CN105187219B - The anti-tamper method of identity information in real-name authentication - Google Patents
The anti-tamper method of identity information in real-name authentication Download PDFInfo
- Publication number
- CN105187219B CN105187219B CN201510642013.3A CN201510642013A CN105187219B CN 105187219 B CN105187219 B CN 105187219B CN 201510642013 A CN201510642013 A CN 201510642013A CN 105187219 B CN105187219 B CN 105187219B
- Authority
- CN
- China
- Prior art keywords
- identity information
- operation system
- decoded
- decoding device
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention provides a kind of method that the identity information in real-name authentication is anti-tamper, belong to the anti-tamper method field of identity information, including operation system, operation system is connected with radio-frequency apparatus, and pass through the crypto identity information in radio-frequency apparatus reading identity card, after operation system is decoded by the decoding device of the network other end, decoded identity information is returned into operation system.After operation system manipulates radio-frequency apparatus acquisition crypto identity information by interface library, crypto identity information is sent to decoding device by TCP/IP network, the identity information received is decoded by decoding device, and condition code is calculated using the content in identity information, and operation system is sent by condition code, whether operation system is tampered using condition code verifying identity information, and identity information can be effectively prevented and be tampered.
Description
Technical field
The present invention provides a kind of method that the identity information in real-name authentication is anti-tamper, belongs to the anti-tamper side of identity information
Method field.
Background technique
Either on computer or mobile terminal, the interface library of which kind of form, decoded identity also no matter are used
Card information is positively located in the memory of terminal, and is stored with plain.
For unique criminal, it can use tool completely and find out in ID card information field (such as:Surname
Name, ID card No. etc.) specific address in memory so as to directly modify the data in memory address allows business system
What system obtained is the data after distorting.And similar modifiers is highly developed in field of play, as long as game is used for
The modifiers in field is in identity real name certification.Since radio-frequency unit is located at operation system end, operation system and solution
It is connected between decoding apparatus by internet, gives criminal's possibility for infiltrating through decoding process, while operation system is not
There is further authentication mechanism, to carry out great security breaches to real-name authentication work belt.
Summary of the invention
The anti-tamper method of identity information that it is an object of that present invention to provide a kind of in real-name authentication, can be effectively prevented body
Part information is tampered.
The anti-tamper method of the identity information of the present invention in real-name authentication, including operation system, operation system connect
It is connected to radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, operation system passes through the network other end
Decoding device be decoded after, by decoded identity information return operation system.Operation system is penetrated by interface library manipulation
After frequency equipment obtains crypto identity information, crypto identity information is sent to by decoding device, decoding device by TCP/IP network
The identity information received is decoded, and calculates condition code using the content in identity information, and send condition code to
Whether operation system, operation system are tampered using condition code verifying identity information.
The anti-tamper method of the identity information in real-name authentication, ID card information deposit in two generation bodies after being encrypted
In part internal chip of card, stringent permission has been done at the time of reading and has been controlled, currently to read data inside China second-generation identity card all
It is be unable to do without the safety control module of subordinate unit of Ministry of Public Security research and development, and is integrated with safety control module in decoding device, it can be to adding
Close identity information is decoded, and the mode that currently operation system obtains real-name authentication information on computers generally uses ocx
The form of control or dynamic link library, generally using the form of integrated producer Jar packet in Android terminal, one on IOS
As using framework or dynamic base form, be hereafter referred to collectively as interface library with the interface of operation system;Operation system is connecing
After receiving decoded ID card information and condition code, operation system backstage can by with decoding device identical operation mode, weight
The mode that the signature verification code of result and acquisition that new operation obtains is checked carries out whether verifying identity information is tampered.
The anti-tamper method of the identity information in real-name authentication, operation system include the business positioned at foreground terminal
System foreground and positioned at background server operation system backstage, condition code be correspondence identity information unique code, decoding device
After identity information is decoded, unique code is calculated according to identity information, by decoded identity information and corresponding unique code
It is sent to the operation system backstage of operation system, operation system foreground directly obtains identity information from business system background.
The anti-tamper method of the identity information in real-name authentication, after decoding device decodes identity information, according to
Identity information calculates unique code, and decoded identity information and corresponding unique code are sent to interface library and business simultaneously
System background, operation system foreground can obtain decoded identity information and corresponding unique code out of interface library, and same
When submit to operation system backstage, the identity information and unique code that operation system backstage sends decoding device and operation system into
Row verification, if there is identity information or if unique code can not correspond to be tampered, otherwise to be tampered.
The anti-tamper method of the identity information in real-name authentication, since operation system backstage is located at background server
In, so its security level is very high, modification information will not be penetrated by the external world, so operation system foreground can directly from
Business backstage obtains identity information, while business foreground can also obtain identity information and unique code from interface library, pass through body
Part information and unique code in business backstage identity information and unique code be compared and judge whether identity information is tampered, only
One yard is decoding device after decoding ID card information, generates the condition code for representing this decoding uniqueness, ensure that
Identity information will not be tampered.
The anti-tamper method of the identity information in real-name authentication, operation system include the business positioned at foreground terminal
System foreground and positioned at background server operation system backstage, the identifying code that condition code is obtained by corresponding to identity information operation,
Decoded identity information and identifying code are transmitted to the operation system foreground of operation system, business system by interface library by decoding device
Decoded identity information and identifying code are submitted to operation system backstage by system foreground, and operation system backstage is pressed and decoding device phase
Same arrangement or operation mode carries out operation to identity information, and the result obtained is compared with identifying code, if consistent not
It is tampered, is tampered if inconsistent.Operation system backstage can be appointed in advance with decoding device, make decoding device and business
System background is provided with the operation method of identifying code, after identity information is submitted to operation system backstage in operation system foreground, industry
Business backstage obtains result by identical operation method according to identity information and is compared with identifying code, can determine whether according to comparison result
Whether identity information is tampered, and ensure that identity information will not be tampered.Identifying code is calculated in interface library, due to identifying code
Algorithm is located in interface library, therefore is easy to be cracked.Equipment is read since decoding effort is on network for split type identity card
Decoding device in carry out, therefore the algorithm of identifying code can be built in decoding device, by decoding device by identifying code with
ID card information sends interface library to together, further improves safety.Identifying code is after decoding ID card information
The information of following field:From name, gender, nationality, date of birth, address, citizenship number, issuing authority, validity period, have
The effect phase only, picture data, finger print data etc., information above is subjected to permutation and combination or operation is verified code.
The present invention has the beneficial effect that compared with prior art:
The present invention increases the verifying link of identity information during real-name authentication, prevents identity information from illegally being usurped
Change.A security breaches of real-name authentication mechanism are blocked.Especially current telecommunications Carrier Requirements must system of real name handle
Under the overall background of business, traditional interface library form, which can not be blocked technically, handles " black card " loophole, using of the invention
After method, the safety of identity information will have technically been ensured, provide safer identification for system of real name certification and prevent usurping
Change method, to produce great social benefit.
Detailed description of the invention
Fig. 1 is 1 schematic diagram of embodiment;
Fig. 2 is 2 schematic diagram of embodiment;
Fig. 3 is 2 flow diagram of embodiment;
Fig. 4 is 3 schematic diagram of embodiment.
Specific embodiment
The embodiment of the present invention is described further below with reference to the present invention:
Embodiment 1:As shown in Figure 1, the method that present invention identity information in real-name authentication is anti-tamper, including business system
System, operation system are connected with radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, operation system is logical
Cross the network other end decoding device be decoded after, by decoded identity information return operation system.Operation system passes through
After interface library manipulates radio-frequency apparatus acquisition crypto identity information, crypto identity information is sent to by decoding by TCP/IP network and is set
Standby, operation system includes the operation system foreground positioned at foreground terminal and the operation system backstage positioned at background server, feature
Code is unique code of corresponding identity information, after decoding device decodes identity information, calculates unique code according to identity information, will solve
Identity information and corresponding unique code after code are sent to the operation system backstage of operation system, and operation system foreground is direct
Identity information is obtained from business system background.
Embodiment 2:As shown in Figures 2 and 3, the anti-tamper method of the identity information of the present invention in real-name authentication,
Including operation system, operation system is connected with radio-frequency apparatus, and passes through the crypto identity information in radio-frequency apparatus reading identity card,
After operation system is decoded by the decoding device of the network other end, decoded identity information is returned into operation system.Industry
After business system manipulates radio-frequency apparatus acquisition crypto identity information by interface library, crypto identity information is sent out by TCP/IP network
Decoding device is given, operation system includes the operation system positioned at the operation system foreground of foreground terminal and positioned at background server
From the background, condition code is unique code of corresponding identity information, after decoding device decodes identity information, is calculated only according to identity information
One yard, decoded identity information and corresponding unique code are sent to interface library and operation system backstage, business simultaneously
System foreground can obtain decoded identity information and corresponding unique code out of interface library, and submit to business system simultaneously
System backstage, the identity information that decoding device and operation system are sent and unique code are checked in operation system backstage, if occurring
Identity information or unique code can not correspond to, to be tampered, otherwise to be tampered.
It implements step:
1, it is (unique to generate the UUID that one represents this decoding uniqueness after decoding ID card information for decoding device
Code).
2, UUID and the ID card information decoded are sent to interface library.
3, UUID and the ID card information decoded are sent to the backstage of operation system.
4, operation system obtains UUID and other ID card information from interface library, and after submitting to operation system
Platform.
5, operation system backstage gets decoding device according to UUID and sends the ID card information of background system to, and compares
Whether the ID card information that operation system uploads is consistent with the ID card information in background system.
If 6, consistent, ID card information is not tampered with, and otherwise ID card information has been tampered with.
Embodiment 3:As shown in figure 4, the method that present invention identity information in real-name authentication is anti-tamper, including business system
System, operation system are connected with radio-frequency apparatus, and by the crypto identity information in radio-frequency apparatus reading identity card, operation system is logical
Cross the network other end decoding device be decoded after, by decoded identity information return operation system.Operation system passes through
After interface library manipulates radio-frequency apparatus acquisition crypto identity information, crypto identity information is sent to by decoding by TCP/IP network and is set
Standby, the identity information received is decoded by decoding device, and uses the name in identity information, gender, nationality, date of birth
From phase, address, citizenship number, issuing authority, validity period, validity period only, the information such as picture data, finger print data are arranged
Column combination or operation are verified code, and operation system includes positioned at the operation system foreground of foreground terminal and positioned at background server
Operation system backstage, decoded identity information and identifying code be transmitted to the business of operation system by interface library by decoding device
System foreground, decoded identity information and identifying code are submitted to operation system from the background by operation system foreground, after operation system
Platform carries out operation to identity information by operation mode identical with decoding device, and the result obtained is compared with identifying code,
It is not tampered with if consistent, if inconsistent be tampered.
Claims (3)
1. a kind of method that the identity information in real-name authentication is anti-tamper, including operation system, operation system are connected with radio frequency and set
It is standby, and by the crypto identity information in radio-frequency apparatus reading identity card, operation system passes through the decoding device of the network other end
After being decoded, decoded identity information is returned into operation system, which is characterized in that operation system is penetrated by interface library manipulation
Encryption information in frequency equipment reading identity card, and crypto identity information is sent to by decoding device by TCP/IP network, it solves
The identity information received is decoded by decoding apparatus, and calculates condition code using the content in identity information, and by condition code
It is sent to operation system, whether operation system is tampered using condition code verifying identity information;
Operation system includes the operation system foreground positioned at foreground terminal and the operation system backstage positioned at background server, feature
Code is unique code of corresponding identity information, after decoding device decodes identity information, calculates unique code according to identity information, will solve
Identity information and corresponding unique code after code are sent to the operation system backstage of operation system, and operation system foreground is direct
Identity information is obtained from business system background.
2. the anti-tamper method of the identity information according to claim 1 in real-name authentication, which is characterized in that decoding device
After identity information is decoded, unique code is calculated according to identity information, by decoded identity information and corresponding unique code
Simultaneously be sent to interface library and operation system backstage, operation system foreground can be obtained out of interface library decoded identity information and
Corresponding unique code, and operation system backstage is submitted to simultaneously, decoding device and operation system are sent out in operation system backstage
The identity information and unique code sent is checked, and if there is identity information or if unique code can not correspond to be tampered, is not otherwise had
It is tampered.
3. the anti-tamper method of the identity information according to claim 2 in real-name authentication, which is characterized in that operation system
Including being located at the operation system foreground of foreground terminal and positioned at the operation system backstage of background server, interface library is by corresponding to identity
Information operation show that decoded identity information and condition code are transmitted to operation system by interface library by identifying code, decoding device
Decoded identity information and condition code are submitted to operation system backstage, business system by operation system foreground, operation system foreground
System backstage carries out operation to identity information by arrangement identical with decoding device or operation mode, by the result obtained and condition code
It compares, is not tampered with if consistent, if inconsistent be tampered.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510642013.3A CN105187219B (en) | 2015-09-30 | 2015-09-30 | The anti-tamper method of identity information in real-name authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510642013.3A CN105187219B (en) | 2015-09-30 | 2015-09-30 | The anti-tamper method of identity information in real-name authentication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105187219A CN105187219A (en) | 2015-12-23 |
CN105187219B true CN105187219B (en) | 2018-11-23 |
Family
ID=54909074
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510642013.3A Active CN105187219B (en) | 2015-09-30 | 2015-09-30 | The anti-tamper method of identity information in real-name authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105187219B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107809432A (en) * | 2017-11-06 | 2018-03-16 | 广州市森锐科技股份有限公司 | A kind of acquisition of ID card information and anti-tamper system and method |
CN109960989A (en) * | 2017-12-26 | 2019-07-02 | 中国移动通信集团四川有限公司 | Anti-tamper identity card acquisition authentication method, system, equipment and storage medium |
CN108021404A (en) * | 2018-01-09 | 2018-05-11 | 郑州云海信息技术有限公司 | A kind of cross-version upgrades storage system and verifies the system and method for data consistency |
CN109543399B (en) * | 2018-11-12 | 2022-12-23 | 中国联合网络通信有限公司重庆市分公司 | Method for preventing second-generation ID card reader OCX control from being tampered |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1859149A (en) * | 2005-08-02 | 2006-11-08 | 华为技术有限公司 | Method for realizing stream medium business service |
CN1925395A (en) * | 2006-09-15 | 2007-03-07 | 北京飞天诚信科技有限公司 | Method and device for improving utilization security of network software |
CN101201887A (en) * | 2006-12-15 | 2008-06-18 | 王耀 | Application method of id card in personal identification system |
CN101334884A (en) * | 2008-07-29 | 2008-12-31 | 北京飞天诚信科技有限公司 | Method and system for enhancing bank transfer safety |
CN102684880A (en) * | 2012-05-03 | 2012-09-19 | 林顺来 | Method and system for authenticating USB (universal serial bus) challenge-response token |
CN103117857A (en) * | 2013-01-16 | 2013-05-22 | 深圳市怡化电脑有限公司 | Automatic teller machine (ATM) information safety detection method and system based on hardware encryption algorithm |
-
2015
- 2015-09-30 CN CN201510642013.3A patent/CN105187219B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1859149A (en) * | 2005-08-02 | 2006-11-08 | 华为技术有限公司 | Method for realizing stream medium business service |
CN1925395A (en) * | 2006-09-15 | 2007-03-07 | 北京飞天诚信科技有限公司 | Method and device for improving utilization security of network software |
CN101201887A (en) * | 2006-12-15 | 2008-06-18 | 王耀 | Application method of id card in personal identification system |
CN101334884A (en) * | 2008-07-29 | 2008-12-31 | 北京飞天诚信科技有限公司 | Method and system for enhancing bank transfer safety |
CN102684880A (en) * | 2012-05-03 | 2012-09-19 | 林顺来 | Method and system for authenticating USB (universal serial bus) challenge-response token |
CN103117857A (en) * | 2013-01-16 | 2013-05-22 | 深圳市怡化电脑有限公司 | Automatic teller machine (ATM) information safety detection method and system based on hardware encryption algorithm |
Also Published As
Publication number | Publication date |
---|---|
CN105187219A (en) | 2015-12-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106330850B (en) | Security verification method based on biological characteristics, client and server | |
JP6548667B2 (en) | Method, apparatus and system for providing security checks | |
CN101848090B (en) | Authentication device and system and method using same for on-line identity authentication and transaction | |
CN103514410B (en) | Dependable preservation and evidence collection system and method for electronic contract | |
CN110086608A (en) | User authen method, device, computer equipment and computer readable storage medium | |
CN104601593B (en) | The method that anti-tracking in network electronic authentication procedures is realized based on challenge mode | |
CN105827573B (en) | System, method and the relevant apparatus of internet of things equipment strong authentication | |
WO2017044554A1 (en) | Biometric verification of a blockchain database transaction contributor | |
US9805182B1 (en) | Authentication using a client device and a mobile device | |
CN105187219B (en) | The anti-tamper method of identity information in real-name authentication | |
CN107302435B (en) | Identity information processing method and system and corresponding server | |
CN103905194B (en) | Identity traceability authentication method and system | |
CN105656862A (en) | Authentication method and device | |
CN109462572B (en) | Multi-factor authentication method, system, storage medium and security gateway based on encryption card and UsbKey | |
CN105184567A (en) | Information processing method, processing device and mobile terminal | |
CN104734856B (en) | A kind of command identifying method of anti-server information leakage | |
CN113872989B (en) | SSL protocol-based authentication method, SSL protocol-based authentication device, computer equipment and storage medium | |
CN105516210B (en) | The system and method for terminal security access authentication | |
CN102571874A (en) | On-line audit method and device in distributed system | |
CN103532979A (en) | Method for generating and verifying multi-conversation verification codes under CGI (common gateway interface) for web | |
CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
US8910260B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
KR20130085566A (en) | Apparatus and method of authentifying password using captcha | |
CN105072136B (en) | A kind of equipment room safety certifying method and system based on virtual drive | |
CN107370728B (en) | Instant license generation and verification system and method based on electronic license library |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |