identities
$ app_key='qms7LwYXgw3FbnVdwYyA'; // application signature
$ uid='2384249'; // user ID
$ auth_type='3'; // auth type, such as representing auth type with 3 is recognition of face
Except signing messages, also have other three parameter: application identities app_id, user ID uid and auth type auth_type, by the sequence of parameter name dictionary, app_id is front, and auth_type the second, uid, rear, then splices character string:
'app_id='.$app_id.'auth_type='.$auth_type.'uid='.$uid.$app_key
Then, use the character string of MD5 to splicing to be encrypted, just obtain signing messages:
md5('app_id='.$app_id.'auth_type='.$auth_type.'uid='.$uid.$app_key)
It should be noted that, the mapping relations between the account name (such as username) of third-party application and user ID (such as uid) are prestored in application server 240, like this, after user inputs username and password on third-party application, the user ID of its correspondence searched automatically by application server 240, and user ID is sent to first server 210 together with login request message, complete subsequent step.That is, first server 210 can not obtain the accounts information of user in third-party application, is communicated between first server 210 with application server 240 by user ID, has ensured user account safety further.
When first server 210 receives logging request, generate event identifier.Event identifier is used to the request event identified each time, according to an embodiment, when after acquisition event identifier, can by calling/v1/event_result obtains event result corresponding to event identifier.
The authentication information received is sent to second server 220 by first server 210, verifies that whether this authentication information is correct, if be verified, then sends the first checking message to first server 210.Similarly, also signing messages can be accompanied with in this authentication information, second server 220 adopts same md5 encryption algorithm to obtain a signing messages to the encrypted authentication information received, contrast with the signing messages received again, if two signing messages are consistent, so be verified, transmission comprises the first checking message of user mobile phone number and auth type to first server 210, and user mobile phone number and user ID are corresponding.Such as, user mobile phone number and application identities are obtained a character string by certain principle combinations, is user ID.In the present invention, the method calculating user mobile phone number and user ID corresponding relation is not restricted.
First server 210 is after obtaining user mobile phone number, on the one hand, the mobile terminal logged in online that inquiring user cell-phone number is corresponding in a database, such as mobile phone, Pad etc., then the information of the mobile terminal inquired is write propelling movement task by first server 210, then propelling movement task is sent to the 3rd server 230.Such as, the device id of the mobile terminal that prestores in first server 210, just can by the device id of online mobile terminal write propelling movement task; On the other hand, user mobile phone number be associated with event identifier, according to description above, event identifier can identify the request type of this request event, so, according to incidence relation, just can determine the request type of active user.
According to an execution mode, first server 210, before transmission propelling movement task is to the 3rd server 230, will carry out propelling movement checking, to guarantee follow-up propelling movement successfully to the 3rd server.If authentication failed, send authentication failed message to application server 240.
After 3rd server 230 receives propelling movement task, by APN pushing module, PUSH message is pushed to corresponding mobile terminal 100.According to an embodiment, PUSH message comprises 3 kinds: checking message, user's gesture change message and other message.For considering propelling data fail safe, in PUSH message, only carry the type of propelling movement, not with concrete data.Such as, the type of PUSH message can be: whether consenting user logging request, kick out of user to login page and display PUSH message.In the present invention, the type of PUSH message is not limited, can define according to the demand of third-party application.According to description above, APN pushing module contains the propelling movement based on iOS, Android, WindowsPhone, and the code of its PUSH message is as follows:
Further, first server 210 also can send event identifier to application server 240.After mobile terminal 100 receives above-mentioned PUSH message, analyze the type of PUSH message, whether such as current push-type can be: agree to log in, mobile terminal 100 gets the authentication request that first server 210 sends, then show and authorize interface, in this authentication request, contain authentication information equally.Now mobile terminal 100 can call camera sub-system 120, and is authorizing mark interface showing and gathers user's facial image, as shown in Figure 7 B.When in the coverage that user is in mobile terminal, camera sub-system 120 can automatic search photograph the facial image of user, and then, this facial image is sent to first server 210 by mobile terminal 100.Authentication information with facial image, after receiving facial image, can be sent to second server 220 by first server 210, verifies that whether this facial image is correct, if be verified, then sends the second checking message to first server 210.According to the embodiment of the present invention, second server 220 is verified whether facial image correctly can be divided into and is detected human face region, face image preliminary treatment, face image feature extraction and images match 4 step.First, the facial image according to collecting detects human face region, obtains face image, and namely accurate calibration goes out position and the size of face in the picture.In some embodiments, detect the preprocessing process that human face region also belongs to recognition of face, the present invention does not limit this.Then do preliminary treatment to face image, this preprocessing process is exactly based on Face datection result, carries out processing and finally serve