CN105530096A - Method for improving use safety of identity authentication equipment, and identity authentication equipment - Google Patents
Method for improving use safety of identity authentication equipment, and identity authentication equipment Download PDFInfo
- Publication number
- CN105530096A CN105530096A CN201410514983.0A CN201410514983A CN105530096A CN 105530096 A CN105530096 A CN 105530096A CN 201410514983 A CN201410514983 A CN 201410514983A CN 105530096 A CN105530096 A CN 105530096A
- Authority
- CN
- China
- Prior art keywords
- authentication device
- timer
- equipment end
- switching
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Telephone Function (AREA)
Abstract
The invention discloses a method for improving use safety of identity authentication equipment, and the identity authentication equipment and aims to improve use safety during long-time connection of the identity authentication equipment and an equipment terminal. The method comprises steps that, connection with the equipment terminal is established through a communication interface; a received command from the equipment terminal is processed, and a timer starts after processing; when the command from the equipment terminal is received, and the timer is not overtime, the timer is reset, and the command received before overtime is processed; when the command from the equipment terminal is received, and the timer is overtime, processing on the command received after overtime is refused, error information is returned to the equipment terminal, so the prompting information corresponding to the error information is displayed at the equipment terminal. Processing on the command received by the identity identification equipment after overtime is refused, so relevant access of back door programs such as Trojan viruses to U shields during long-time connection of the identity authentication equipment and the equipment terminal can be reduced, and safety is improved.
Description
Technical field
The present invention relates to communication technical field, more particularly, relate to the method and ID authentication device that improve ID authentication device safety in utilization.
Background technology
Safety certificate equipment, also referred to as USBKEY (hereinafter referred to as U shield), is a kind of by the ID authentication device of Internet bank user widely used guarantee user account safety.
After user uses ID authentication device to be connected with equipment end (such as PC, mobile phone, panel computer), can there is the situation forgotten and pull out or close ID authentication device, this will cause ID authentication device and equipment end to keep for a long time being connected.In this case, the backdoor programs such as trojan horse carry out relevant access probability to U shield can be strengthened, thus produce security threat.
Summary of the invention
In view of this, the object of the embodiment of the present invention is to provide the method and ID authentication device that improve ID authentication device safety in utilization, to improve the safety in utilization that ID authentication device and equipment end keep when being connected for a long time.
For achieving the above object, the embodiment of the present invention provides following technical scheme:
According to the first aspect of the embodiment of the present invention, a kind of method improving ID authentication device safety in utilization is provided, comprises:
Described ID authentication device is connected by communication interface and equipment end;
That described ID authentication device process receives, from the order of described equipment end, open timer after processing is completed;
If the order received from described equipment end and described timer is not overtime, described ID authentication device resets described timer, and the order received before processing time-out;
If the order received from described equipment end and described timer is overtime, the order received after described ID authentication device refusal process time-out, and return error message to described equipment end, so that the information that the display of described equipment end is corresponding to described error message.
In conjunction with first aspect, in the implementation that the first is possible, described communication interface comprises at least one in USB interface, blue tooth interface, NFC interface, audio interface and Wifi interface.
In conjunction with first aspect or the first possible implementation, in the implementation that the second is possible, described error message is specially the error code of instruction time-out.
In conjunction with first aspect, in the implementation that the third is possible, after described timer expired, also comprise: described ID authentication device receives the switching command of user's input, and described switching command comprises switching cipher; Switching cipher in described switching command and preset switching cipher are compared by described ID authentication device; When switching cipher in described switching command is identical with described preset switching cipher, described ID authentication device resets or closes described timer.
In conjunction with first aspect, in the 4th kind of possible implementation, described ID authentication device is provided with switching push button; When enabling button described in confirming and being pressed, described ID authentication device resets or closes described timer.
According to the second aspect of the embodiment of the present invention, a kind of ID authentication device is provided, comprises: MCU, communication module, communication interface and timer; Described MCU is connected with described timer with described communication module respectively, and described communication module is also connected with described communication interface; Wherein:
Described timer is used for timing;
Described communication module is used for, and after connecting with equipment end, is received the order of described equipment end transmission, and be transmitted to described MCU by described communication interface, and, forward the order from described MCU by described communication interface;
Described MCU is used for: that process receives, from the order of described equipment end, indicate described timer initiation after processing; In the order received from described equipment end and described timer time-out, indicate described timer to reset, and the order received before processing time-out; In the order received from described equipment end and described timer time-out, the order received after refusal process time-out, described communication module is indicated to return error message to described equipment end, so that the information that the display of described equipment end is corresponding to described error message.
In conjunction with second aspect, in the implementation that the first is possible, described communication interface comprises at least one in USB interface, blue tooth interface, NFC interface, audio interface and Wifi interface.
In conjunction with second aspect or the first possible implementation, in the implementation that the second is possible, also comprise human-computer interaction module; Described human-computer interaction module is for receiving the order of user's input; Described MCU also for: when receiving switching command that user is inputted by human-computer interaction module, that comprise switching cipher, the switching cipher in switching command described in comparison and preset switching cipher, if identical, then indicate described timer reset or close.
In conjunction with the implementation that second aspect the second is possible, in the implementation that the third is possible, described human-computer interaction module is keyboard.
In conjunction with second aspect or the first possible implementation, in the 4th kind of possible implementation, also comprise switching push button, described switching push button is arranged on the shell of described ID authentication device, described MCU also for: confirm described in enable button be pressed time, indicate described timer reset or close.
Visible, in embodiments of the present invention, when ID authentication device receives the order that equipment end sends after a time out, the order received after refusing to process time-out, therefore can to reduce when ID authentication device keeps connecting to equipment end for a long time the backdoor programs such as trojan horse and relevant probability of accessing is carried out to U shield, improve fail safe.Meanwhile, when receiving order after a time out, ID authentication device also returns error message to equipment end, so that equipment end is to user's display reminding information, to user friendly, improves the experience of user.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The method flow diagram of the raising ID authentication device safety in utilization that Fig. 1 a provides for the embodiment of the present invention;
The other method flow chart of the raising ID authentication device safety in utilization that Fig. 1 b provides for the embodiment of the present invention;
The another method flow diagram of the raising ID authentication device safety in utilization that Fig. 2 a provides for the embodiment of the present invention;
The another method flow diagram of the raising ID authentication device safety in utilization that Fig. 2 b provides for the embodiment of the present invention;
The another method flow diagram of the raising ID authentication device safety in utilization that Fig. 3 provides for the embodiment of the present invention;
The ID authentication device structural representation that Fig. 4 provides for the embodiment of the present invention;
Another structural representation of ID authentication device that Fig. 5 provides for the embodiment of the present invention.
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Safety certificate equipment, also referred to as USBKEY (hereinafter referred to as U shield), is a kind of by the ID authentication device of Internet bank user widely used guarantee user account safety.
After user uses ID authentication device to be connected with equipment end (such as PC, mobile phone, panel computer), can there is the situation forgotten and pull out or close ID authentication device, this will cause ID authentication device and equipment end to keep for a long time being connected.In this case, the backdoor programs such as trojan horse carry out relevant access probability to U shield can be strengthened, thus produce security threat.
For solving the problem, embodiments provide the method improving ID authentication device safety in utilization.
Refer to Fig. 1 a, said method can comprise the steps:
S1, ID authentication device are connected by communication interface and equipment end.
Above-mentioned communication interface includes but not limited to USB interface, blue tooth interface, NFC interface, audio interface and Wifi interface etc.
That S2, ID authentication device process receive, from the order of the said equipment end, open timer after processing is completed.
If S3 receives the order from the said equipment end and above-mentioned timer is not overtime, ID authentication device resets above-mentioned timer, and the order received before processing time-out.
After resetting timer, timer can reclocking.
If S4 receives the order from the said equipment end and above-mentioned timer is overtime, the order received after ID authentication device refusal process time-out, and return error message to above-mentioned equipment end, so that the information that the display of the said equipment end is corresponding to above-mentioned error message.
Can think, after timer expired, ID authentication device enters into self-shield state by normal operating conditions.In self-shield state, ID authentication device also receives the order from equipment end, but no longer processes order, and returns error message.
More specifically, the order received after the discardable time-out of ID authentication device.
Above-mentioned error message specifically can be the error code of instruction time-out.Equipment end can show corresponding information, and user can know that ID authentication device is connected time-out with equipment end, also, knows the reason of ID authentication device denial of service.
The flow process that Fig. 1 b shows specifically is for reference.
Visible, in embodiments of the present invention, when ID authentication device receives the order that equipment end sends after a time out, the order received after refusing to process time-out, therefore can to reduce when ID authentication device keeps connecting to equipment end for a long time the backdoor programs such as trojan horse and relevant probability of accessing is carried out to U shield, improve fail safe.Meanwhile, when receiving order after a time out, ID authentication device also returns error message to equipment end, so that equipment end is to user's display reminding information, to user friendly, improves the experience of user.
In order to more convenient user uses, refer to Fig. 2 a, in other embodiments of the present invention, after above-mentioned timer expired, the method in above-mentioned all embodiments also can comprise the steps:
S5, ID authentication device receive the switching command of user's input.
ID authentication device can be arranged keyboard and input switching command for user.Or user inputs switching command by equipment end, send to ID authentication device by equipment end.
Above-mentioned switching command can comprise switching cipher or switch password.
Switching cipher in above-mentioned switching command and preset switching cipher are compared by S6, ID authentication device.
As comprised switching password in switching command, then the switching password in switching command and preset switching password are compared.
When S7, switching cipher in above-mentioned switching command are identical with above-mentioned preset switching cipher, above-mentioned ID authentication device resets or closes above-mentioned timer.
Or when the switching password in above-mentioned switching command is identical with above-mentioned preset switching password, above-mentioned ID authentication device resets or closes above-mentioned timer (returning step S2).
In the present embodiment, by switching command, ID authentication device is made to be switched to normal operating conditions by self-shield state.
In other embodiments of the present invention, as the switching cipher/password in switching command is not identical with above-mentioned preset switching cipher/password, any action can not be done.Or, the information that ID authentication device can not be inconsistent at the display screen display switching cipher/password of self yet.
Certainly, when user is by equipment end input switching command, ID authentication device also can return information that switching cipher/password is not inconsistent to equipment end, is shown to user by equipment end.
The flow process that Fig. 2 b shows specifically is for reference.
In other embodiments of the present invention, the ID authentication device in above-mentioned all embodiments also can be provided with switching push button.
Confirm above-mentioned enable button be pressed time, above-mentioned ID authentication device can reset or close above-mentioned timer.The flow process that Fig. 3 shows specifically is for reference.
Corresponding, the embodiment of the present invention provides ID authentication device.
Fig. 4 shows a kind of example arrangement of above-mentioned ID authentication device, comprising:
Set up unit 1, for being connected by communication interface and equipment end;
Open unit 2, for the treatment of receive, from the order of the said equipment end, open timer after processing is completed;
Reset unit 3, in the order received from the said equipment end and timer time-out, instruction timer resets, and the order received before processing time-out;
Timeout treatment unit 4, for in the order received from the said equipment end and timer time-out, the order received after refusal process time-out, returns error message to above-mentioned equipment end, so that the information that the display of the said equipment end is corresponding to above-mentioned error message.
Above-mentioned communication interface can comprise at least one in USB interface, blue tooth interface, NFC interface, audio interface and Wifi interface.
Detail refers to foregoing description herein, and therefore not to repeat here.
In other embodiments of the present invention, the ID authentication device in above-mentioned all embodiments also can comprise:
First switch unit, for when receiving switching command that user is inputted by human-computer interaction module, that comprise switching cipher, the switching cipher in the above-mentioned switching command of comparison and preset switching cipher, if identical, then indicate above-mentioned timer to reset or close.
Human-computer interaction module can be keyboard.
Detail refers to foregoing description herein, and therefore not to repeat here.
In other embodiments of the present invention, the ID authentication device in above-mentioned all embodiments also can comprise:
Second switch unit, for when confirming that the switching push button that ID authentication device is arranged is pressed, indicating above-mentioned timer to reset or closing.
Fig. 5 shows a kind of hardware configuration of above-mentioned ID authentication device, comprising: MCU5, communication module 3, communication interface (not shown) and timer 6 (timing unit).
MCU5 is connected with timer 6 with communication module 3 respectively, and communication module 3 is also connected with communication interface.
More specifically, MCU5 is communicated by both-way communication circuit 4 and communication module 3.Communication module 3 is connected with equipment end 1 by both-way communication circuit 2 (comprising communication interface).Communication interface can comprise at least one in USB interface, blue tooth interface, NFC interface, audio interface and Wifi interface.
Wherein:
Timer 6 is for timing;
Communication module 3 for, after connecting with equipment end 1, received the order stated equipment end 1 and send by communication line 2 (comprising communication interface), and be transmitted to MCU5, and, forward the order from MCU5 by communication line 2;
MCU5 is core data processing module, for the treatment of the data that sound wave codec chip is decoded to, comprises the standard cryptographic application operatings such as the encryption of data, deciphering, signature, sign test.
In the present embodiment, that MCU5 receives specifically for process, from the order of equipment end 1, after processing, indicate timer 6 to start; In the order received from equipment end 1 and timer 6 time-out, instruction timer 6 resets, and the order received before processing time-out; In the order received from equipment end 1 and timer 6 time-out, the order that receives after refusal process time-out, instruction communication module 3 returns error message to equipment end 1, so that equipment end 1 shows the information corresponding to above-mentioned error message.
Visible, in embodiments of the present invention, when ID authentication device receives the order that equipment end sends after a time out, the order received after refusing to process time-out, therefore can to reduce when ID authentication device keeps connecting to equipment end for a long time the backdoor programs such as trojan horse and relevant probability of accessing is carried out to U shield, improve fail safe.Meanwhile, when receiving order after a time out, ID authentication device also returns error message to equipment end, so that equipment end is to user's display reminding information, to user friendly, improves the experience of user.
In other embodiments of the present invention, above-mentioned ID authentication device also can comprise human-computer interaction module, and above-mentioned human-computer interaction module is for receiving the order of user's input.
Accordingly, MCU5 also can be used for:
When receiving switching command that user is inputted by human-computer interaction module, that comprise switching cipher, the switching cipher in the above-mentioned switching command of comparison and preset switching cipher, if identical, then indicate above-mentioned timer 6 to reset or close.
Detail refers to foregoing description herein, and therefore not to repeat here.
Above-mentioned human-computer interaction module can be keyboard.
In other embodiments of the present invention, above-mentioned ID authentication device also can comprise switching push button, and switching push button is arranged on the shell of above-mentioned ID authentication device.
Accordingly, above-mentioned MCU also can be used for:
When confirming that above-mentioned switching push button is pressed, indicating above-mentioned timer to reset or closing.
More specifically, switching push button is pressed, and can send instruction, MCU5 receives instruction, can confirm that switching push button is pressed.
It should be noted that, timer independent of MCU or other unit, also can be realized by the clocking capability of MCU or other unit.
In this specification, each embodiment adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar portion mutually see.
The software module that the method described in conjunction with embodiment disclosed herein or the step of algorithm can directly use hardware, processor to perform, or the combination of the two is implemented.Software module can be placed in the storage medium of other form any known in random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.
To the above-mentioned explanation of the disclosed embodiments, professional and technical personnel in the field are realized or uses the present invention.To be apparent for those skilled in the art to the multiple amendment of these embodiments, General Principle as defined herein can without departing from the spirit or scope of the present invention, realize in other embodiments.Therefore, the present invention can not be restricted to these embodiments shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.
Claims (10)
1. improve a method for ID authentication device safety in utilization, it is characterized in that, comprising:
Described ID authentication device is connected by communication interface and equipment end;
That described ID authentication device process receives, from the order of described equipment end, open timer after processing is completed;
If the order received from described equipment end and described timer is not overtime, described ID authentication device resets described timer, and the order received before processing time-out;
If the order received from described equipment end and described timer is overtime, the order received after described ID authentication device refusal process time-out, and return error message to described equipment end, so that the information that the display of described equipment end is corresponding to described error message.
2. the method for claim 1, is characterized in that, described communication interface comprises at least one in USB interface, blue tooth interface, NFC interface, audio interface and Wifi interface.
3. method as claimed in claim 1 or 2, is characterized in that, described error message is specially the error code of instruction time-out.
4. the method for claim 1, is characterized in that, after described timer expired, also comprises:
Described ID authentication device receives the switching command of user's input, and described switching command comprises switching cipher;
Switching cipher in described switching command and preset switching cipher are compared by described ID authentication device;
When switching cipher in described switching command is identical with described preset switching cipher, described ID authentication device resets or closes described timer.
5. the method for claim 1, is characterized in that, described ID authentication device is provided with switching push button;
When enabling button described in confirming and being pressed, described ID authentication device resets or closes described timer.
6. an ID authentication device, is characterized in that, comprising: MCU, communication module, communication interface and timer; Described MCU is connected with described timer with described communication module respectively, and described communication module is also connected with described communication interface; Wherein:
Described timer is used for timing;
Described communication module is used for, and after connecting with equipment end, is received the order of described equipment end transmission, and be transmitted to described MCU by described communication interface, and, forward the order from described MCU by described communication interface;
Described MCU is used for: that process receives, from the order of described equipment end, indicate described timer initiation after processing; In the order received from described equipment end and described timer time-out, indicate described timer to reset, and the order received before processing time-out; In the order received from described equipment end and described timer time-out, the order received after refusal process time-out, described communication module is indicated to return error message to described equipment end, so that the information that the display of described equipment end is corresponding to described error message.
7. ID authentication device as claimed in claim 6, it is characterized in that, described communication interface comprises at least one in USB interface, blue tooth interface, NFC interface, audio interface and Wifi interface.
8. ID authentication device as claimed in claims 6 or 7, is characterized in that, also comprise human-computer interaction module;
Described human-computer interaction module is for receiving the order of user's input;
Described MCU also for:
When receiving switching command that user is inputted by human-computer interaction module, that comprise switching cipher, the switching cipher in switching command described in comparison and preset switching cipher, if identical, then indicate described timer to reset or close.
9. ID authentication device as claimed in claim 8, it is characterized in that, described human-computer interaction module is keyboard.
10. ID authentication device as claimed in claims 6 or 7, it is characterized in that, also comprise switching push button, described switching push button is arranged on the shell of described ID authentication device, described MCU also for:
When enabling button described in confirming and being pressed, indicate described timer to reset or close.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410514983.0A CN105530096A (en) | 2014-09-29 | 2014-09-29 | Method for improving use safety of identity authentication equipment, and identity authentication equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410514983.0A CN105530096A (en) | 2014-09-29 | 2014-09-29 | Method for improving use safety of identity authentication equipment, and identity authentication equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105530096A true CN105530096A (en) | 2016-04-27 |
Family
ID=55772110
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410514983.0A Pending CN105530096A (en) | 2014-09-29 | 2014-09-29 | Method for improving use safety of identity authentication equipment, and identity authentication equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105530096A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101304425A (en) * | 2008-06-27 | 2008-11-12 | 中国电信股份有限公司 | Method for protecting IC card and IC card |
| CN202453892U (en) * | 2012-01-06 | 2012-09-26 | 国民技术股份有限公司 | Intelligent cipher key |
| US8281388B1 (en) * | 2008-06-27 | 2012-10-02 | Symantec Corporation | Hardware secured portable storage |
| CN102880822A (en) * | 2012-09-26 | 2013-01-16 | 高末芳 | USBKEY safety protection device |
-
2014
- 2014-09-29 CN CN201410514983.0A patent/CN105530096A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101304425A (en) * | 2008-06-27 | 2008-11-12 | 中国电信股份有限公司 | Method for protecting IC card and IC card |
| US8281388B1 (en) * | 2008-06-27 | 2012-10-02 | Symantec Corporation | Hardware secured portable storage |
| CN202453892U (en) * | 2012-01-06 | 2012-09-26 | 国民技术股份有限公司 | Intelligent cipher key |
| CN102880822A (en) * | 2012-09-26 | 2013-01-16 | 高末芳 | USBKEY safety protection device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11663578B2 (en) | Login using QR code | |
| US10666642B2 (en) | System and method for service assisted mobile pairing of password-less computer login | |
| US20180027286A1 (en) | Method, terminal, and system for communication pairing of a digital television terminal and a mobile terminal | |
| JP2024012467A (en) | System and method for second factor authentication of customer support calls | |
| US10771455B2 (en) | System and method for enabling secure authentication | |
| US8700908B2 (en) | System and method for managing secure information within a hybrid portable computing device | |
| CN103793815A (en) | Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards | |
| EP2936277B1 (en) | Method and apparatus for information verification | |
| JP2017529729A (en) | Data processing method and data processing apparatus | |
| US20160330195A1 (en) | System and method for securing offline usage of a certificate by otp system | |
| CN102521169B (en) | Confidential USB (universal serial bus) memory disk with display screen and security control method of confidential USB memory disk | |
| CN104951684A (en) | Fingerprint encryption and decryption method and terminal | |
| Haupert et al. | Paying the price for disruption: How a FinTech allowed account takeover | |
| US20130151411A1 (en) | Digital authentication and security method and system | |
| KR20240024112A (en) | System and method for contactless card communication and multi-device key pair cryptographic authentication | |
| CN105740937A (en) | High-strength encryption USB flash disk, encryption device and system | |
| CN108574657B (en) | Server access method, device and system, computing equipment and server | |
| CN105530096A (en) | Method for improving use safety of identity authentication equipment, and identity authentication equipment | |
| CN102393886B (en) | Safety control method of mobile terminal, device and system | |
| KR20160008012A (en) | User authentification method in mobile terminal | |
| WO2015055973A1 (en) | Trusted user interface and touchscreen | |
| CN103888259B (en) | A kind of subscriber identification card | |
| CN104038932A (en) | Security device | |
| Eleftherios | FIDO2 Overview, Use Cases, and Security Considerations | |
| CN106941615B (en) | Payment method, set top box and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160427 |