CN105187217A - Dual-factor identity authentication method and apparatus thereof - Google Patents
Dual-factor identity authentication method and apparatus thereof Download PDFInfo
- Publication number
- CN105187217A CN105187217A CN201510590837.0A CN201510590837A CN105187217A CN 105187217 A CN105187217 A CN 105187217A CN 201510590837 A CN201510590837 A CN 201510590837A CN 105187217 A CN105187217 A CN 105187217A
- Authority
- CN
- China
- Prior art keywords
- face
- data
- authentication
- usb
- certification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Collating Specific Patterns (AREA)
Abstract
The invention discloses a dual-factor identity authentication method and an apparatus thereof. The authentication method comprises the following steps that: USB-KEY equipment is inserted into an authentication terminal device; a user PIN code corresponding to the USB-KEY equipment is inputted into an authentication system of the authentication terminal device to carry out USB-KEY authentication; if the user PIN code is wrong, authentication is completed; and if the user PIN code is correct, the authentication terminal device collects a video and extracts face identification feature data, and the face identification feature data are uploaded to a cloud terminal to carry out an analysis; if the collected face identification feature data do not match face data of a legal identity in a cloud terminal face database, the authentication is completed; and if the collected face identification feature data match the face data of the legal identity in the cloud terminal face database, authentication is done successfully and the authentication system is logged in. According to the invention, with horizontal dual-level authentication having the USB-KEY equipment and the PIN code and longitudinal dual-level authentication having USB-KEY authentication and face identification authentication, the identity authentication system becomes safe and reliable.
Description
Technical field
The invention belongs to identification, authentication techniques field, be specifically related to a kind of double factor identity identifying method and device.
Background technology
Along with the high speed development of computer technology, the safety precautions of conventional authentication system is exactly username and password, and obviously, this is very unsafe, and sealing is easy to be cracked.IC-card: the chip being a kind of built-in integrated circuit, has the data relevant to user identity in chip.IC-card, by special device fabrication, is not reproducible hardware.IC-card is carried with by validated user, IC-card must be inserted special card reader reading information wherein, with the identity of authentication of users during login.Simple, but easily stolen by hacking techniques such as stationing the wooden horse of internal memory or network monitoring.There is a lot of defect in present network payment: (1) network data flow: in the process of user and bank transaction, by third party by various method intercepted data stream, analyze the information in data thus obtain the information of user.(2) eavesdropping of wooden horse: after user computer has suffered virus or wooden horse, computer is monitored, and the information of user and bank transaction is by wooden horse record, and the information of user is like this stolen.(3) exhaustive attack: the person of hitting uses significant numeral constantly to attempt the password of holder as password.If the password of holder is without the initial password changed or special, an easily analyzed numeral, to be then easy to victim out exhaustive for password.(4) phishing: third party utilizes the identity of bank to user's photos and sending messages, requires that user provides account and password, if user provides just revealed the information of oneself.Or third party palms off the website of bank or transaction, to when conscientiously not distinguishing, user is easy to be taken in thus reveals oneself information.The potential safety hazard of network is not only these.
Summary of the invention
The object of the invention is to: the potential safety hazard existed in above-mentioned existing identity identifying technology field, a kind of double factor identity identifying method and device are provided, face recognition technology and USB-KEY technology are combined, the match is successful that identification authentication just passes through for both, effectively improve the fail safe of certification, reliability, can be widely applied in the authenticating user identification system of secure cloud terminal.
To achieve these goals, the technical solution used in the present invention is:
A kind of double factor identity identifying method, comprises the following steps:
USB-KEY equipment is inserted certification terminal equipment, in the Verification System of certification terminal equipment, then inputs user's PIN code of corresponding USB-KEY equipment, carry out USB-KEY certification, if user's PIN code mistake, then terminate certification; If user's PIN code is correct, certification terminal equipment gathers video, extracts face recognition features's data, face recognition features's data upload is analyzed to high in the clouds, if the face recognition features's data gathered are not mated with the human face data of legal identity in the face database of high in the clouds, then terminate certification; If the face recognition features's data gathered are mated with the human face data of legal identity in the face database of high in the clouds, then authentication success, accession authorization system.
Preferably, described extraction face recognition features data method extracts face recognition features's data by the recognition of face storehouse Opencv that increases income.
Preferably, the face recognition features's data gathered with the determination methods whether human face data of legal identity in the face database of high in the clouds mates are: the similarity of the human face data of legal identity in the face recognition features's data gathered and high in the clouds face database divided by span, judge whether the face recognition features's data gathered mate with the human face data of legal identity in the face database of high in the clouds according to the size of Similarity value.
Preferably, described USB-KEY equipment is U shield.
The present invention also provides a kind of device of double factor identity identifying method, comprise certification terminal equipment and cloud server, and can with certification terminal equipment by the USB-KEY equipment of USB socket connection, certification terminal equipment has the camera that can gather video, have high in the clouds face database in cloud server, certification terminal equipment and cloud server communicate to connect.
Owing to have employed technique scheme, the invention has the beneficial effects as follows:
A kind of double factor identity identifying method of the present invention and device, face recognition technology and USB-KEY technology are combined, the match is successful that identification authentication just passes through for both, effectively improve the fail safe of certification, reliability, in USB-KEY authentication phase, need that there is USB-KEY equipment and user's PIN code simultaneously, just can complete USB-KEY certification, further increase the safety and reliability of certification.
Accompanying drawing explanation
Fig. 1 is double factor identity identifying method flow chart of the present invention.
Fig. 2 is double factor identification authentication system structured flowchart of the present invention.
Mark in figure: 10-certification terminal equipment, 11-camera, 20-cloud server, 30-USB-KEY equipment.
Embodiment
With reference to Fig. 1, a kind of double factor identity identifying method of the present invention, comprises the following steps:
USB-KEY equipment 30 is inserted certification terminal equipment 10, in the Verification System of certification terminal equipment 10, then inputs user's PIN code of corresponding USB-KEY equipment 30, carry out USB-KEY certification, if user's PIN code mistake, then terminate certification; If user's PIN code is correct, certification terminal equipment 10 gathers video, extracts face recognition features's data, face recognition features's data upload is analyzed to high in the clouds, if the face recognition features's data gathered are not mated with the human face data of legal identity in the face database of high in the clouds, then terminate certification; If the face recognition features's data gathered are mated with the human face data of legal identity in the face database of high in the clouds, then authentication success, accession authorization system.
USB-KEY authentication phase of the present invention, the USB-KEY technology of employing uses the individual client's certificate based on physical medium, and set up the personal certificate authentication system based on PKI PKI technology, i.e. PIN code, USB-KEY equipment 30 is U shield.
Recognition of face authentication phase, the face recognition features's data gathered with the determination methods whether human face data of legal identity in the face database of high in the clouds mates are: the similarity of the human face data of legal identity in the face recognition features's data gathered and high in the clouds face database divided by span, judge whether the face recognition features's data gathered mate with the human face data of legal identity in the face database of high in the clouds according to the size of Similarity value.Such as, when similarity span divides, can according to the interval division of 0-100, setting Similarity value be more than or equal to 95 be coupling, be less than 95 for not mate.
Wherein, extracting face recognition features's data method is extract face recognition features's data by the recognition of face storehouse OpenCV that increases income.
Lineup's face photo of each user is gathered after gray value process by camera 11, use OpenCV increase income storehouse generate face database, be implemented as follows: face database and human face photo need to train after determining, namely allow these face samples of computer " study ".Call OpenCV face database teaching interface and generate an xml file and human face data library file.
Then when face matching judgment, use member function predict () to identify after converting gray level image to by needing the human face photo carrying out identifying, predict () function returns a shaping variable as identification label and similarity, the ID of the corresponding face database of this label, the larger matching degree of Similarity value is higher.
With reference to Fig. 2, a kind of device of double factor identity identifying method, comprise certification terminal equipment 10 and cloud server 20, and can with the certification terminal equipment 10 USB-KEY equipment 30 by USB socket connection, certification terminal equipment 10 has the camera 11 that can gather video, have high in the clouds face database in cloud server 20, certification terminal equipment 10 and cloud server 20 communicate to connect.
User is when accession authorization system, first USB-KEY equipment 30 is inserted certification terminal equipment 10, general certification terminal equipment 10 is computer, then in Verification System, PIN code is inputted, only have when USB-KEY equipment 30 and PIN code match, then just calculate authentication success, if user loses USB-KEY equipment 30, disabled user does not know PIN code, cannot authentication success by means of only this USB-KEY equipment 30 yet; If PIN code is revealed, disabled user does not have USB-KEY equipment 30, and also cannot pass through certification, therefore USB-KEY certification is very safe and reliable.Only have after by USB-KEY certification, camera 11 just can gather video, extracts face recognition features's data, face recognition features's data upload is analyzed to high in the clouds, carry out recognition of face certification, only have after recognition of face certification is passed through, could accession authorization system.
The present invention adopts this horizontal twin-stage certification, i.e. USB-KEY equipment 30 and PIN code, and longitudinal twin-stage certification, i.e. the mode of USB-KEY certification and recognition of face certification, makes identity authorization system more safely with reliable.
Claims (5)
1. a double factor identity identifying method, is characterized in that, comprises the following steps:
USB-KEY equipment (30) is inserted certification terminal equipment (10), then in the Verification System of certification terminal equipment (10), input user's PIN code of corresponding USB-KEY equipment (30), carry out USB-KEY certification, if user's PIN code mistake, then terminate certification; If user's PIN code is correct, certification terminal equipment (10) gathers video, extract face recognition features's data, face recognition features's data upload is analyzed to high in the clouds, if the face recognition features's data gathered are not mated with the human face data of legal identity in the face database of high in the clouds, then terminate certification; If the face recognition features's data gathered are mated with the human face data of legal identity in the face database of high in the clouds, then authentication success, accession authorization system.
2. double factor identity identifying method according to claim 1, is characterized in that, described extraction face recognition features data method extracts face recognition features's data by the recognition of face storehouse OpenCV that increases income.
3. double factor identity identifying method according to claim 1, it is characterized in that, the face recognition features's data gathered with the determination methods whether human face data of legal identity in the face database of high in the clouds mates are: the similarity of the human face data of legal identity in the face recognition features's data gathered and high in the clouds face database divided by span, judge whether the face recognition features's data gathered mate with the human face data of legal identity in the face database of high in the clouds according to the size of Similarity value.
4. double factor identity identifying method according to claim 1, is characterized in that, described USB-KEY equipment (30) is U shield.
5. one kind utilizes the device of the double factor identity identifying method in the claims 1-4 described in any one, it is characterized in that, comprise certification terminal equipment (10) and cloud server (20), and can with the USB-KEY equipment (30) of certification terminal equipment (10) by USB socket connection, certification terminal equipment (10) has the camera (11) that can gather video, cloud server has high in the clouds face database in (20), and certification terminal equipment (10) and cloud server (20) communicate to connect.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510590837.0A CN105187217A (en) | 2015-09-16 | 2015-09-16 | Dual-factor identity authentication method and apparatus thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510590837.0A CN105187217A (en) | 2015-09-16 | 2015-09-16 | Dual-factor identity authentication method and apparatus thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105187217A true CN105187217A (en) | 2015-12-23 |
Family
ID=54909072
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510590837.0A Pending CN105187217A (en) | 2015-09-16 | 2015-09-16 | Dual-factor identity authentication method and apparatus thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105187217A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106372606A (en) * | 2016-08-31 | 2017-02-01 | 北京旷视科技有限公司 | Target object information generation method and unit identification method and unit and system |
| CN106790306A (en) * | 2017-03-27 | 2017-05-31 | 飞天诚信科技股份有限公司 | A kind of authentication method and device for increasing by the second factor |
| CN106790260A (en) * | 2017-02-03 | 2017-05-31 | 国政通科技股份有限公司 | A kind of multiple-factor identity identifying method |
| CN106982224A (en) * | 2017-04-28 | 2017-07-25 | 南京网博计算机软件系统有限公司 | The method and system of real time identity checking identification |
| CN107241345A (en) * | 2017-06-30 | 2017-10-10 | 西安电子科技大学 | Cloud computing resources management method based on UKey |
| CN107247941A (en) * | 2017-06-22 | 2017-10-13 | 易容智能科技(苏州)有限公司 | The sampling of accurate face and recognition methods of a kind of high hardware resiliency |
| CN108446638A (en) * | 2018-03-21 | 2018-08-24 | 广东欧珀移动通信有限公司 | Auth method, device, storage medium and electronic equipment |
| CN108446569A (en) * | 2018-01-30 | 2018-08-24 | 宁波江丰生物信息技术有限公司 | A kind of endorsement method of the diagnosis report of number pathological picture |
| CN111968720A (en) * | 2020-08-18 | 2020-11-20 | 泽达易盛(天津)科技股份有限公司 | Electronic prescription system based on dual authentication |
| CN112417415A (en) * | 2020-12-07 | 2021-02-26 | 江汉大学 | Interactive education identity recognition method, storage medium and system |
| CN112740205A (en) * | 2018-09-18 | 2021-04-30 | 三星电子株式会社 | Electronic device and method for controlling connection of external device using the same |
| CN112819475A (en) * | 2021-02-09 | 2021-05-18 | 中国银联股份有限公司 | Information processing method, information processing device, electronic equipment, server and medium |
| US11089013B2 (en) | 2018-09-14 | 2021-08-10 | International Business Machines Corporation | Enhanced password authentication across multiple systems and user identifications |
| US11277258B1 (en) * | 2020-09-11 | 2022-03-15 | Alipay (Hangzhou) Information Technology Co., Ltd. | Privacy protection-based user recognition methods, apparatuses, and devices |
| CN116308379A (en) * | 2023-02-03 | 2023-06-23 | 星汉智能科技股份有限公司 | Smart card holder identity authentication method, smart card, terminal and medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201066853Y (en) * | 2007-07-04 | 2008-05-28 | 福建伊时代信息科技有限公司 | Uniform authentication system architecture |
| CN101902326A (en) * | 2009-05-25 | 2010-12-01 | 汉王科技股份有限公司 | Electronic key based identity authentication method and device |
| CN202058159U (en) * | 2010-11-30 | 2011-11-30 | 方正国际软件有限公司 | USB key |
| CN103971043A (en) * | 2014-05-28 | 2014-08-06 | 李雪 | Identity authentication method and authentication information acquisition method |
-
2015
- 2015-09-16 CN CN201510590837.0A patent/CN105187217A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201066853Y (en) * | 2007-07-04 | 2008-05-28 | 福建伊时代信息科技有限公司 | Uniform authentication system architecture |
| CN101902326A (en) * | 2009-05-25 | 2010-12-01 | 汉王科技股份有限公司 | Electronic key based identity authentication method and device |
| CN202058159U (en) * | 2010-11-30 | 2011-11-30 | 方正国际软件有限公司 | USB key |
| CN103971043A (en) * | 2014-05-28 | 2014-08-06 | 李雪 | Identity authentication method and authentication information acquisition method |
Non-Patent Citations (2)
| Title |
|---|
| 朱兴统,习洋洋: "基于C++和OpenCV的人脸识别系统的设计与实现", 《自动化与仪器仪表》 * |
| 魏娅敏: "基于OpenCV的人脸识别系统", 《中小企业管理与科技(上旬刊)》 * |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106372606A (en) * | 2016-08-31 | 2017-02-01 | 北京旷视科技有限公司 | Target object information generation method and unit identification method and unit and system |
| CN106790260A (en) * | 2017-02-03 | 2017-05-31 | 国政通科技股份有限公司 | A kind of multiple-factor identity identifying method |
| CN106790306A (en) * | 2017-03-27 | 2017-05-31 | 飞天诚信科技股份有限公司 | A kind of authentication method and device for increasing by the second factor |
| CN106982224A (en) * | 2017-04-28 | 2017-07-25 | 南京网博计算机软件系统有限公司 | The method and system of real time identity checking identification |
| CN107247941A (en) * | 2017-06-22 | 2017-10-13 | 易容智能科技(苏州)有限公司 | The sampling of accurate face and recognition methods of a kind of high hardware resiliency |
| CN107241345B (en) * | 2017-06-30 | 2020-07-17 | 西安电子科技大学 | Cloud computing resource management method based on UKey |
| CN107241345A (en) * | 2017-06-30 | 2017-10-10 | 西安电子科技大学 | Cloud computing resources management method based on UKey |
| CN108446569A (en) * | 2018-01-30 | 2018-08-24 | 宁波江丰生物信息技术有限公司 | A kind of endorsement method of the diagnosis report of number pathological picture |
| CN108446638A (en) * | 2018-03-21 | 2018-08-24 | 广东欧珀移动通信有限公司 | Auth method, device, storage medium and electronic equipment |
| US11089013B2 (en) | 2018-09-14 | 2021-08-10 | International Business Machines Corporation | Enhanced password authentication across multiple systems and user identifications |
| CN112740205A (en) * | 2018-09-18 | 2021-04-30 | 三星电子株式会社 | Electronic device and method for controlling connection of external device using the same |
| CN111968720A (en) * | 2020-08-18 | 2020-11-20 | 泽达易盛(天津)科技股份有限公司 | Electronic prescription system based on dual authentication |
| US11277258B1 (en) * | 2020-09-11 | 2022-03-15 | Alipay (Hangzhou) Information Technology Co., Ltd. | Privacy protection-based user recognition methods, apparatuses, and devices |
| CN112417415A (en) * | 2020-12-07 | 2021-02-26 | 江汉大学 | Interactive education identity recognition method, storage medium and system |
| CN112819475A (en) * | 2021-02-09 | 2021-05-18 | 中国银联股份有限公司 | Information processing method, information processing device, electronic equipment, server and medium |
| WO2022170759A1 (en) * | 2021-02-09 | 2022-08-18 | 中国银联股份有限公司 | Information processing method and apparatus, and electronic device, server and medium |
| CN116308379A (en) * | 2023-02-03 | 2023-06-23 | 星汉智能科技股份有限公司 | Smart card holder identity authentication method, smart card, terminal and medium |
| CN116308379B (en) * | 2023-02-03 | 2024-05-31 | 星汉智能科技股份有限公司 | Smart card holder identity authentication method, smart card, terminal and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105187217A (en) | Dual-factor identity authentication method and apparatus thereof | |
| CN108521418B (en) | Identity authentication method and system fusing block chain and biological feature recognition | |
| CN104834849B (en) | Dual-factor identity authentication method and system based on Application on Voiceprint Recognition and recognition of face | |
| CN103607282B (en) | A kind of identity fusion authentication method based on biological characteristic | |
| EP3065335B1 (en) | System and method for real-time verification of clock synchronisation-based dynamic password anti-counterfeiting tag validity | |
| WO2017215540A1 (en) | Offline identity authentication method and apparatus | |
| CN104123565A (en) | Identity card authentication and holder identity authentication method based on multimodal identification | |
| CN104134030A (en) | E-bank safety certification method based on living fingerprint verification | |
| CN104917769B (en) | A kind of electronic health record endorsement method and device | |
| CN106068512A (en) | For verifying the method and apparatus of user on the mobile device | |
| WO2008127431A3 (en) | Systems and methods for identification and authentication of a user | |
| CN104102868A (en) | Multi-modal USB key authentication method based on face recognition technology | |
| CN104462922A (en) | Method for verifying authorization on basis of biological recognition | |
| CN105261105A (en) | Safety access control method | |
| CN105550928A (en) | System and method of network remote account opening for commercial bank | |
| CN103259800A (en) | Internet login system based on face recognition and internet login method | |
| CN104102925A (en) | Computer operating system login verification method based on fingerprint identification technology | |
| CN104751143A (en) | Person and credential verification system and method based on deep learning | |
| CN112152961B (en) | Malicious encrypted traffic identification method and device | |
| CN103929425A (en) | Identity registration and identity authentication method, device and system | |
| CN104361494A (en) | Bank counter authorization and certification method and system based on fingerprint recognition | |
| CN110929244A (en) | Digital identity identification method, device, equipment and storage medium | |
| CN102982603A (en) | Internet lottery secure transaction and awarding method based on iris recognition | |
| CN104240348A (en) | Admittance identity authentication method based on image identification | |
| CN104240347A (en) | Admittance identity authentication system based on image identification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151223 |