the process of feature extraction to face image.Because the image collected may be subject to restriction and the random disturbances of various condition, often directly can not use, need first to carry out the Image semantic classification such as gray correction, noise filtering to it.For people's face image, its preprocessing process mainly comprises the light compensation of facial image, greyscale transformation, histogram equalization, normalization, geometric correction, filtering and sharpening etc.It is exactly the process of people face being carried out to feature modeling that following face feature extracts.Face is made up of the local such as eyes, nose, mouth, chin, and to these local and the geometric description of structural relation between them, can be used as the key character identifying face, these features are called as geometric properties.After extracting the characteristic in people's face image, carry out mating, calculating similarity with the feature templates of this preset user, when similarity is greater than threshold value, then think that the match is successful, is verified.If be verified, then return user ID to first server 210.According to one embodiment of present invention, user is required prior typing face image, by identical processing method, obtains preset facial image feature templates, and is stored in second server, for the checking completed in this step user's facial image.Should be noted that, proof procedure for facial image also can not complete in second server 220, a background server being specifically designed to facial image identification and coupling can be arranged, store facial image feature templates, after second server 220 receives facial image, send it to this background server, completed the process of checking by it, the result is returned to second server 220.In addition, had the algorithm of a lot of comparative maturity can reference for the identification of facial image and coupling, the present invention limit concrete which kind of algorithm that adopts to verify that whether facial image is correct.
After first server 210 receives the user ID returned, this user ID is associated with auth type and sets up mapping relations, based on description before, user mobile phone number can be drawn according to user ID, therefore, in first server, store the contingency table about user mobile phone number, event identifier and auth type.Application server 240 can every the scheduled time according to event identifier to first server 210 query event result, and obtain user ID corresponding to this event result according to the mapping relations between user ID with event identifier, owing to prestoring the mapping relations of user ID and third-party application account name in application server 240, so application server 240 finally just obtains the result that active user asks login authentication.So far, user asks the operation of login authentication just to complete.
According to the login authentication scheme based on recognition of face of the present invention, guaranteed the fail safe of user account by re-authentication, when especially having needed the sensitive operation such as payment transaction user, adopt the mode of recognition of face to carry out certification and log in; Further, communicated by user ID between first server with application server, so first server can not obtain the accounts information of user in third-party application, ensured the account number safety of user further.
Fig. 3 shows according to an embodiment of the invention based on the flow chart of the login authentication method 300 of recognition of face.The method performs in first server 210, first server 210 can be connected with mobile terminal 100, second server 220, the 3rd server 230, application server 240 by network, the method starts from step S310, reception is sent by application server 240, user asks the logging request logging in third-party application, generate event identifier, wherein logging request comprises the authentication information with application identities, user ID and auth type.According to one embodiment of present invention, authentication information also comprises signing messages, and according to the description of Fig. 2, signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.According to embodiments of the invention, auth type is recognition of face.
Subsequently in step s 320, send authentication information to second server 220, the user mobile phone number corresponding with user ID is returned by second server 220, and associated user cell-phone number and event identifier, to determine the request type of active user according to the event identifier of user mobile phone number association.Particularly, authentication information is sent to second server 220, so that whether second server 220 certifying signature information is correct; If be verified, receive the first checking message sent by second server 220, wherein, described first checking message comprises user mobile phone number.
Subsequently in step S330, send propelling movement task to the 3rd server 230, authorize the message at interface to mobile terminal 100 corresponding to user mobile phone number so that the 3rd server 230 pushes instruction display.According to one embodiment of present invention, request type is comprised in propelling movement task.Should be noted that, can push smoothly in order to ensure propelling movement task, before transmission propelling movement task is to the 3rd server 230, first server 210 first can carry out propelling movement checking to the 3rd server, if authentication failed, then send authentication failed message to application server 240.
Subsequently in step S340, send event identifier to application server 240, and transmission comprises the authentication request of authentication information to mobile terminal 100.
Subsequently in step S350, receive the facial image of user that sent by mobile terminal, that collect on mandate interface.
Subsequently in step S360, transmission comprises the authentication information of facial image to second server 220, user ID and auth type is returned by second server 220, and associated user mark, event identifier and auth type, so that the authentication result that application server 240 is corresponding with user ID according to event identifier inquiry.
Fig. 4 shows according to an embodiment of the invention based on the schematic diagram of the login authentication device 400 of recognition of face.This device 400 resides in first server 210, first server 210 can be connected with mobile terminal 100, second server 220, the 3rd server 230, application server 240 by network, and this device 400 comprises: connection management unit 410, information generating unit 420 and information association unit 430.
Connection management unit 410 is suitable for that reception is sent by application server 240, that user asks to log in third-party application logging request.Information generating unit 420 is suitable for after receiving logging request, generates event identifier.According to one embodiment of present invention, logging request comprises the authentication information with application identities, user ID and auth type, and authentication information also comprises signing messages, signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.According to the embodiment of the present invention, auth type is exactly recognition of face.
Connection management unit 410 is also suitable for sending authentication information to second server 220, whether correct by its certifying signature information, if be verified, then receive the first checking message comprising user mobile phone number returned by second server 220, and user mobile phone number is corresponding with user ID.Information association unit 430 is suitable for associating this user mobile phone number and event identifier, from the above, according to the mapping relations of user mobile phone number and event identifier, can determine the request type of active user.
Then connection management unit 410 sends propelling movement task to the 3rd server 230, authorizes the message at interface to mobile terminal 100 corresponding to user mobile phone number so that the 3rd server 230 pushes instruction display.As the description of Fig. 2, in propelling movement task, comprise request type.According to one embodiment of present invention, this device 400 can also comprise one and push authentication unit 440, is suitable for, before transmission propelling movement task is to the 3rd server 230, carrying out propelling movement checking to the 3rd server 230, if authentication failed, then send authentication failed message to application server 240.Connection management unit 410 after transmission propelling movement task, then sends event identifier to application server 240 and send authentication request to mobile terminal 100.Similarly, this authentication request also includes authentication information.
When connection management unit 410 receive sent by mobile terminal 100, when authorizing the facial image of the user that interface gathers, again sending and comprising above-mentioned facial image authentication information to second server 220 and receive the user ID and auth type that are returned by second server 220.Information association unit is suitable for associated user mark, event identifier and auth type, so that the authentication result that application server 240 is corresponding with user ID according to event identifier inquiry.
Fig. 5 shows in accordance with another embodiment of the present invention based on the flow chart of the login authentication method 500 of recognition of face.Described method performs in second server 220, and second server 220 can be connected with mobile terminal 100, first server 210, the 3rd server 230, application server 240 by network.The method starts from step S510, receive the first checking request that first server 210 sends, the authentication information with application identities, user ID and auth type is comprised in first checking request, and authentication information is sent from application server 240 by first server 210, user asks to obtain the logging request of login third-party application, according to an embodiment, authentication information also comprises signing messages, and signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.According to the embodiment of the present invention, auth type is exactly recognition of face.In addition, first server 210 also generates the event identifier associated with logging request.
Subsequently in step S520, verify that whether above-mentioned authentication information is correct, if be verified, return the user mobile phone number corresponding with user ID to first server 210, so that first server 210 sends event identifier to application server 240 and send propelling movement task to the 3rd server 230, push instruction display by the 3rd server 230 and authorize the message at interface to mobile terminal 100 corresponding to user mobile phone number.For the verification step of authentication information, describe unanimously with Fig. 2, repeat no more herein.
Subsequently in step S530, receive the second checking request that first server 210 sends, also comprise authentication information in the second checking request, also comprise facial image.According to a kind of execution mode, when first server 210 send comprise authentication information authentication request to mobile terminal 100 after, receive sent by mobile terminal 100, after the facial image of authorizing the user that interface collects, send above-mentioned second checking request.
Subsequently in step S540, whether checking facial image is correct, if be verified, return user ID to first server 210, by first server 210 associated user mark, event identifier and auth type, so that the testimony of a witness result that application server 240 is corresponding with user ID according to event identifier inquiry.Equally, the step of checking facial image, is no longer described in detail herein.
Fig. 6 shows in accordance with another embodiment of the present invention based on the schematic diagram of the login authentication device 600 of recognition of face.This device resides in second server 220, this second server 220 can be connected with mobile terminal 100, first server 210, the 3rd server 230, application server 240 by network, and device 600 comprises: connection management unit 610 and Information Authentication unit 620.
Connection management unit 610 is suitable for receiving the first checking request sent by first server 210, the authentication information with application identities, user ID and auth type is comprised in first checking request, this authentication information is sent from application server by first server, user asks to obtain the logging request of login third-party application, and described first server 210 is also suitable for generating the event identifier associated with logging request.
Information Authentication unit 620 is suitable for verifying that when receiving the first checking request whether above-mentioned authentication information is correct.User mobile phone number is returned to first server 210 by connection management unit 610 when being verified, so that first server 210 sends event identifier to application server 240 and send propelling movement task to the 3rd server 230, push instruction display by the 3rd server 230 and authorize the message at interface to mobile terminal 100 corresponding to user mobile phone number.
Connection management unit 610 is also suitable for receiving the second checking request sent by first server 210, comprises authentication information and facial image in the second checking request.According to one embodiment of the invention, first server 210 transmission comprises the authentication request of authentication information to after mobile terminal 100, after receiving the facial image of user that sent by mobile terminal 100, that gather on mandate interface, sends above-mentioned second checking request.
Information Authentication unit 620 is suitable for verifying that when receiving the second checking request whether above-mentioned facial image is correct.User ID and auth type (namely recognition of face) be returned to first server 210 when being verified, by first server 210 associated user mark, event identifier and auth type, so that the authentication result that application server 240 is corresponding with user ID according to event identifier inquiry.
According to one embodiment of present invention, Information Authentication unit 620 is by after being encrypted the transmission data comprising application identities, user ID and auth type, whether correctly carry out certifying signature information, if correct, illustrate that authentication information is correct, be verified.
On the other hand, Information Authentication unit 620 is mated with preset facial image feature templates income the facial image received by face recognition algorithms, calculates its similarity, if similarity is greater than threshold value, thinks and be verified.Concrete algorithm introduction can with reference to the description part based on Fig. 2 in this specification.
Be to be understood that, in order to simplify the disclosure and to help to understand in each inventive aspect one or more, in the description above to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes.But, the method for the disclosure should be construed to the following intention of reflection: namely the present invention for required protection requires than the feature more multiple features clearly recorded in each claim.Or rather, as claims below reflect, all features of disclosed single embodiment before inventive aspect is to be less than.Therefore, the claims following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are to be understood that the module of the equipment in example disclosed herein or unit or assembly can be arranged in equipment as depicted in this embodiment, or alternatively can be positioned in one or more equipment different from the equipment in this example.Module in aforementioned exemplary can be combined as a module or can be divided into multiple submodule in addition.
Those skilled in the art are appreciated that and adaptively can change the module in the equipment in embodiment and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition.Except at least some in such feature and/or process or unit be mutually repel except, any combination can be adopted to combine all processes of all features disclosed in this specification (comprising adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment or unit.Unless expressly stated otherwise, each feature disclosed in this specification (comprising adjoint claim, summary and accompanying drawing) can by providing identical, alternative features that is equivalent or similar object replaces.
A4, method as described in A3, also comprise step: associated user cell-phone number and event identifier, to determine the request type of active user according to the event identifier of user mobile phone number association.A5, method as described in A4, wherein, comprise request type in propelling movement task.A6, method according to any one of A2-5, wherein transmission comprises the authentication information of facial image to second server, the step being returned user ID by second server comprises: transmission comprises the authentication information of facial image to second server, so that second server verifies that whether described facial image is correct; And if be verified, receive by second server send second checking message, wherein said second checking message comprise user ID and auth type.A7, method according to any one of A1-6, wherein, send propelling movement task to before the step of the 3rd server, also comprise step: carry out propellings movement checking to the 3rd server, if authentication failed, then transmission authentication failed message is to application server.
B11, device as described in B10, wherein, information association unit is also suitable for associated user cell-phone number and event identifier, to determine the request type of active user according to the event identifier of user mobile phone number association.B12, device as described in B11, wherein, comprise request type in propelling movement task.B13, device according to any one of B9-12, wherein, connection management unit be also suitable for sending comprise facial image authentication information to second server, verify that whether described facial image is correct by it, if be verified, then receive the second checking message, it comprises user ID and auth type.B14, device according to any one of B8-13, also comprise: push authentication unit, is suitable for, before transmission propelling movement task is to the 3rd server, carrying out propellings movement checking to the 3rd server, if authentication failed, then transmission authentication failed message is to application server.
C17, method as described in C16, wherein, the step that whether authentication verification information is correct after receiving the first checking request comprises: whether correctly carry out certifying signature information by cryptographic algorithm.C18, method according to any one of C15-17, wherein, the step that whether identifier's face image is correct after receiving the second checking request comprises: extract the characteristic information in facial image, mate with the facial image feature templates of this preset user, if similarity is greater than threshold value, think that checking is correct.
D20, device as described in D19, wherein, authentication information also comprises signing messages, and signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.D21, device as described in D20, wherein, whether Information Authentication unit is also suitable for carrying out certifying signature information by cryptographic algorithm correct.D22, device according to any one of D19-21, wherein, Information Authentication unit is also suitable for extracting the characteristic information in facial image, and mate with the facial image feature templates of this preset user, if judge, similarity is greater than threshold value, thinks that checking correctly.
In addition, those skilled in the art can understand, although embodiments more described herein to comprise in other embodiment some included feature instead of further feature, the combination of the feature of different embodiment means and to be within scope of the present invention and to form different embodiments.Such as, in the following claims, the one of any of embodiment required for protection can use with arbitrary compound mode.
In addition, some in described embodiment are described as at this can by the processor of computer system or the method implemented by other device performing described function or the combination of method element.Therefore, there is the device of processor formation for implementing the method or method element of the necessary instruction for implementing described method or method element.In addition, the element described herein of device embodiment is the example as lower device: this device is for implementing the function performed by the element of the object in order to implement this invention.
As used in this, unless specifically stated so, use ordinal number " first ", " second ", " the 3rd " etc. to describe plain objects and only represent the different instances relating to similar object, and be not intended to imply the object be described like this must have the time upper, spatially, sequence aspect or in any other manner to definite sequence.
Although the embodiment according to limited quantity describes the present invention, benefit from description above, those skilled in the art understand, in the scope of the present invention described thus, it is contemplated that other embodiment.In addition, it should be noted that the language used in this specification is mainly in order to object that is readable and instruction is selected, instead of select to explain or limiting theme of the present invention.Therefore, when not departing from the scope and spirit of appended claims, many modifications and changes are all apparent for those skilled in the art.For scope of the present invention, be illustrative to disclosing of doing of the present invention, and nonrestrictive, and scope of the present invention is defined by the appended claims.
Claims (10)
1. based on a login authentication method for recognition of face, described method performs in first server, and described first server can be connected with mobile terminal, second server, the 3rd server, application server by network, and described method comprises step:
Reception is sent by application server, user asks the logging request logging in third-party application, generate event identifier, wherein said logging request comprises the authentication information with application identities, user ID and auth type, and wherein said auth type is recognition of face;
Send described authentication information to second server, return the user mobile phone number corresponding with user ID by second server;
Send propelling movement task to the 3rd server, so that the 3rd server push instruction display authorizes the message at interface to mobile terminal corresponding to user mobile phone number;
Send described event identifier to application server, and transmission comprises the authentication request of authentication information to mobile terminal;
Receive the facial image of user that sent by mobile terminal, that collect on mandate interface; And
Transmission comprises the authentication information of facial image to second server, user ID and auth type is returned by second server, and associate described user ID, event identifier and auth type, so that the authentication result that application server is corresponding with user ID according to event identifier inquiry.
2. the method for claim 1, wherein described authentication information also comprises signing messages, and described signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.
3. method as claimed in claim 2, wherein said transmission authentication information is to second server, and the step being returned the user mobile phone number corresponding with user ID and auth type by second server comprises:
Send authentication information to second server, so that second server verifies that whether described signing messages is correct; And
If be verified, receive the first checking message sent by second server, wherein, described first checking message comprises user mobile phone number.
4. based on a login authentication device for recognition of face, described device resides in first server, and described first server can be connected with mobile terminal, second server, the 3rd server, application server by network, and described device comprises:
Connection management unit, be suitable for receiving sent by application server, user asks to log in the logging request of third-party application, and sent by mobile terminal, at the facial image of authorizing the user that interface collects,
Also being suitable for sending authentication information to second server receives the user mobile phone number that returned by second server and sends the authentication information comprising facial image and receive the user ID and auth type that are returned by second server to second server, send event identifier to application server, send authentication request to mobile terminal and send propelling movement task to the 3rd server, so that the 3rd server push instruction display authorizes the message at interface to mobile terminal corresponding to user mobile phone number
Wherein said logging request and authentication request all comprise the authentication information with application identities, user ID and auth type, and described auth type is recognition of face, and user mobile phone number is corresponding with user ID;
Information generating unit, is suitable for after receiving logging request, generates event identifier; And information association unit, be suitable for associating described user ID, event identifier and auth type, so that the authentication result that application server is corresponding with user ID according to event identifier inquiry.
5. device as claimed in claim 4, wherein,
Described authentication information also comprises signing messages, and described signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.
6. device as claimed in claim 5, wherein,
Described connection management unit is also suitable for sending authentication information to second server, verifies that whether described signing messages is correct by it, if be verified, then receive the first checking message, it comprises the user mobile phone number corresponding with user ID.
7. based on a login authentication method for recognition of face, described method performs in second server, and described second server can be connected with mobile terminal, first server, the 3rd server, application server by network, and described method comprises step:
Receive the first checking request that first server sends, the authentication information with application identities, user ID and auth type is comprised in described first checking request, described authentication information is sent from application server by first server, user asks to obtain the logging request of login third-party application, and described first server also generates the event identifier associated with logging request;
Verify that whether described authentication information is correct, if be verified, return the user mobile phone number corresponding with user ID to first server, so that first server sends described event identifier to application server and send propelling movement task to the 3rd server, display is indicated to authorize the message at interface to mobile terminal corresponding to user mobile phone number by the 3rd server push;
Receive the second checking request that first server sends, also facial image is comprised in described second checking request, wherein said first server transmission comprises the authentication request of authentication information to after mobile terminal, after receiving the facial image of user that sent by mobile terminal, that collect on mandate interface, send described second checking request; And
Verify that whether described facial image is correct, if be verified, return user ID and auth type to described first server, described user ID, event identifier and auth type is associated, so that the authentication result that application server is corresponding with user ID according to event identifier inquiry by first server.
8. method as claimed in claim 7, wherein, described authentication information also comprises signing messages, and described signing messages is encrypted algorithm to the transmission data comprising application identities, user ID and auth type to obtain.
9. based on a login authentication device for recognition of face, described device resides in second server, and described second server can be connected with mobile terminal, first server, the 3rd server, application server by network, and described device comprises:
Connection management unit, be suitable for receiving the first checking request sent by first server, comprise in described first checking request and there is application identities, the authentication information of user ID and auth type, described authentication information is sent from application server by first server, user asks to obtain in the logging request of login third-party application, and described first server is also suitable for generating the event identifier associated with logging request, user mobile phone number be returned to described first server when being verified, so that first server transmission event identifier is to application server and send propelling movement task to the 3rd server, display is indicated to authorize the message at interface to mobile terminal corresponding to user mobile phone number by the 3rd server push,
Also be suitable for receiving the second checking request sent by first server, facial image is comprised in described second checking request, wherein said first server transmission comprises the authentication request of authentication information to after mobile terminal, reception is sent by mobile terminal, authorizing the facial image of the user that interface gathers, send described second checking request, user ID and auth type be returned to first server when being verified, described user ID is associated by first server, event identifier and auth type, so that the authentication result that application server is corresponding with user ID according to event identifier inquiry, and
Information Authentication unit, be suitable for verifying described authentication information and facial image whether correct.
10., based on an accession authorization system for recognition of face, described system comprises:
There is the first server of the login authentication device based on recognition of face according to any one of claim 4-6;
Have as claimed in claim 9 based on the second server of the login authentication device of recognition of face;
3rd server, is suitable for the PUSH message of propelling movement first server to mobile terminal;
The application server be connected with third-party application; And
Mobile terminal, is suitable for analyzing by the PUSH message of the 3rd server push, and obtains authentication request to first server, and is sent in and authorizes the facial image of the user that interface gathers to first server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510507946.1A CN105100108B (en) | 2015-08-18 | 2015-08-18 | A kind of login authentication method based on recognition of face, apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510507946.1A CN105100108B (en) | 2015-08-18 | 2015-08-18 | A kind of login authentication method based on recognition of face, apparatus and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105100108A true CN105100108A (en) | 2015-11-25 |
| CN105100108B CN105100108B (en) | 2018-04-13 |
Family
ID=54579653
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510507946.1A Active CN105100108B (en) | 2015-08-18 | 2015-08-18 | A kind of login authentication method based on recognition of face, apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105100108B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106878017A (en) * | 2015-12-14 | 2017-06-20 | 中国电信股份有限公司 | Method, user terminal, Website server and system for network ID authentication |
| CN106921655A (en) * | 2017-01-26 | 2017-07-04 | 华为技术有限公司 | A kind of business authorization method and device |
| CN107462297A (en) * | 2017-07-13 | 2017-12-12 | 刘金华 | A kind of intellectual water meter and its control system based on Internet of Things |
| JP2018015912A (en) * | 2016-07-25 | 2018-02-01 | 富士ゼロックス株式会社 | Image processing device, image processing system and image processing program |
| CN107808082A (en) * | 2017-10-13 | 2018-03-16 | 平安科技(深圳)有限公司 | Electronic installation, data access verification method and computer-readable recording medium |
| CN108992926A (en) * | 2018-06-15 | 2018-12-14 | 广州市点格网络科技有限公司 | Based on recognition of face game login method, device and computer readable storage medium |
| CN109978441A (en) * | 2019-02-22 | 2019-07-05 | 天津五八到家科技有限公司 | Vehicle selection method, equipment and storage medium |
| CN110321935A (en) * | 2019-06-13 | 2019-10-11 | 上海上湖信息技术有限公司 | Business event relationship determines method and device, computer readable storage medium |
| CN110765096A (en) * | 2018-07-27 | 2020-02-07 | 国信优易数据有限公司 | Information sharing method and device, and modeling method and device of information sharing model |
| CN111191218A (en) * | 2019-12-30 | 2020-05-22 | 江苏恒宝智能系统技术有限公司 | Authorization authentication method and device |
| CN111259358A (en) * | 2020-01-07 | 2020-06-09 | 数字广东网络建设有限公司 | Login method, login device, computer equipment and storage medium |
| CN111818034A (en) * | 2020-06-30 | 2020-10-23 | 中国工商银行股份有限公司 | Network access control method, device, electronic equipment and medium |
| CN112733113A (en) * | 2021-01-12 | 2021-04-30 | 中国工商银行股份有限公司 | Device authentication method, device, system, electronic device and medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101316169A (en) * | 2008-07-18 | 2008-12-03 | 张曌 | Network identity verification method based on internet third party biological characteristic validation |
| CN101330386A (en) * | 2008-05-19 | 2008-12-24 | 刘洪利 | Authentication system based on biological characteristics and identification authentication method thereof |
| US20090235345A1 (en) * | 2008-03-14 | 2009-09-17 | Mitsuhiro Oikawa | Authentication system, authentication server apparatus, user apparatus and application server apparatus |
| CN101771539A (en) * | 2008-12-30 | 2010-07-07 | 北京大学 | Face recognition based method for authenticating identity |
| CN102420800A (en) * | 2010-09-28 | 2012-04-18 | 俞浩波 | Method, system and authentication terminal for accomplishing service by multi-factor identity authentication |
-
2015
- 2015-08-18 CN CN201510507946.1A patent/CN105100108B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090235345A1 (en) * | 2008-03-14 | 2009-09-17 | Mitsuhiro Oikawa | Authentication system, authentication server apparatus, user apparatus and application server apparatus |
| CN101330386A (en) * | 2008-05-19 | 2008-12-24 | 刘洪利 | Authentication system based on biological characteristics and identification authentication method thereof |
| CN101316169A (en) * | 2008-07-18 | 2008-12-03 | 张曌 | Network identity verification method based on internet third party biological characteristic validation |
| CN101771539A (en) * | 2008-12-30 | 2010-07-07 | 北京大学 | Face recognition based method for authenticating identity |
| CN102420800A (en) * | 2010-09-28 | 2012-04-18 | 俞浩波 | Method, system and authentication terminal for accomplishing service by multi-factor identity authentication |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106878017A (en) * | 2015-12-14 | 2017-06-20 | 中国电信股份有限公司 | Method, user terminal, Website server and system for network ID authentication |
| CN106878017B (en) * | 2015-12-14 | 2020-02-28 | 中国电信股份有限公司 | Method, user terminal, website server and system for network identity authentication |
| JP2018015912A (en) * | 2016-07-25 | 2018-02-01 | 富士ゼロックス株式会社 | Image processing device, image processing system and image processing program |
| CN106921655A (en) * | 2017-01-26 | 2017-07-04 | 华为技术有限公司 | A kind of business authorization method and device |
| CN107462297A (en) * | 2017-07-13 | 2017-12-12 | 刘金华 | A kind of intellectual water meter and its control system based on Internet of Things |
| CN107808082B (en) * | 2017-10-13 | 2021-08-24 | 平安科技(深圳)有限公司 | Electronic device, data access verification method, and computer-readable storage medium |
| CN107808082A (en) * | 2017-10-13 | 2018-03-16 | 平安科技(深圳)有限公司 | Electronic installation, data access verification method and computer-readable recording medium |
| WO2019071893A1 (en) * | 2017-10-13 | 2019-04-18 | 平安科技(深圳)有限公司 | Electronic device, data access verification method and computer readable storage medium |
| CN108992926A (en) * | 2018-06-15 | 2018-12-14 | 广州市点格网络科技有限公司 | Based on recognition of face game login method, device and computer readable storage medium |
| CN110765096A (en) * | 2018-07-27 | 2020-02-07 | 国信优易数据有限公司 | Information sharing method and device, and modeling method and device of information sharing model |
| CN109978441A (en) * | 2019-02-22 | 2019-07-05 | 天津五八到家科技有限公司 | Vehicle selection method, equipment and storage medium |
| CN110321935A (en) * | 2019-06-13 | 2019-10-11 | 上海上湖信息技术有限公司 | Business event relationship determines method and device, computer readable storage medium |
| CN110321935B (en) * | 2019-06-13 | 2022-03-15 | 上海上湖信息技术有限公司 | Method and device for determining business event relation and computer readable storage medium |
| CN111191218A (en) * | 2019-12-30 | 2020-05-22 | 江苏恒宝智能系统技术有限公司 | Authorization authentication method and device |
| CN111259358A (en) * | 2020-01-07 | 2020-06-09 | 数字广东网络建设有限公司 | Login method, login device, computer equipment and storage medium |
| CN111259358B (en) * | 2020-01-07 | 2022-09-06 | 数字广东网络建设有限公司 | Login method, login device, computer equipment and storage medium |
| CN111818034A (en) * | 2020-06-30 | 2020-10-23 | 中国工商银行股份有限公司 | Network access control method, device, electronic equipment and medium |
| CN112733113A (en) * | 2021-01-12 | 2021-04-30 | 中国工商银行股份有限公司 | Device authentication method, device, system, electronic device and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105100108B (en) | 2018-04-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105100108A (en) | Login authentication method, device and system based on face identification | |
| CN104902028A (en) | Onekey registration authentication method, device and system | |
| CN108804884B (en) | Identity authentication method, identity authentication device and computer storage medium | |
| US20210166241A1 (en) | Methods, apparatuses, storage mediums and terminal devices for authentication | |
| CN105141427A (en) | Login authentication method, device and system based on voiceprint recognition | |
| US8904509B2 (en) | Resource access based on multiple credentials | |
| US10027641B2 (en) | Method and apparatus of account login | |
| US9672523B2 (en) | Generating barcode and authenticating based on barcode | |
| US20170093851A1 (en) | Biometric authentication system | |
| JP7009839B2 (en) | Authentication system, authentication method and program | |
| CN105101205A (en) | One-click login authentication method, device and system | |
| CN104123485A (en) | Real-name system information binding method and device | |
| CN105072080A (en) | Information verification method, device and system | |
| CN105187412A (en) | Login authentication method, device and system based on gesture recognition | |
| CN108280369B (en) | Cloud document offline access system, intelligent terminal and method | |
| WO2018233110A1 (en) | Payment data verification method and device | |
| WO2015103970A1 (en) | Method, apparatus and system for authenticating user | |
| KR20150097138A (en) | Method for authenticating user based on fingerprint scan | |
| TWI584146B (en) | Login system and method based on face recognition | |
| WO2016206090A1 (en) | Two-factor authentication method, device and apparatus | |
| CN111541692B (en) | Identity verification method, system, device and equipment | |
| CN105701392B (en) | Information processing method and electronic equipment | |
| US9529984B2 (en) | System and method for verification of user identification based on multimedia content elements | |
| CN114710355A (en) | Login management method and system | |
| CN116670671A (en) | Authenticating a user based on expected behavior |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information |
Inventor after: Wu Hongsheng Inventor before: Wu Hongsheng Inventor before: Wu Yunbin |
|
| COR | Change of bibliographic data | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20170523 Address after: 510660, room 2, 388 central street, Huangcun village, Guangzhou, Guangdong, Tianhe District Applicant after: Guangzhou cipher technology Co., Ltd. Address before: 100000 Beijing city Chaoyang District South Mill Road No. 37 room 1701-1703 (Downtown North boring centralized Office District No. 177427) Applicant before: SECKEN, INC. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |