CN105187219A - Method for preventing tampering of identity information in real name authentication - Google Patents
Method for preventing tampering of identity information in real name authentication Download PDFInfo
- Publication number
- CN105187219A CN105187219A CN201510642013.3A CN201510642013A CN105187219A CN 105187219 A CN105187219 A CN 105187219A CN 201510642013 A CN201510642013 A CN 201510642013A CN 105187219 A CN105187219 A CN 105187219A
- Authority
- CN
- China
- Prior art keywords
- identity information
- operation system
- decoded
- decoding device
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- User Interface Of Digital Computer (AREA)
Abstract
The invention provides a method for preventing tampering of identity information in real name authentication, and belongs to the field of methods for preventing tampering of identity information. A service system is provided. The service system is connected with radio-frequency equipment, and used for reading encrypted identity information in an identity card through the radio-frequency equipment, and decoding the encrypted identity information through decoding equipment at the other end of a network. Decoded identity information is returned to the service system. The method comprises the following steps that: the service system controls the radio-frequency equipment to acquire the encrypted identity information through an interface library, and transmits the encrypted identity information to the decoding equipment through a TCP/IP (Transmission Control Protocol/Internet Protocol) network; the decoding equipment decodes the received identity information, calculates a feature code with content in the identity information, and transmits the feature codes to the service system; and the service system verifies whether the identity information is tampered or not with the feature code. Through adoption of the method, the identity information can be effectively prevented from being tampered.
Description
Technical field
The invention provides a kind of method that identity information is anti-tamper in real-name authentication, belong to the method field that identity information is anti-tamper.
Background technology
No matter be on computer or mobile terminal, also no matter adopt the interface library of which kind of form, decoded ID card information is arranged in the internal memory of terminal certainly, and is store with plain.
For unique lawless person, instrument can be utilized completely to find out field (as: name, ID card No. an etc.) specific address in internal memory in ID card information, thus the data can directly revised in memory address, what allow operation system obtain is data after distorting.And similar modifiers is very ripe in field of play, as long as the modifiers for field of play is used in identity real name certification.Because radio-frequency unit is positioned at operation system end, be connected by the Internet between operation system with decoding device, give the possibility infiltrating through decode procedure with lawless person, simultaneously operation system not further authentication mechanism, thus bring great security breaches to real-name authentication work.
Summary of the invention
The object of the invention is to provide a kind of method that identity information is anti-tamper in real-name authentication, can effectively prevent identity information to be tampered.
The method that identity information is anti-tamper in real-name authentication of the present invention, comprise operation system, operation system is connected with radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, decoded identity information is returned operation system after being decoded by the decoding device of the network other end by operation system.After operation system obtains crypto identity information by interface library manipulation radio-frequency apparatus, by TCP/IP network, crypto identity information is sent to decoding device, the identity information received is decoded by decoding device, and use the content calculated characteristics code in identity information, and condition code is sent to operation system, whether operation system use characteristic code identity verification information is tampered.
The method that described identity information in real-name authentication is anti-tamper, deposit in the chip of China second-generation identity card inside after ID card information is encrypted, strict control of authority has been done when reading, the current data that will read China second-generation identity card inside all be unable to do without the safety control module of subordinate unit of Ministry of Public Security research and development, and in decoding device, be integrated with safety control module, can decode to the identity information of encryption, the mode of the current acquisition of operation system on computers real-name authentication information generally adopts the form of ocx control or dynamic link library, the general form adopting integrated producer Jar to wrap in Android terminal, the general form adopting framework or dynamic base on IOS, interface library is referred to as with below the interface of operation system, operation system is after receiving decoded ID card information and condition code, operation system backstage can by with decoding device identical operation mode, whether the mode that the result that obtains of rerunning and the signature verification code of acquisition carry out checking is carried out identity verification information and is tampered.
The method that described identity information in real-name authentication is anti-tamper, operation system comprises the operation system foreground being positioned at front station terminal and the operation system backstage being positioned at background server, condition code is the unique code of corresponding identity information, after identity information is decoded by decoding device, unique code is calculated according to identity information, decoded identity information and the unique code corresponding with it are sent to the operation system backstage of operation system, operation system foreground directly obtains identity information from business system background.
The method that described identity information in real-name authentication is anti-tamper, after identity information is decoded by decoding device, unique code is calculated according to identity information, decoded identity information and the unique code corresponding with it are sent to interface library and operation system backstage simultaneously, operation system foreground can obtain decoded identity information and the unique code corresponding with it in interface library, and submit to operation system backstage simultaneously, the identity information that decoding device and operation system send by operation system backstage and unique code are checked, if occur, identity information or unique code cannot correspondences, for being tampered, otherwise for being tampered.
The method that described identity information in real-name authentication is anti-tamper, because operation system backstage is arranged in background server, so its safe class is very high, amendment information can not be penetrated into by the external world, so operation system foreground directly can obtain identity information from business backstage, business foreground also can obtain identity information and unique code from interface library simultaneously, compared by the identity information in identity information and unique code and business backstage and unique code and judge whether identity information is tampered, unique code is that decoding device is after decoding ID card information, generate the condition code that represents this decoding uniqueness, ensure that identity information can not be tampered.
The method that described identity information in real-name authentication is anti-tamper, operation system comprises the operation system foreground being positioned at front station terminal and the operation system backstage being positioned at background server, the identifying code that condition code is drawn by corresponding identity information computing, decoded identity information and identifying code are passed to the operation system foreground of operation system by decoding device by interface library, decoded identity information and identifying code are submitted to operation system backstage by operation system foreground, operation system backstage carries out computing by the arrangement identical with decoding device or compute mode to identity information, the result drawn and identifying code are contrasted, if consistent, be not tampered, if inconsistent, be tampered.Operation system backstage can be appointed in advance with decoding device, decoding device and operation system backstage is made all to possess the operation method of identifying code, after operation system foreground submits identity information to operation system backstage, compare by identical operation method acquisition result and identifying code according to identity information in business backstage, can judge whether identity information is tampered according to comparison result, ensure that identity information can not be tampered.In interface library, calculate identifying code, because the algorithm of identifying code is arranged in interface library, be therefore easily cracked.Facility are read owing to carrying out in the decoding device of decoding effort on network for split type identity card, therefore can the algorithm of identifying code be built in decoding device, send identifying code and ID card information to interface library in the lump by decoding device, further increase fail safe.Identifying code is comprise the information of following field after being decoded by ID card information: name, sex, nationality, date of birth, address, citizenship number, issuing authority, the term of validity rises, the term of validity is stopped, picture data, finger print data etc., above information is carried out permutation and combination or computing is verified code.
The present invention compared with prior art beneficial effect is:
The present invention adds the checking link of identity information in real-name authentication process, prevents identity information from illegally being distorted.Security breaches of real-name authentication mechanism are blocked.Especially under the overall background of the necessary system of real name transacting business of current telecommunications Carrier Requirements, traditional interface library form can not be blocked technically and handle " black card " leak, after adopting method of the present invention, by the safety ensureing identity information technically, for system of real name certification provides safer identification and tamper resistant method, thus create great social benefit.
Accompanying drawing explanation
Fig. 1 is embodiment 1 schematic diagram;
Fig. 2 is embodiment 2 schematic diagram;
Fig. 3 is embodiment 2 FB(flow block);
Fig. 4 is embodiment 3 schematic diagram.
Embodiment
Below in conjunction with the present invention, the embodiment of the present invention is described further:
Embodiment 1: as shown in Figure 1, the method that the present invention's identity information in real-name authentication is anti-tamper, comprise operation system, operation system is connected with radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, decoded identity information is returned operation system after being decoded by the decoding device of the network other end by operation system.After operation system obtains crypto identity information by interface library manipulation radio-frequency apparatus, by TCP/IP network, crypto identity information is sent to decoding device, operation system comprises the operation system foreground being positioned at front station terminal and the operation system backstage being positioned at background server, condition code is the unique code of corresponding identity information, after identity information is decoded by decoding device, unique code is calculated according to identity information, decoded identity information and the unique code corresponding with it are sent to the operation system backstage of operation system, operation system foreground directly obtains identity information from business system background.
Embodiment 2: as shown in Figures 2 and 3, the method that identity information is anti-tamper in real-name authentication of the present invention, comprise operation system, operation system is connected with radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, decoded identity information is returned operation system after being decoded by the decoding device of the network other end by operation system.After operation system obtains crypto identity information by interface library manipulation radio-frequency apparatus, by TCP/IP network, crypto identity information is sent to decoding device, operation system comprises the operation system foreground being positioned at front station terminal and the operation system backstage being positioned at background server, condition code is the unique code of corresponding identity information, after identity information is decoded by decoding device, unique code is calculated according to identity information, decoded identity information and the unique code corresponding with it are sent to interface library and operation system backstage simultaneously, operation system foreground can obtain decoded identity information and the unique code corresponding with it in interface library, and submit to operation system backstage simultaneously, the identity information that decoding device and operation system send by operation system backstage and unique code are checked, if occur, identity information or unique code cannot correspondences, for being tampered, otherwise for being tampered.
Its specific implementation step is:
1, decoding device is after decoding ID card information, generates the UUID (unique code) that represents this decoding uniqueness.
2, UUID and the ID card information that decodes is sent to interface library.
3, UUID and the ID card information that decodes are sent to the backstage of operation system.
4, operation system obtains UUID and other ID card information from interface library, and submits to operation system backstage.
5, operation system backstage gets according to UUID the ID card information that decoding device sends background system to, and whether contrast the ID card information that operation system uploads consistent with the ID card information in background system.
If 6 is consistent, then ID card information is not tampered, otherwise ID card information is tampered.
Embodiment 3: as shown in Figure 4, the method that the present invention's identity information in real-name authentication is anti-tamper, comprise operation system, operation system is connected with radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, decoded identity information is returned operation system after being decoded by the decoding device of the network other end by operation system.After operation system obtains crypto identity information by interface library manipulation radio-frequency apparatus, by TCP/IP network, crypto identity information is sent to decoding device, the identity information received is decoded by decoding device, and uses the name in identity information, sex, national, date of birth, address, citizenship number, issuing authority, the term of validity rises, the term of validity only, picture data, the information such as finger print data carry out permutation and combination or computing is verified code, operation system comprises the operation system foreground being positioned at front station terminal and the operation system backstage being positioned at background server, decoded identity information and identifying code are passed to the operation system foreground of operation system by decoding device by interface library, decoded identity information and identifying code are submitted to operation system backstage by operation system foreground, operation system backstage carries out computing by the compute mode identical with decoding device to identity information, the result drawn and identifying code are contrasted, if consistent, be not tampered, if inconsistent, be tampered.
Claims (4)
1. the method that identity information is anti-tamper in real-name authentication, comprise operation system, operation system is connected with radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, after operation system is decoded by the decoding device of the network other end, decoded identity information is returned operation system, it is characterized in that, operation system is by the enciphered message in interface library manipulation radio-frequency apparatus reading identity card, and by TCP/IP network, crypto identity information is sent to decoding device, the identity information received is decoded by decoding device, and use the content calculated characteristics code in identity information, and condition code is sent to operation system, whether operation system use characteristic code identity verification information is tampered.
2. the method that identity information is anti-tamper in real-name authentication according to claim 1, it is characterized in that, operation system comprises the operation system foreground being positioned at front station terminal and the operation system backstage being positioned at background server, condition code is the unique code of corresponding identity information, after identity information is decoded by decoding device, unique code is calculated according to identity information, decoded identity information and the unique code corresponding with it are sent to the operation system backstage of operation system, operation system foreground directly obtains identity information from business system background.
3. the method that identity information is anti-tamper in real-name authentication according to claim 2, it is characterized in that, after identity information is decoded by decoding device, unique code is calculated according to identity information, decoded identity information and the unique code corresponding with it are sent to interface library and operation system backstage simultaneously, operation system foreground can obtain decoded identity information and the unique code corresponding with it in interface library, and submit to operation system backstage simultaneously, the identity information that decoding device and operation system send by operation system backstage and unique code are checked, if occur, identity information or unique code cannot correspondences, for being tampered, otherwise for being tampered.
4. the method that identity information is anti-tamper in real-name authentication according to claim 1, it is characterized in that, operation system comprises the operation system foreground being positioned at front station terminal and the operation system backstage being positioned at background server, the identifying code that condition code is drawn by corresponding identity information computing, decoded identity information and identifying code are passed to the operation system foreground of operation system by decoding device by interface library, decoded identity information and identifying code are submitted to operation system backstage by operation system foreground, operation system backstage carries out computing by the arrangement identical with decoding device or compute mode to identity information, the result drawn and identifying code are contrasted, if consistent, be not tampered, if inconsistent, be tampered.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510642013.3A CN105187219B (en) | 2015-09-30 | 2015-09-30 | The anti-tamper method of identity information in real-name authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510642013.3A CN105187219B (en) | 2015-09-30 | 2015-09-30 | The anti-tamper method of identity information in real-name authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105187219A true CN105187219A (en) | 2015-12-23 |
| CN105187219B CN105187219B (en) | 2018-11-23 |
Family
ID=54909074
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510642013.3A Active CN105187219B (en) | 2015-09-30 | 2015-09-30 | The anti-tamper method of identity information in real-name authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105187219B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107809432A (en) * | 2017-11-06 | 2018-03-16 | 广州市森锐科技股份有限公司 | A kind of acquisition of ID card information and anti-tamper system and method |
| CN108021404A (en) * | 2018-01-09 | 2018-05-11 | 郑州云海信息技术有限公司 | A kind of cross-version upgrades storage system and verifies the system and method for data consistency |
| CN109543399A (en) * | 2018-11-12 | 2019-03-29 | 中国联合网络通信有限公司重庆市分公司 | A method of prevent second-generation ID card reader OCX control to be tampered |
| CN109960989A (en) * | 2017-12-26 | 2019-07-02 | 中国移动通信集团四川有限公司 | Anti-tamper identity card acquisition authentication method, system, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1859149A (en) * | 2005-08-02 | 2006-11-08 | 华为技术有限公司 | Method for realizing stream medium business service |
| CN1925395A (en) * | 2006-09-15 | 2007-03-07 | 北京飞天诚信科技有限公司 | Method and device for improving utilization security of network software |
| CN101201887A (en) * | 2006-12-15 | 2008-06-18 | 王耀 | Application method of id card in personal identification system |
| CN101334884A (en) * | 2008-07-29 | 2008-12-31 | 北京飞天诚信科技有限公司 | Method and system for enhancing bank transfer safety |
| CN102684880A (en) * | 2012-05-03 | 2012-09-19 | 林顺来 | Method and system for authenticating USB (universal serial bus) challenge-response token |
| CN103117857A (en) * | 2013-01-16 | 2013-05-22 | 深圳市怡化电脑有限公司 | Automatic teller machine (ATM) information safety detection method and system based on hardware encryption algorithm |
-
2015
- 2015-09-30 CN CN201510642013.3A patent/CN105187219B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1859149A (en) * | 2005-08-02 | 2006-11-08 | 华为技术有限公司 | Method for realizing stream medium business service |
| CN1925395A (en) * | 2006-09-15 | 2007-03-07 | 北京飞天诚信科技有限公司 | Method and device for improving utilization security of network software |
| CN101201887A (en) * | 2006-12-15 | 2008-06-18 | 王耀 | Application method of id card in personal identification system |
| CN101334884A (en) * | 2008-07-29 | 2008-12-31 | 北京飞天诚信科技有限公司 | Method and system for enhancing bank transfer safety |
| CN102684880A (en) * | 2012-05-03 | 2012-09-19 | 林顺来 | Method and system for authenticating USB (universal serial bus) challenge-response token |
| CN103117857A (en) * | 2013-01-16 | 2013-05-22 | 深圳市怡化电脑有限公司 | Automatic teller machine (ATM) information safety detection method and system based on hardware encryption algorithm |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107809432A (en) * | 2017-11-06 | 2018-03-16 | 广州市森锐科技股份有限公司 | A kind of acquisition of ID card information and anti-tamper system and method |
| CN109960989A (en) * | 2017-12-26 | 2019-07-02 | 中国移动通信集团四川有限公司 | Anti-tamper identity card acquisition authentication method, system, equipment and storage medium |
| CN108021404A (en) * | 2018-01-09 | 2018-05-11 | 郑州云海信息技术有限公司 | A kind of cross-version upgrades storage system and verifies the system and method for data consistency |
| CN109543399A (en) * | 2018-11-12 | 2019-03-29 | 中国联合网络通信有限公司重庆市分公司 | A method of prevent second-generation ID card reader OCX control to be tampered |
| CN109543399B (en) * | 2018-11-12 | 2022-12-23 | 中国联合网络通信有限公司重庆市分公司 | Method for preventing second-generation ID card reader OCX control from being tampered |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105187219B (en) | 2018-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103107996B (en) | Digital certificate download online method and system, digital certificate are provided platform | |
| CN101848090B (en) | Authentication device and system and method using same for on-line identity authentication and transaction | |
| CN101340437B (en) | Time source regulating method and system | |
| CN111835511A (en) | Data security transmission method and device, computer equipment and storage medium | |
| EP3822891A1 (en) | Transaction messaging | |
| CN104008351B (en) | Window application completeness check system, method and device | |
| CN105656859B (en) | Tax control equipment software safety online upgrading method and system | |
| CN102761557B (en) | A kind of terminal device authentication method and device | |
| CN103514410A (en) | Dependable preservation and evidence collection system and method for electronic contract | |
| CN104618334A (en) | Method and system for generating and verifying dynamic two-dimensional code | |
| US10158493B2 (en) | Solution for generating and issuing security codes with guaranteed issuer authenticity and origin | |
| CN102790767B (en) | Information safety control method, information safety display equipment and electronic trading system | |
| CN107277059A (en) | A kind of one-time password identity identifying method and system based on Quick Response Code | |
| CN104486087B (en) | A kind of digital signature method based on remote hardware security module | |
| CN101662458A (en) | Authentication method | |
| CN106357404B (en) | Data ciphering method based on NFC chip anti-fake certificate | |
| CN103781064A (en) | Short message verification system and verification method | |
| CN105656862A (en) | Authentication method and device | |
| CN104660551A (en) | Webservice-based database access device and method | |
| CN105187219A (en) | Method for preventing tampering of identity information in real name authentication | |
| CN109922022A (en) | Internet of Things communication means, platform, terminal and system | |
| CN105577376A (en) | Two-dimensional code coding-and-decoding and authentication method and two-dimensional code coding-and-decoding and authentication device | |
| CN105516210A (en) | System and method for terminal security access authentication | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| CN104883260B (en) | Certificate information processing and verification method, processing terminal and authentication server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |