CN105100108B - A kind of login authentication method based on recognition of face, apparatus and system - Google Patents

A kind of login authentication method based on recognition of face, apparatus and system Download PDF

Info

Publication number
CN105100108B
CN105100108B CN201510507946.1A CN201510507946A CN105100108B CN 105100108 B CN105100108 B CN 105100108B CN 201510507946 A CN201510507946 A CN 201510507946A CN 105100108 B CN105100108 B CN 105100108B
Authority
CN
China
Prior art keywords
server
user
sent
authentication
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510507946.1A
Other languages
Chinese (zh)
Other versions
CN105100108A (en
Inventor
吴洪声
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou cipher technology Co., Ltd.
Original Assignee
Guangzhou Cipher Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Cipher Technology Co Ltd filed Critical Guangzhou Cipher Technology Co Ltd
Priority to CN201510507946.1A priority Critical patent/CN105100108B/en
Publication of CN105100108A publication Critical patent/CN105100108A/en
Application granted granted Critical
Publication of CN105100108B publication Critical patent/CN105100108B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Abstract

The invention discloses a kind of login authentication method based on recognition of face, wherein first server can be connected by network with mobile terminal, second server, the 3rd server, application server, and method includes step:User sends logging request after third-party application inputs account name and password, from application server to first server;Authentication information is sent to second server by first server, is verified by second server;Facial image by the facial image of mobile terminal collection user, and is returned to first server to mobile terminal by PUSH message, and facial image is verified by rear by second server, and application server is to first server polled certificate result.The invention also discloses the login authentication apparatus and system based on recognition of face accordingly.

Description

A kind of login authentication method based on recognition of face, apparatus and system
Technical field
The present invention relates to field of communication technology, especially a kind of login authentication method based on recognition of face, device and it is System.
Background technology
With the development of Internet technology, the safety certification problem of user in various applications also becomes a big focus, Particularly the authentication mode of some applications is complex at present, and user uses comparatively laborious.
In fact, at present user often open a different APP application will undergo cumbersome registration process could allow should Account is identified with side, in addition, input account name and password that the account being already registered for also must be cumbersome log in complete certification, Since user often forgets about various accounts and password, so it is all using same set of static to different APP applications to occur Account and password, but this general static account and cipher safety are extremely low, once stolen, the account of all APP applications Number and password all reveal completely, the property safety of user will be on the hazard.
For enterprise's angle, in the development teams of smart mobile phone APP applications, since each team will be to user's Account makees certification work, and development teams will take a significant amount of time the safety to account, a set of authentication system is made in certification, significantly Work efficiency is reduced, and during authentication system development, since the self-ability of different development teams is limited, very More team can not all ensure the safety of user account.
For this reason, in order to adapt to modern high technology, ensure user account safety, while simplify the operation of user, it is necessary to one The safe and simple login authentication mode of kind.
The content of the invention
For this reason, the present invention provides a kind of login authentication method based on recognition of face, apparatus and system, to try hard to solve or Person at least alleviates existing at least one problem above.
According to an aspect of the invention, there is provided a kind of login authentication method based on recognition of face, this method is Performed in one server, first server can by network and mobile terminal, second server, the 3rd server, using clothes Business device is connected, including step:Sent by application server, user is received to ask to log in the logging request of third-party application, it is raw Into event identifier, wherein logging request includes the authentication information with application identities, user identifier and auth type, wherein certification Type is recognition of face;Authentication information is sent to second server, user corresponding with user identifier is returned to by second server Cell-phone number;Push task is sent to the 3rd server, gives and uses so as to the message at the 3rd server push instruction display mandate interface The corresponding mobile terminal of family cell-phone number;Event identifier is sent to application server, and sends the certification request for including authentication information To mobile terminal;Receive the facial image of user being sent by mobile terminal, being collected on interface is authorized;And send bag The authentication information of facial image is included to second server, user identifier and auth type are returned to by second server, and associate use Family mark, event identifier and auth type, so that application server inquires about certification corresponding with user identifier according to event identifier As a result.
Alternatively, according to the present invention based in the login authentication method of recognition of face, authentication information is also comprising signature Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain Arrive.
Alternatively, authentication information according to the present invention based in the login authentication method of recognition of face, is being sent to second Server, is included by the step of second server return user mobile phone number corresponding with user identifier and auth type:Transmission is recognized Information is demonstrate,proved to second server, so that whether second server verification signing messages is correct;And if be verified, receive by The first verification message that two servers are sent, wherein, the first verification message includes user mobile phone number.
Alternatively, based in the login authentication method of recognition of face, step is being further included according to the present invention:Association user Cell-phone number and event identifier, to determine the request type of active user according to the associated event identifier of user mobile phone number.
Alternatively, based in the login authentication method of recognition of face, request is being included in push task according to the present invention Type.
Alternatively, according to the present invention based in the login authentication method of recognition of face, transmission includes facial image Authentication information is included to second server by the step of second server return user identifier:Send recognizing comprising facial image Information is demonstrate,proved to second server, so that whether second server verification facial image is correct;And if be verified, receive by The second verification message that two servers are sent, wherein the second verification message includes user identifier and auth type.
Alternatively, push task according to the present invention based in the login authentication method of recognition of face, is being sent to the 3rd Before the step of server, step is further included:Push verification is carried out to the 3rd server, if authentication failed, verification is sent and loses Message is lost to application server.
According to another aspect of the present invention, there is provided a kind of login authentication device based on recognition of face, device reside in In first server, first server can pass through network and mobile terminal, second server, the 3rd server, application service Device is connected, and device includes:Connection management unit, asks login third party should suitable for receiving sent by application server, user Logging request, and sent by mobile terminal, the facial image of user that is collected on interface is authorized, be further adapted for sending out Authentication information is sent to include face figure by the user mobile phone number and transmission of second server return to second server and reception The authentication information of picture is to second server and receives the user identifier returned by second server and auth type, sends event Identify to application server, send certification request to mobile terminal and transmission push task to the 3rd server, so as to the 3rd Server push instruction display authorizes the message at interface to give user mobile phone number corresponding mobile terminal, wherein logging request and certification Request all includes the authentication information with application identities, user identifier and auth type, and auth type is recognition of face, uses Family cell-phone number is corresponding with user identifier;Information generating unit, suitable for after logging request is received, generating event identifier;With And information association unit, suitable for association user mark, event identifier and auth type, so that application server is according to event identifier Inquiry authentication result corresponding with user identifier.
Alternatively, in the login authentication device based on recognition of face according to the present invention, authentication information is also comprising signature Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain Arrive.
Alternatively, in the login authentication device based on recognition of face according to the present invention, connection management unit is further adapted for Authentication information is sent to second server, verifies whether signing messages is correct by it, if being verified, receives the first verification and disappear Breath, it includes user mobile phone number corresponding with user identifier.
Alternatively, in the login authentication device based on recognition of face according to the present invention, information association unit is further adapted for Association user cell-phone number and event identifier, to determine the request class of active user according to the associated event identifier of user mobile phone number Type.
Alternatively, in the login authentication device based on recognition of face according to the present invention, request is included in push task Type.
Alternatively, in the login authentication device based on recognition of face according to the present invention, connection management unit is further adapted for The authentication information comprising facial image is sent to second server, verifies whether facial image is correct by it, if being verified, The second verification message is received, it includes user identifier and auth type.
Alternatively, in the login authentication device based on recognition of face according to the present invention, further include:Push verification is single Member, suitable for before push task is sent to the 3rd server, push verification is carried out to the 3rd server, if authentication failed, Authentication failed message is sent to application server.
According to another aspect of the present invention, there is provided another login authentication method based on recognition of face, method is Performed in two servers, second server can by network and mobile terminal, first server, the 3rd server, using clothes Business device is connected, including step:The first checking request that first server is sent is received, being included in the first checking request has application The authentication information of mark, user identifier and auth type, authentication information is sent by first server from application server, user Request logs in be obtained in the logging request of third-party application, and first server also generates and the associated event mark of logging request Know;Whether authentication verification information is correct, if being verified, returns to user mobile phone number corresponding with user identifier to first service Device, so that first server sends event identifier to application server and sends push task to the 3rd server, by the 3rd Server push instruction display authorizes the message at interface to give user mobile phone number corresponding mobile terminal;First server is received to send The second checking request, facial image is also included in the second checking request, wherein first server is sent comprising authentication information After certification request is to mobile terminal, the facial image of user being sent by mobile terminal, being collected on interface is authorized is received Afterwards, the second checking request is sent;And whether verification facial image is correct, if being verified, user identifier and certification class are returned to Type is to first server, by first server association user mark, event identifier and auth type, so as to application server according to Event identifier inquires about authentication result corresponding with user identifier.
Alternatively, according to the present invention based in the login authentication method of recognition of face, authentication information is also comprising signature Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain Arrive.
Alternatively, based in the login authentication method of recognition of face, asked according to the present invention receiving the first verification The step for asking rear authentication verification information whether correct includes:Verify whether signing messages is correct by Encryption Algorithm.
Alternatively, based in the login authentication method of recognition of face, asked according to the present invention receiving the second verification The step for asking rear identifier's face image whether correct includes:The characteristic information in facial image is extracted, with preset the user's Facial image feature templates are matched, and think that verification is correct if similarity is more than threshold value.
According to another aspect of the present invention, there is provided another login authentication device based on recognition of face, device are resident In second server, second server can by network and mobile terminal, first server, the 3rd server, using clothes Business device is connected, and device includes:Connection management unit, suitable for receiving the first checking request sent by first server, first tests Card request in include with application identities, user identifier and auth type authentication information, authentication information by first server from Application server is sent, user asks to obtain in the logging request of login third-party application, and first server is further adapted for giving birth to Into with the associated event identifier of logging request, when being verified return user mobile phone number to first server, so as to first service Device sends event identifier to application server and sends push task to the 3rd server, is indicated by the 3rd server push aobvious Show that the message for authorizing interface gives user mobile phone number corresponding mobile terminal, be further adapted for receiving and tested by the second of first server transmission Card request, include facial image in the second checking request, wherein first server send the certification request that includes authentication information to After mobile terminal, the facial image of user being sent by mobile terminal, being gathered on interface is authorized is received, sends the second verification Request, returns to user identifier and auth type to first server, by first server association user mark, thing when being verified Part identifies and auth type, so that application server inquires about authentication result corresponding with user identifier according to event identifier;And Information Authentication unit, it is whether correct suitable for authentication verification information and facial image.
Alternatively, in the login authentication device based on recognition of face according to the present invention, authentication information is also comprising signature Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain Arrive.
Alternatively, in the login authentication device based on recognition of face according to the present invention, Information Authentication unit is further adapted for Verify whether signing messages is correct by Encryption Algorithm.
Alternatively, in the login authentication device based on recognition of face according to the present invention, Information Authentication unit is further adapted for The characteristic information in facial image is extracted, is matched with the facial image feature templates of preset the user, if judging similar Degree then thinks that verification is correct more than threshold value.
According to another aspect of the present invention, there is provided a kind of accession authorization system based on recognition of face, system include: First server with the login authentication device based on recognition of face as described above;With as described above based on face knowledge The second server of other login authentication device;3rd server, suitable for pushing the PUSH message of first server to mobile whole End;The application server being connected with third-party application;And mobile terminal, disappeared suitable for analysis by the push of the 3rd server push Breath, and certification request is obtained to first server, and the facial image of the user gathered on mandate interface is sent in first Server.
Login authentication scheme based on recognition of face according to the present invention, the safety of user account is ensured by re-authentication Property, especially when user needs to complete payment transaction when sensitive operation, logged in by the way of recognition of face come certification;Into one Step ground, is communicated between first server and application server by user identifier, so first server will not obtain use Account information of the family in third-party application, has further ensured the account number safety of user.
Brief description of the drawings
In order to realize above-mentioned and related purpose, some illustrative sides are described herein in conjunction with following description and attached drawing Face, these aspects indicate the various modes that can put into practice principles disclosed herein, and all aspects and its equivalent aspect It is intended to fall under in the range of theme claimed.Read following detailed description in conjunction with the accompanying drawings, the disclosure it is above-mentioned And other purposes, feature and advantage will be apparent.Throughout the disclosure, identical reference numeral generally refers to identical Component or element.
Fig. 1 shows the construction block diagram of the mobile terminal 100 of an illustrative embodiments according to the present invention;
Fig. 2 shows the schematic diagram of the accession authorization system 200 according to an embodiment of the invention based on recognition of face;
Fig. 3 shows the flow chart of the login authentication method 300 according to an embodiment of the invention based on recognition of face;
Fig. 4 shows the schematic diagram of the login authentication device 400 according to an embodiment of the invention based on recognition of face;
Fig. 5 shows the flow of the login authentication method 500 in accordance with another embodiment of the present invention based on recognition of face Figure;
Fig. 6 shows the signal of the login authentication device 600 in accordance with another embodiment of the present invention based on recognition of face Figure;
Fig. 7 A show that third party website according to an embodiment of the invention shows the interface schematic diagram of logging request;With And
Fig. 7 B show the interface signal that collection facial image is shown on mobile terminal according to an embodiment of the invention Figure.
Embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here Limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure Completely it is communicated to those skilled in the art.
Fig. 1 is 100 organigram of mobile terminal according to an embodiment of the invention.With reference to Fig. 1, mobile terminal 100 include:Memory interface 102, one or more data processor, image processor and/or central processing unit 104, with And peripheral interface 106.Memory interface 102, one or more processors 104 and/or peripheral interface 106 are either discrete member Part, can also be integrated in one or more integrated circuits.In the mobile terminal 100, various elements can pass through one or more Bar communication bus or signal wire couple.Sensor, equipment and subsystem may be coupled to peripheral interface 106, to help reality Existing multiple functions.For example, motion sensor 110, optical sensor 112 and range sensor 114 may be coupled to peripheral interface 106, to facilitate the functions such as orientation, illumination and ranging.Other sensors 116 can equally be connected with peripheral interface 106, such as fixed Position system (such as GPS receiver), temperature sensor, biometric sensor or other sensor devices, it is possible thereby to help reality Apply relevant function.
Camera sub-system 120 and optical sensor 122 can be used for the camera of convenient such as recording photograph and video clipping The realization of function, wherein the camera sub-system and optical sensor for example can be charge coupling device (CCD) or complementary gold Belong to oxide semiconductor (CMOS) optical sensor.It can help to realize by one or more radio communication subsystems 124 Communication function, wherein radio communication subsystem can include radio-frequency transmitter and transmitter and/or light (such as infrared) receiver And transmitter.The particular design and embodiment of radio communication subsystem 124 can depend on mobile terminal 100 is supported one A or multiple communication networks.For example, mobile terminal 100 can include being designed to support GSM network, GPRS network, EDGE nets The communication subsystem 124 of network, Wi-Fi or WiMax network and BlueboothTM networks.Audio subsystem 126 can be with raising one's voice Device 128 and microphone 130 are coupled, to help to implement the function of enabling voice, such as speech recognition, speech reproduction, number Word records and telephony feature.
I/O subsystems 140 can include touch screen controller 142 and/or other one or more input controllers 144. Touch screen controller 142 may be coupled to touch-screen 146.For example, the touch-screen 146 and touch screen controller 142 can be with The contact carried out therewith and movement or pause are detected using any one of a variety of touch-sensing technologies, wherein sensing skill Art includes but is not limited to capacitive character, resistive, infrared and surface acoustic wave technique.Other one or more input controllers 144 May be coupled to other input/control devicess 148, for example, one or more buttons, rocker switch, thumb wheel, infrared port, The pointer device of USB port, and/or stylus etc.One or more of button (not shown)s can include being used to control The up/down button of 130 volume of loudspeaker 128 and/or microphone.
Memory interface 102 can be coupled with memory 150.The memory 150 can be deposited including high random access Reservoir and/or nonvolatile memory, such as one or more disk storage equipments, one or more optical storage apparatus, and/ Or flash memories (such as NAND, NOR).Memory 150 can store an operating system 152, for example, Android, IOS or The operating system of Windows Phone etc.The operating system 152 can include being used to handle basic system services and execution Instruction dependent on the task of hardware.Memory 150 can also be stored using 154.These applications in operation, can be from memory 150 are loaded on processor 104, and are run on the operating system run via processor 104, and utilize operating system And the interface that bottom hardware provides realizes the desired function of various users, such as instant messaging, web page browsing, pictures management. Using can be independently of operating system offer or operating system carries.
According to one embodiment of present invention, there is provided a kind of movement with the login authentication based on recognition of face Terminal 100, can be by arranging that the client application with the login authentication based on recognition of face realizes the function, the visitor Family end application memory is in application 154.
Fig. 2 shows the accession authorization system 200 according to an embodiment of the invention based on recognition of face.The system 200 include mobile terminal 100, first server 210, second server 220, the 3rd server 230 and application server 240, server for example can be the remote cloud server for being physically located at one or more places, and the said equipment passes through network phase Connect.According to one embodiment of present invention, the said equipment can be bound by way of scanning the two-dimensional code.And the Three servers 230 have an APN pushing modules, for example, the APN pushing modules contain based on iOS, Android, The push of WindowsPhone;Application server 240 is used as third-party server, is connected with third-party application.
The workflow of the accession authorization system 200 based on recognition of face is described in detail below.User is in third party Using upper input account name and password, selection confirms, as shown in Figure 7 A.In response to the logging request of user, third-party application life First server 210 is sent to by application server 240 into login request message.According to embodiment of the present invention, Included in the login request message:Application identities, user identifier, auth type and signing messages.One according to the present invention Embodiment, authentication information is referred to as by application identities, user identifier and auth type.Wherein application identities are used to uniquely identify The identity of the application;Auth type is to determine the type of this login authentication, and according to certain embodiments, auth type can wrap Can be iris recognition, fingerprint even more meticulously containing modes such as recognition of face, gesture identification, Application on Voiceprint Recognition, key logins The living things feature recognition modes such as identification, in embodiments of the present invention, auth type refers to recognition of face;Signing messages is to certification The transmission data that information includes including application identities, user identifier and auth type are encrypted what algorithm obtained, in order to protect The interaction safety of card system, all transmission data are required for calculating that a signing messages is subsidiary to ask by special algorithm In.According to one embodiment of present invention, the generation principle of signing messages is:Interface parameters outside signing messages is pressed into parameter After name dictionary sequence, character string is spliced into by following form:
1 $ parameter name 2=$ parameter value 2... $ parameter name n=$ parameter value n $ app_key of $ parameter name 1=$ parameter values
Wherein, app_key is signed to request each time, to ensure the security of data.The word that will have been spelled again Symbol string uses md5 encryption.
For example, it is assumed that when certain is once interacted, the data of transmission have:
$ app_id='Fqlw4Z2KCqHzvw3YN0eUpM9KgTQ47iWf';// application identities
$ app_key='qms7LwYXgw3FbnVdwYyA';// application signature
$ uid='2384249';// user identifier
$ auth_type='3';// auth type, such as it is recognition of face to represent auth type with 3
In addition to signing messages, there is the other three parameter:Application identities app_id, user identifier uid and auth type Auth_type, sorts by parameter name dictionary, and app_id is preceding, and auth_type second, uid are rear, then splicing character string:
' app_id='. $ app_id.'auth_type='. $ auth_type.'uid='. $ uid. $ app_key
Then, the character string of splicing is encrypted using MD5, has just obtained signing messages:
Md5 (' app_id='. $ app_id.'auth_type='. $ auth_type.'uid='. $ uid. $ app_ key)
It is worth noting that, the account name (such as username) of third-party application is prestored in application server 240 With the mapping relations between user identifier (such as uid), in this way, when user inputs username and password on third-party application Afterwards, application server 240 searches its corresponding user identifier automatically, and user identifier is sent together with login request message To first server 210, subsequent step is completed.That is, first server 210 will not obtain user in third-party application Account information, communicated between first server 210 and application server 240 by user identifier, further ensure User account safety.
When first server 210 receives logging request, event identifier is generated.Event identifier is for identifying each time Request event, according to one embodiment, after event identifier is obtained, can obtain thing by calling/v1/event_result The corresponding event result of part mark.
The authentication information received is sent to second server 220 by first server 210, whether verifies the authentication information Correctly, if being verified, the first verification message is sent to first server 210.Similarly, can also be attached in the authentication information There is signing messages, second server 220 docks received encrypted authentication information using same md5 encryption algorithm and obtains a label Name information, then contrasted with the signing messages received, if two signing messages are consistent, then be verified, transmission includes User mobile phone number and the first verification message of auth type are to first server 210, and user mobile phone number is with user identifier It is corresponding.It is user's mark for example, user mobile phone number is combined to obtain a character string with application identities by certain rule Know.In the present invention, it is not restricted to calculating user mobile phone number and the method for user identifier correspondence.
First server 210 is after user mobile phone number is obtained, on the one hand, it is corresponding to inquire about user mobile phone number in the database The mobile terminal logged in online, mobile phone, Pad etc., then first server 210 information of the mobile terminal inquired is write Enter push task, push task is then sent to the 3rd server 230.For example, it is mobile whole to prestore in first server 210 The device id at end, it is possible to by the device id write-in push task of online mobile terminal;On the other hand, by user mobile phone number with Event identifier is associated, and as described above, event identifier can identify the request type of this request event, then, root According to incidence relation, it is possible to determine the request type of active user.
According to an embodiment, first server 210, be to before push task is sent to the 3rd server 230 3rd server carries out push verification, to ensure subsequently to push successfully.If authentication failed, send authentication failed message and taken to application Business device 240.
After 3rd server 230 receives push task, PUSH message is pushed to by corresponding shifting by APN pushing modules Dynamic terminal 100.According to one embodiment, PUSH message includes 3 kinds:Verification message, user gesture change message and other disappear Breath.Considered for propelling data security, the type of push is only carried in PUSH message, without specific data.Example Such as, the type of PUSH message can be:Whether consenting user logging request, kick out of user to login page and display push away Send message.In the present invention, the type of PUSH message is not limited, can be determined according to the demand of third-party application Justice.As described above, APN pushing modules contain the push based on iOS, Android, WindowsPhone, it is pushed The code of message is as follows:
iOS:
Android:
// use homing pigeon SDK
PushSingleDevice(data.did,msg,xinge.XingeApp.ENV_DEV)
WindowsPhone:
Headers=' ContentType':'text/xml','X-WindowsPhone-Target':'toast',' X-NotificationClass':' 2'} // setting connection WindowsPhone push message formats
Headers [' ContentLength']=len (msg) // setting PUSH message length
R=requests.post (data.did, headers=headers, data=msg) // PUSH message
Also, first server 210 can also send event identifier to application server 240.Mobile terminal 100 receives After stating PUSH message, the type of PUSH message is analyzed, for example current push-type can be:Whether agreement logs in, mobile terminal 100 get the certification request of the transmission of first server 210, then show and authorize interface, are equally contained in the certification request Authentication information.Mobile terminal 100 can call camera sub-system 120 at this time, and collection user's face figure is shown on interface is authorized The mark of picture, as shown in Figure 7 B.When user is in the coverage of mobile terminal, camera sub-system 120 can be searched for automatically And the facial image of user is photographed, then, which is sent to first server 210 by mobile terminal 100.First clothes Device 210 be engaged in after facial image is received, the authentication information with facial image can be sent to second server 220, verifies Whether the facial image is correct, if being verified, sends the second verification message to first server 210.According to the present invention Embodiment, second server 220 verify whether facial image can correctly be divided into detection human face region, face image is located in advance Reason, 4 step of face image feature extraction and images match.First, human face region is detected according to the facial image collected, obtained Face image, i.e., accurate calibration goes out position and the size of face in the picture.In some embodiments, human face region is detected Belong to the preprocessing process of recognition of face, the present invention is not limited this.Then face image is pre-processed, the pretreatment Process is namely based on Face datection as a result, being handled face image and finally serving the process of feature extraction.Due to adopting The image collected may be subject to limitation and the random disturbances of various conditions, tend not to directly use, it is necessary to first carry out it The image preprocessings such as gray correction, noise filtering.For face image, its preprocessing process mainly includes facial image Light compensation, greyscale transformation, histogram equalization, normalization, geometric correction, filtering and sharpening etc..Following face is special Sign extraction is exactly that the process of feature modeling is carried out to face.Face is locally made of eyes, nose, mouth, chin etc., to these Local and structural relation between them geometric description, can be referred to as geometry as the key character of identification face, these features Feature.After extracting the characteristic in face image, matched with the feature templates of preset the user, calculate it is similar Degree, when similarity is more than threshold value, then it is assumed that successful match, is verified.If being verified, user identifier is returned to first Server 210.According to one embodiment of present invention, user is required prior typing face image, passes through identical processing side Method, obtains preset facial image feature templates, and is stored in second server, for being completed in this step to user's facial image Verification., can be with it should be noted that can not also be completed for the verification process of facial image in second server 220 Arrangement one is stored with facial image feature templates, when second dedicated for facial image identification and matched background server After server 220 receives facial image, the background server is sent it to, by the process of its completion verification, verification is tied Fruit returns to second server 220.In addition, the identification and matching for facial image have had the algorithm of many comparative maturities Refer to, the present invention is not intended to limit specifically verifies whether facial image is correct using which kind of algorithm.
After first server 210 receives the user identifier of return, the user's mark is associated into foundation with auth type and is reflected Relation is penetrated, based on description before, user mobile phone number can be drawn according to user identifier, therefore, stored in first server Contingency table on user mobile phone number, event identifier and auth type.Application server 240 can basis at predetermined time intervals Event identifier is to 210 query event of first server as a result, and being obtained according to the mapping relations between user identifier and event identifier To the corresponding user identifier of the event result, due to prestoring user identifier and third-party application account in application server 240 The mapping relations of name in an account book, so, application server 240 has finally just obtained the result that active user asks login authentication.So far, User asks the operation of login authentication just to complete.
Login authentication scheme based on recognition of face according to the present invention, the safety of user account is ensured by re-authentication Property, especially when user needs to complete payment transaction when sensitive operation, logged in by the way of recognition of face come certification;Into one Step ground, is communicated between first server and application server by user identifier, so first server will not obtain use Account information of the family in third-party application, has further ensured the account number safety of user.
Fig. 3 shows the flow chart of the login authentication method 300 according to an embodiment of the invention based on recognition of face. This method performs in first server 210, and first server 210 can pass through network and mobile terminal 100, second server 220th, the 3rd server 230, application server 240 are connected, and this method starts from step S310, receives and is sent out by application server 240 Send, user asks to log in the logging request of third-party application, generates event identifier, and wherein logging request, which includes, has application mark The authentication information of knowledge, user identifier and auth type.According to one embodiment of present invention, authentication information also includes A.L.S. Breath, according to the description of Fig. 2, signing messages be to the transmission data including application identities, user identifier and auth type into Row Encryption Algorithm obtains.According to an embodiment of the invention, auth type is recognition of face.
Then in step s 320, authentication information is sent to second server 220, is returned and is used by second server 220 Family identifies corresponding user mobile phone number, and association user cell-phone number and event identifier, so as to associated according to user mobile phone number Event identifier determines the request type of active user.Specifically, authentication information is sent to second server 220, so as to the second clothes Business device 220 verifies whether signing messages is correct;If being verified, the first verification message sent by second server 220 is received, Wherein, the first verification message includes user mobile phone number.
Then in step S330, push task is sent to the 3rd server 230, so that the push of the 3rd server 230 refers to Show that display authorizes the message at interface to give user mobile phone number corresponding mobile terminal 100.According to one embodiment of present invention, push Request type is included in task.It should be noted that in order to ensure push task can be pushed smoothly, push task is being sent to the Before three servers 230, first server 210 first can carry out push verification to the 3rd server, if authentication failed, transmission is tested Failed message is demonstrate,proved to application server 240.
Then in step S340, event identifier is sent to application server 240, and send the certification for including authentication information Ask to mobile terminal 100.
Then in step S350, the face of user being sent by mobile terminal, being collected on interface is authorized is received Image.
Then in step S360, the authentication information comprising facial image is sent to second server 220, by second service Device 220 returns to user identifier and auth type, and association user mark, event identifier and auth type, so as to application server 240 inquire about authentication result corresponding with user identifier according to event identifier.
Fig. 4 shows the schematic diagram of the login authentication device 400 according to an embodiment of the invention based on recognition of face. The device 400 is resided in first server 210, and first server 210 can be taken by network and mobile terminal 100, second Being engaged in, device 220, the 3rd server 230, application server 240 are connected, which includes:Connection management unit 410, information life Into unit 420 and information association unit 430.
Connection management unit 410 is suitable for receiving sending, user's request login third-party application by application server 240 Logging request.Information generating unit 420 is suitable for after logging request is received, and generates event identifier.One according to the present invention Embodiment, logging request includes the authentication information with application identities, user identifier and auth type, and authentication information also wraps Containing signing messages, signing messages is that the transmission data including application identities, user identifier and auth type are encrypted What algorithm obtained.According to the embodiment of the present invention, auth type is exactly recognition of face.
Connection management unit 410 is further adapted for sending authentication information to second server 220, and whether signing messages is verified by it Correctly, if being verified, the verification message of first comprising user mobile phone number returned by second server 220 is received, and User mobile phone number is corresponding with user identifier.Information association unit 430 is suitable for association the user's cell-phone number and event identifier, by upper State and understand, according to user mobile phone number and the mapping relations of event identifier, it may be determined that the request type of active user.
Then connection management unit 410 sends push task to the 3rd server 230, so that the 3rd server 230 pushes Indicate that display authorizes the message at interface to give user mobile phone number corresponding mobile terminal 100.Such as the description of Fig. 2, wrapped in push task Containing request type.According to one embodiment of present invention, which can also include a push authentication unit 440, be suitable for Before push task is sent to the 3rd server 230, push verification is carried out to the 3rd server 230, if authentication failed, is sent out Authentication failed message is sent to application server 240.Connection management unit 410 retransmits event identifier after push task is sent To application server 240 and certification request is sent to mobile terminal 100.Similarly, which also includes certification letter Breath.
When connection management unit 410 is received by the people of the user sending, being gathered on interface is authorized of mobile terminal 100 During face image, send again and include above-mentioned facial image authentication information to second server 220 and receive by second server 220 user identifiers returned and auth type.Information association unit is suitable for association user mark, event identifier and auth type, So that application server 240 inquires about authentication result corresponding with user identifier according to event identifier.
Fig. 5 shows the flow of the login authentication method 500 in accordance with another embodiment of the present invention based on recognition of face Figure.The method performs in second server 220, and second server 220 can pass through network and mobile terminal 100, first Server 210, the 3rd server 230, application server 240 are connected.This method starts from step S510, receives first server 210 the first checking requests sent, the certification with application identities, user identifier and auth type is included in the first checking request Information, and authentication information by first server 210 from application server 240 is sending, user asks to log in third-party application Logging request in obtain, according to one embodiment, authentication information also includes signing messages, and signing messages is to being marked including application Know, the transmission data including user identifier and auth type are encrypted what algorithm obtained.According to the embodiment of the present invention, recognize It is exactly recognition of face to demonstrate,prove type.In addition, first server 210 also generates and the associated event identifier of logging request.
Then in step S520, verify whether above-mentioned authentication information is correct, if being verified, return and user identifier pair The user mobile phone number answered to first server 210, so as to first server 210 send event identifier to application server 240 with And push task is sent to the 3rd server 230, instruction display is pushed by the 3rd server 230 and authorizes the message at interface to user The corresponding mobile terminal 100 of cell-phone number.For the verification step of authentication information, consistent with Fig. 2 descriptions, details are not described herein again.
Then in step S530, the second checking request that first server 210 is sent is received, in the second checking request Comprising authentication information, also comprising facial image.According to a kind of embodiment, authentication information is included when first server 210 is sent Certification request to mobile terminal 100 after, receive by mobile terminal 100 is sending, user that collected on interface is authorized After facial image, above-mentioned second checking request is sent.
Then in step S540, whether verification facial image is correct, if being verified, returns to user identifier to the first clothes Business device 210, by 210 association user of first server mark, event identifier and auth type, so as to 240 basis of application server Event identifier inquires about testimony of a witness result corresponding with user identifier.Equally, the step of verifying facial image, no longer does and retouches in detail herein State.
Fig. 6 shows the signal of the login authentication device 600 in accordance with another embodiment of the present invention based on recognition of face Figure.The device is resided in second server 220, which can pass through network and mobile terminal 100, first Server 210, the 3rd server 230, application server 240 are connected, and device 600 includes:Connection management unit 610 and information are tested Demonstrate,prove unit 620.
Connection management unit 610 is suitable for receiving the first checking request sent by first server 210, the first checking request In include the authentication information with application identities, user identifier and auth type, the authentication information is by first server from application Server is sent, user asks to obtain in the logging request of login third-party application, and the first server 210 is further adapted for Generation and the associated event identifier of logging request.
Information Authentication unit 620 is suitable for verifying whether above-mentioned authentication information is correct when receiving the first checking request.Test User mobile phone number is returned to first server 210 by connection management unit 610 when card passes through, so that first server 210 is sent Event identifier is to application server 240 and sends push task to the 3rd server 230, is referred to by the push of the 3rd server 230 Show that display authorizes the message at interface to give user mobile phone number corresponding mobile terminal 100.
Connection management unit 610 is further adapted for receiving the second checking request sent by first server 210, and the second verification please Authentication information and facial image are included in asking.One embodiment according to the present invention, first server 210 send and include authentication information Certification request to mobile terminal 100 after, receive by mobile terminal 100 is sending, the people of user that gathered on interface is authorized After face image, above-mentioned second checking request is sent.
Information Authentication unit 620 is suitable for verifying whether above-mentioned facial image is correct when receiving the second checking request.Test Card by when return to user identifier and auth type (namely recognition of face) and give first server 210, by first server 210 Association user mark, event identifier and auth type, so that application server 240 is according to event identifier inquiry and user identifier pair The authentication result answered.
According to one embodiment of present invention, Information Authentication unit 620 be by including application identities, user identifier and After transmission data including auth type are encrypted, to verify whether signing messages is correct, illustrate authentication information if correct Correctly, it is verified.
On the other hand, Information Authentication unit 620 docks received facial image and preset people by face recognition algorithms Face image feature templates income matches, and calculates its similarity, thinks to be verified if similarity is more than threshold value.Specific algorithm Introduction refers to the description section based on Fig. 2 in this specification.
It should be appreciated that in order to simplify the disclosure and help to understand one or more of each inventive aspect, it is right above The present invention exemplary embodiment description in, each feature of the invention be grouped together into sometimes single embodiment, figure or In person's descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. claimed hair The bright feature more features required than being expressly recited in each claim.More precisely, as the following claims As book reflects, inventive aspect is all features less than single embodiment disclosed above.Therefore, it then follows specific real Thus the claims for applying mode are expressly incorporated in the embodiment, wherein each claim is used as this hair in itself Bright separate embodiments.
Those skilled in the art should understand that the module or unit or group of the equipment in example disclosed herein Part can be arranged in equipment as depicted in this embodiment, or alternatively can be positioned at and the equipment in the example In different one or more equipment.Module in aforementioned exemplary can be combined as a module or be segmented into addition multiple Submodule.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or Sub-component.In addition at least some in such feature and/or process or unit exclude each other, it can use any Combination is disclosed to all features disclosed in this specification (including adjoint claim, summary and attached drawing) and so to appoint Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power Profit requires, summary and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation Replace.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed One of meaning mode can use in any combination.
In addition, be described as herein can be by the processor of computer system or by performing for some in the embodiment The method or the combination of method element that other devices of the function are implemented.Therefore, have and be used to implement the method or method The processor of the necessary instruction of element forms the device for being used for implementing this method or method element.In addition, device embodiment Element described in this is the example of following device:The device is used to implement as in order to performed by implementing the element of the purpose of the invention Function.
As used in this, unless specifically stated, come using ordinal number " first ", " second ", " the 3rd " etc. Description plain objects are merely representative of the different instances for being related to similar object, and are not intended to imply that the object being so described must Must have the time it is upper, spatially, in terms of sequence or given order in any other manner.
Although according to the embodiment of limited quantity, the invention has been described, benefits from above description, the art It is interior it is clear for the skilled person that in the scope of the present invention thus described, it can be envisaged that other embodiments.Additionally, it should be noted that The language that is used in this specification primarily to readable and teaching purpose and select, rather than in order to explain or limit Determine subject of the present invention and select.Therefore, in the case of without departing from the scope and spirit of the appended claims, for this Many modifications and changes will be apparent from for the those of ordinary skill of technical field.For the scope of the present invention, to this The done disclosure of invention is illustrative and not restrictive, and it is intended that the scope of the present invention be defined by the claims appended hereto.

Claims (23)

1. a kind of login authentication method based on recognition of face, the method perform in first server, the first service Device can be connected by network with mobile terminal, second server, the 3rd server, application server, and the described method includes step Suddenly:
Receive sent by application server, user to ask to log in the logging request of third-party application, generate event identifier, wherein The logging request includes the authentication information with application identities, user identifier and auth type, wherein the auth type is Recognition of face;
The authentication information is sent to second server, user mobile phone number corresponding with user identifier is returned to by second server;
Push task is sent to the 3rd server, so that the 3rd server push indicates that display authorizes the message at interface to give user's hand The corresponding mobile terminal of machine number;
The event identifier is sent to application server, and sends the certification request comprising authentication information to mobile terminal;
Receive the facial image of user being sent by mobile terminal, being collected on interface is authorized;And
The authentication information for including facial image is sent to second server, user identifier and certification class are returned to by second server Type, and the user identifier, event identifier and auth type are associated, so that application server is according to event identifier inquiry and user Identify corresponding authentication result.
2. the method for claim 1, wherein the authentication information also includes signing messages, the signing messages is pair Transmission data including application identities, user identifier and auth type are encrypted what algorithm obtained.
3. method as claimed in claim 2, wherein the transmission authentication information is returned to second server by second server The step of user mobile phone number corresponding with user identifier, includes:
Authentication information is sent to second server, so that second server verifies whether the signing messages is correct;And
If being verified, the first verification message sent by second server is received, wherein, the first verification message, which includes, to be used Family cell-phone number.
4. method as claimed in claim 3, further includes step:
Association user cell-phone number and event identifier, to determine asking for active user according to the associated event identifier of user mobile phone number Seek type.
5. method as claimed in claim 4, wherein, request type is included in the push task.
6. method as claimed in claim 5, wherein described send includes the authentication information of facial image to second server, by The step of second server return user identifier and auth type, includes:
The authentication information comprising facial image is sent to second server, so that whether second server verifies the facial image Correctly;And
If being verified, the second verification message sent by second server is received, wherein the second verification message is included and used Family identifies and auth type.
7. such as the method any one of claim 1-6, wherein, the step of transmission push task is to three servers Before, step is further included:
Push verification is carried out to the 3rd server, if authentication failed, sends authentication failed message to application server.
8. a kind of login authentication device based on recognition of face, described device are resided in first server, the first service Device can be connected by network with mobile terminal, second server, the 3rd server, application server, and described device includes:
Connection management unit, asks to log in the logging request of third-party application suitable for receiving sent by application server, user, And sent by mobile terminal, the facial image of user that is collected on interface is authorized,
It is further adapted for sending authentication information to second server and receives the user mobile phone number returned by second server, Yi Jifa The authentication information including facial image is sent to second server and receives the user identifier and certification class returned by second server Type, sends event identifier and is serviced to application server, transmission certification request to mobile terminal and transmission push task to the 3rd Device, so that the 3rd server push indicates that display authorizes the message at interface to give user mobile phone number corresponding mobile terminal,
Wherein described logging request and certification request all include the certification with application identities, user identifier and auth type and believe Breath, and the auth type is recognition of face, and user mobile phone number is corresponding with user identifier;
Information generating unit, suitable for after logging request is received, generating event identifier;And
Information association unit, suitable for associating user identifier, event identifier and the auth type, so that application server is according to thing Part mark inquires about authentication result corresponding with user identifier.
9. device as claimed in claim 8, wherein,
The authentication information also includes signing messages, and the signing messages is to including application identities, user identifier and certification class Transmission data including type are encrypted what algorithm obtained.
10. device as claimed in claim 9, wherein,
The connection management unit is further adapted for sending authentication information to second server, and whether just the signing messages is verified by it Really, if being verified, the first verification message is received, it includes user mobile phone number corresponding with user identifier.
11. device as claimed in claim 10, wherein,
Described information associative cell is further adapted for association user cell-phone number and event identifier, so as to according to the associated thing of user mobile phone number Part mark determines the request type of active user.
12. device as claimed in claim 11, wherein, request type is included in the push task.
13. device as claimed in claim 12, wherein,
The connection management unit is further adapted for sending the authentication information comprising facial image to second server, as described in its verification Whether facial image is correct, if being verified, receives the second verification message, it includes user identifier and auth type.
14. device as claimed in claim 13, further includes:
Authentication unit is pushed, suitable for before push task is sent to the 3rd server, push verification is carried out to the 3rd server, If authentication failed, authentication failed message is sent to application server.
15. a kind of login authentication method based on recognition of face, the method perform in second server, the second service Device can be connected by network with mobile terminal, first server, the 3rd server, application server, and the described method includes step Suddenly:
The first checking request that first server is sent is received, is included in first checking request with application identities, user The authentication information of mark and auth type, the authentication information is sent by first server from application server, user's request Log in and obtained in the logging request of third-party application, and the first server also generates and the associated event mark of logging request Know;
Verify whether the authentication information is correct, if being verified, return to user mobile phone number corresponding with user identifier to first Server, so that first server sends the event identifier to application server and sends push task to the 3rd service Device, indicates that display authorizes the message at interface to give user mobile phone number corresponding mobile terminal by the 3rd server push;
The second checking request that first server is sent is received, facial image, wherein institute are also included in second checking request State first server send comprising authentication information certification request to mobile terminal after, receive by mobile terminal send, awarding After the facial image of the user collected on power interface, second checking request is sent;And
Verify whether the facial image is correct, if being verified, return to user identifier and auth type gives the first service Device, associates the user identifier, event identifier and auth type, so that application server is according to event identifier by first server Inquiry authentication result corresponding with user identifier.
16. method as claimed in claim 15, wherein, the authentication information also includes signing messages, and the signing messages is What algorithm obtained is encrypted to the transmission data including application identities, user identifier and auth type.
17. the method described in claim 16, wherein, whether authentication verification information is correct after the first checking request is received The step of include:
Verify whether signing messages is correct by the Encryption Algorithm.
18. such as the method any one of claim 15-17, wherein, identifier's face after the second checking request is received The whether correct step of image includes:
The characteristic information in facial image is extracted, is matched with the facial image feature templates of preset the user, if similar Degree then thinks that verification is correct more than threshold value.
19. a kind of login authentication device based on recognition of face, described device are resided in second server, the second service Device can be connected by network with mobile terminal, first server, the 3rd server, application server, and described device includes:
Connection management unit, suitable for receiving the first checking request sent by first server, is wrapped in first checking request Containing the authentication information with application identities, user identifier and auth type, the authentication information is taken by first server from application Business device is sent, user asks to obtain in the logging request of login third-party application, and the first server is further adapted for generating With the associated event identifier of logging request, user mobile phone number is returned when being verified and gives the first server, so as to the first clothes Device transmission event identifier of being engaged in is to application server and sends push task to the 3rd server, is indicated by the 3rd server push Display authorizes the message at interface to give user mobile phone number corresponding mobile terminal,
It is further adapted for receiving the second checking request sent by first server, facial image is included in second checking request, After wherein described first server sends the certification request comprising authentication information to mobile terminal, receive and sent by mobile terminal , the facial image of user gathered on interface is authorized, send second checking request, user's mark returned when being verified Know and auth type is to first server, the user identifier, event identifier and auth type are associated by first server, so as to Application server inquires about authentication result corresponding with user identifier according to event identifier;And
Information Authentication unit, suitable for verifying whether the authentication information and facial image are correct.
20. device as claimed in claim 19, wherein, the authentication information also includes signing messages, and the signing messages is What algorithm obtained is encrypted to the transmission data including application identities, user identifier and auth type.
21. device as claimed in claim 20, wherein,
Described information authentication unit is further adapted for verifying whether signing messages is correct by Encryption Algorithm.
22. device as claimed in claim 21, wherein,
Described information authentication unit is further adapted for extracting the characteristic information in facial image, special with the facial image of preset the user Sign template is matched, and thinks that verification is correct if judging that similarity is more than threshold value.
23. a kind of accession authorization system based on recognition of face, the system comprises:
First server with the login authentication device based on recognition of face as any one of claim 8-14;
Second server with the login authentication device based on recognition of face as any one of claim 19-22;
3rd server, suitable for pushing the PUSH message of first server to mobile terminal;
The application server being connected with third-party application;And
Mobile terminal, suitable for analyzing the PUSH message by the 3rd server push, and obtains certification request to first server, with And the facial image of the user gathered on mandate interface is sent in first server.
CN201510507946.1A 2015-08-18 2015-08-18 A kind of login authentication method based on recognition of face, apparatus and system Active CN105100108B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510507946.1A CN105100108B (en) 2015-08-18 2015-08-18 A kind of login authentication method based on recognition of face, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510507946.1A CN105100108B (en) 2015-08-18 2015-08-18 A kind of login authentication method based on recognition of face, apparatus and system

Publications (2)

Publication Number Publication Date
CN105100108A CN105100108A (en) 2015-11-25
CN105100108B true CN105100108B (en) 2018-04-13

Family

ID=54579653

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510507946.1A Active CN105100108B (en) 2015-08-18 2015-08-18 A kind of login authentication method based on recognition of face, apparatus and system

Country Status (1)

Country Link
CN (1) CN105100108B (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106878017B (en) * 2015-12-14 2020-02-28 中国电信股份有限公司 Method, user terminal, website server and system for network identity authentication
JP6677117B2 (en) * 2016-07-25 2020-04-08 富士ゼロックス株式会社 Image processing apparatus, image processing system, and image processing program
CN106921655B (en) * 2017-01-26 2021-01-29 华为技术有限公司 Service authorization method and device
CN107462297A (en) * 2017-07-13 2017-12-12 刘金华 A kind of intellectual water meter and its control system based on Internet of Things
CN107808082B (en) * 2017-10-13 2021-08-24 平安科技(深圳)有限公司 Electronic device, data access verification method, and computer-readable storage medium
CN108992926A (en) * 2018-06-15 2018-12-14 广州市点格网络科技有限公司 Based on recognition of face game login method, device and computer readable storage medium
CN110765096A (en) * 2018-07-27 2020-02-07 国信优易数据有限公司 Information sharing method and device, and modeling method and device of information sharing model
CN109978441A (en) * 2019-02-22 2019-07-05 天津五八到家科技有限公司 Vehicle selection method, equipment and storage medium
CN110321935B (en) * 2019-06-13 2022-03-15 上海上湖信息技术有限公司 Method and device for determining business event relation and computer readable storage medium
CN111191218A (en) * 2019-12-30 2020-05-22 江苏恒宝智能系统技术有限公司 Authorization authentication method and device
CN111259358B (en) * 2020-01-07 2022-09-06 数字广东网络建设有限公司 Login method, login device, computer equipment and storage medium
CN111818034A (en) * 2020-06-30 2020-10-23 中国工商银行股份有限公司 Network access control method, device, electronic equipment and medium
CN112733113A (en) * 2021-01-12 2021-04-30 中国工商银行股份有限公司 Device authentication method, device, system, electronic device and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101316169A (en) * 2008-07-18 2008-12-03 张曌 Network identity verification method based on internet third party biological characteristic validation
CN101330386A (en) * 2008-05-19 2008-12-24 刘洪利 Authentication system based on biological characteristics and identification authentication method thereof
CN101771539A (en) * 2008-12-30 2010-07-07 北京大学 Face recognition based method for authenticating identity
CN102420800A (en) * 2010-09-28 2012-04-18 俞浩波 Method, system and authentication terminal for accomplishing service by multi-factor identity authentication

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009223452A (en) * 2008-03-14 2009-10-01 Hitachi Ltd Authentication system, and authentication server device and user device and application server device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101330386A (en) * 2008-05-19 2008-12-24 刘洪利 Authentication system based on biological characteristics and identification authentication method thereof
CN101316169A (en) * 2008-07-18 2008-12-03 张曌 Network identity verification method based on internet third party biological characteristic validation
CN101771539A (en) * 2008-12-30 2010-07-07 北京大学 Face recognition based method for authenticating identity
CN102420800A (en) * 2010-09-28 2012-04-18 俞浩波 Method, system and authentication terminal for accomplishing service by multi-factor identity authentication

Also Published As

Publication number Publication date
CN105100108A (en) 2015-11-25

Similar Documents

Publication Publication Date Title
CN105100108B (en) A kind of login authentication method based on recognition of face, apparatus and system
US11405380B2 (en) Systems and methods for using imaging to authenticate online users
US11847199B2 (en) Remote usage of locally stored biometric authentication data
US20210166241A1 (en) Methods, apparatuses, storage mediums and terminal devices for authentication
CN105141427B (en) A kind of login authentication method, apparatus and system based on Application on Voiceprint Recognition
CN107800672B (en) Information verification method, electronic equipment, server and information verification system
CN104902028B (en) A kind of a key login authentication method, apparatus and system
EP3256976B1 (en) Toggling biometric authentication
US8970348B1 (en) Using sequences of facial gestures to authenticate users
US9672523B2 (en) Generating barcode and authenticating based on barcode
CN105187412B (en) A kind of login authentication method based on gesture identification, apparatus and system
CN105101205B (en) A kind of a key login authentication method, apparatus and system
US9202035B1 (en) User authentication based on biometric handwriting aspects of a handwritten code
US10878071B2 (en) Biometric authentication anomaly detection
JP2018205906A5 (en)
US20180288040A1 (en) System and Method for Biometric Authentication-Based Electronic Notary Public
US11665153B2 (en) Voice biometric authentication in a virtual assistant
US11663306B2 (en) System and method for confirming a person's identity
CN105337739B (en) Safe login method, device, server and terminal
CN113826135B (en) System, method and computer system for contactless authentication using voice recognition
US20220138298A1 (en) Device and systems for strong identity and strong authentication
TWI584146B (en) Login system and method based on face recognition
CN105701392B (en) Information processing method and electronic equipment
US11128620B2 (en) Online verification method and system for verifying the identity of a subject
US20190057202A1 (en) Methods and systems for capturing biometric data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information

Inventor after: Wu Hongsheng

Inventor before: Wu Hongsheng

Inventor before: Wu Yunbin

COR Change of bibliographic data
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20170523

Address after: 510660, room 2, 388 central street, Huangcun village, Guangzhou, Guangdong, Tianhe District

Applicant after: Guangzhou cipher technology Co., Ltd.

Address before: 100000 Beijing city Chaoyang District South Mill Road No. 37 room 1701-1703 (Downtown North boring centralized Office District No. 177427)

Applicant before: SECKEN, INC.

GR01 Patent grant
GR01 Patent grant