CN105592005A - Safety verification method, apparatus, and system - Google Patents
Safety verification method, apparatus, and system Download PDFInfo
- Publication number
- CN105592005A CN105592005A CN201410568196.4A CN201410568196A CN105592005A CN 105592005 A CN105592005 A CN 105592005A CN 201410568196 A CN201410568196 A CN 201410568196A CN 105592005 A CN105592005 A CN 105592005A
- Authority
- CN
- China
- Prior art keywords
- terminal device
- user
- checking
- location information
- geographical location
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention relates to a safety verification method. The method comprises: when a request of preset operation execution by a user is received, a first verification code is generated and is sent to a reserved terminal device of the user, and the reserved terminal device is request to report first geographic position information; a second verification code that is inputted by a user carrying out verification currently is obtained and a terminal device carrying out verification currently is request to report second geographic position information; and according to the first geographic position information and the second geographic position information, a distance between the reserved terminal device and the terminal device carrying out verification currently is calculated; if the distance is less than or equal to a preset numerical value, verification on the second verification code is not required. In addition, the invention also provides a safety verification apparatus. With the method and apparatus, the user operation security is improved; and a malicious operation success rate caused by verification code leakage can be reduced.
Description
Technical field
The present invention relates to communication technical field, relate in particular to a kind of safe verification method, Apparatus and system.
Background technology
Authentication claims again " checking ", " authentication ", refers to by certain means, completes the body to userThe confirmation of part. From the form of current internet development, constantly perfect along with account number system, moreCarry out more logins, consume operations need to be carried out authentication to operator by identifying code.
In prior art, conventionally adopt to user's operating equipment and send short message class authorization information, suchAuthorization information belongs to semifixed verification mode, and not with operating equipment carry out associated, if utilized by peopleMobile phone wooden horse is stolen, and is successfully completed authentication by being easy to obtain correct authorization information, reduces and usesThe security of family information.
Summary of the invention
In view of this, the invention provides a kind of safe verification method, Apparatus and system, by geographical positionThe checking of putting, can improve the security that user operates, and reduces the stolen risk of user profile.
The safe verification method that the embodiment of the present invention provides, comprising:
In the time receiving user and carry out the request of initialize operation, generate the first identifying code and by described firstIdentifying code sends to the reserved terminal device corresponding with described user's user account, and asks described pre-Stay terminal device to report the first geographical location information; Obtain the second checking of user's input of current checkingCode, and ask the terminal device of current checking to report the second geographical location information; According to described the first groundReason positional information and described the second geographical location information, calculate described reserved terminal device and described currentDistance between the terminal device of checking; Judge whether described distance is less than or equal to default value, if so,Let slip the checking to described the second identifying code.
The safety verification device that the embodiment of the present invention provides, comprising:
Generation unit, in the time receiving user and carry out the request of initialize operation, generates first and testsCard code; Transmitting element, for sending to described the first identifying code and described user's user account pairThe reserved terminal device of answering; Request unit, for asking described reserved terminal device to report the first geographyPositional information; Acquiring unit, the second identifying code of inputting for obtaining the user of current checking; DescribedRequest unit, also for asking the terminal device of current checking to report the second geographical location information; CalculateUnit, for according to described the first geographical location information and described the second geographical location information, calculates instituteState the distance between reserved terminal device and the terminal device of described current checking; Processing unit, forIf described distance is less than or equal to default value, let slip the checking to described the second identifying code.
The security authentication systems that the embodiment of the present invention provides, comprising:
Server, the terminal device of reserved terminal device and current checking;
Wherein, described server, in the time receiving user and carry out the request of initialize operation, generatesThe first identifying code, by described the first identifying code send to corresponding with described user's user account described inReserved terminal device, and ask described reserved terminal device to report the first geographical location information, obtain and work asThe second identifying code of user's input of front checking, and ask the terminal device of current checking to report the second groundReason positional information, according to described the first geographical location information and described the second geographical location information, calculatesDistance between described reserved terminal device and the terminal device of described current checking, judges described distanceWhether be less than or equal to default value, if so, let slip the checking to described the second identifying code; Described pre-Stay terminal device, for report described the first geographical location information to described server; Described current testingThe terminal device of card, for reporting described the second geographical location information to described server.
Safe verification method, Apparatus and system that the embodiment of the present invention provides, issuing the same of identifying codeTime obtain the geographical location information that the reserved terminal device of user of request initialize operation reports, and carry outThe geographical location information that the user of checking reports for carrying out the terminal device of current checking, relatively this is pre-Stay the distance between terminal device and the terminal device of this current checking, when this distance is less than certain numberValue, is defined as user and carries out this checking, lets slip the checking to identifying code, in conjunction with identifying codeWith the double verification of geographical location information, can improve the security of user's operation, greatly reduce because of checkingCode leaks and the malicious operation success rate that causes.
For above and other object of the present invention, feature and advantage can be become apparent, cited below particularlyPreferred embodiment, and coordinate appended graphicly, be described in detail below.
Brief description of the drawings
The schematic diagram of the identifying code verification system that Fig. 1 provides for first embodiment of the invention.
Fig. 2 shows a kind of structured flowchart of server.
Fig. 3 shows a kind of structured flowchart of mobile terminal.
Fig. 4 executes the safe verification method schematic flow sheet that example provides for second.
The safe verification method schematic flow sheet that Fig. 5 provides for the 3rd embodiment.
The safe verification method schematic flow sheet that Fig. 6 provides for the 4th embodiment.
The safety verification device schematic diagram that Fig. 7 provides for the 5th embodiment.
The safety verification device schematic diagram that Fig. 8 provides for the 6th embodiment.
Detailed description of the invention
Technological means and the merit taked for realizing predetermined goal of the invention for further setting forth the present inventionEffect, below in conjunction with accompanying drawing and preferred embodiment, to according to the specific embodiment of the present invention, structure,Feature and effect thereof, be described in detail as follows.
The embodiment of the present invention provides a kind of safe verification method, is undertaken by mobile terminal device userWhen specific operation, can effectively improve the security of user's operation, greatly reduce because identifying code leaks and leadThe malicious operation success rate causing.
Refer to Fig. 1, the schematic diagram of the identifying code verification system that Fig. 1 provides for the embodiment of the present invention.
Server 10 is connected with terminal device 20 by network.
Wherein in order to comprise smart mobile phone, palm PC, panel computer etc., all possess tactile terminal device 20Touch the mobile terminal device of screen. Can only have one, when being user and carrying out initialize operation, use is pre-Stay terminal device, this reserved terminal device is that user is reserved in system in the time of this user account number of registrationFor the Authentication devices of identity verification, for example, user can reserve a phone number in system,User can arrange while carrying out initialize operation by this user account number, and system is corresponding with this phone numberReserved terminal device carries out interaction, and for example, server sends for identity and tests to this reserved terminal deviceThe identifying code of card, user is by obtaining the associated authorization of server after this identifying code input, to complete usingThe relevant checking of family identity.
Terminal device 20 also can have two, is divided into two kinds of situations. One is that this user uses this reservedTerminal device outside terminal device carries out this initialize operation, but this reserved terminal device and current useTerminal device distance less. Another kind is to pass through other-end after there is invalid user stealing identifying codeEquipment is verified, the distance between the other-end equipment of this current checking and this reserved terminal deviceLarger.
Particularly, user carries out initialize operation by terminal device, this initialize operation be generally login,Paying to wait needs the operation of higher-security, and can be user should by what open equipment on mobile terminalWith (APP, application), in this APP, realize this initialize operation, or pass through mobile terminalEquipment is opened webpage, realizes this initialize operation on webpage. Mobile terminal device carries out user that this is pre-The request of putting operation sends to server, and this server reception user carries out the request of this initialize operation,Confirm that this initialize operation need to carry out to user the checking of identifying code, to confirm this user's legal identity,After being proved to be successful, can further operate. For the identity of authentication of users, generate one first and testCard code, this first identifying code can be string number, for example 254780. Inquire about user's account of this userNumber corresponding reserved terminal device, sends this first identifying code to this reserved terminal device, makes this pre-Stay terminal device that this first identifying code is shown to user. For example, by " 254780 " as identifying codeContent send to the reserved phone number of this user with the form of note.
Ask this reserved terminal device to report the first geographical location information, this first geographical position letter simultaneouslyBreath refers to the various information in the geographical position that can represent this reserved terminal device. Particularly, this firstGeographical location information can comprise: position-based service (LBS, the Location of reserved terminal deviceBasedService) information, or, for searching this first geographical position of this reserved terminal deviceIndex information. For example this reserved terminal device is currently located in certain office building, the geographical position of this office buildingPut and in system of geographic location, have fixed identifier, this first geographical location information can not be oneConcrete address, but can search the fixed identifier of specific address, can by this fixed identifierTo find corresponding particular geographic location in database, so, can find specific geographic positionThe identifier of putting is exactly this index information.
Further, radio communication network that can also be by telecommunications mobile operator (as GSM net,CDMA net) or this reserved terminal device of outside locate mode (as global positioning system) active obtainingLBS information, for example obtain its geographical coordinate or geodetic coordinates.
When carrying out the user of current checking in the identifying code input of the operation interface of the terminal device of its useWhen the second identifying code of Position input, this server obtains this second identifying code, and asks current checkingTerminal device report the second geographical location information, this second geographical location information is this current checkingThe current geographic position information of terminal device, this second geographical location information can comprise: current checkingThe LBS information of terminal device, or, for search this current checking terminal device this secondThe index information in geographical position.
According to this first geographical location information and this second geographical location information, calculate this reserved terminal and establishDistance between the terminal device of standby and current checking, whether the distance that judgement calculates is less than or equal toDefault value, this default value is arranged by system, for example, can be 10 meters. If the distance calculatingFrom being less than or equal to this default value, show terminal device and this reserved terminal device of this current checkingClose together, even distance be zero, be same terminal device, can confirm current testingThe user that the user of card carries out initialize operation before being, lets slip the second checking to user's inputThe checking of code, confirms that the current user who verifies is after user, does not tackle this that isThe checking of the second identifying code, next verifies this second identifying code, judges this second identifying codeWhether identical with this first identifying code. If the distance calculating is greater than this default value, show thisThe terminal device of current checking and this reserved terminal device distant, can confirm current carrying outThe user that the user of checking carries out initialize operation before not being, is disabled user, tackles thisThe checking of the second identifying code, no longer verifies that whether this second identifying code correct, no longer judge this secondThis first identifying code whether identifying code before issues for it. For preventing the checking of wrong interception validated user,Need further to confirm whether the current user who verifies is validated user, calls out with calling deviceThe terminal device of this current checking, to confirm that whether the user who initiates current checking is as validated user, that is,Whether be the personnel of user or subscriber authorisation, if so, let slip the checking to this second identifying code,If not, tackle the checking to this second identifying code.
Further, let slip after the checking of this second identifying code, judgement sends to request initialize operationUser reserved terminal device the first identifying code whether with second of user's input of this current checkingIdentifying code is identical, if identical, confirms that current this second identifying code input of verifying is correct, passes throughChecking, this user can proceed initialize operation.
Terminal device 20 reports this first geographical location information and this second geographical position to server 10Put information.
In the embodiment of above-mentioned security authentication systems, server 10 and terminal device 20 are carried out above-mentioned technologyThe detail of scheme is referring to the description of each embodiment below.
In the present embodiment, in issuing identifying code, obtain the reserved terminal of user of request initialize operationThe geographical location information that equipment reports, and the user who verifies is for carrying out the terminal of current checkingThe geographical location information that equipment reports, the relatively terminal device of this reserved terminal device and this current checkingBetween distance, when this distance is less than certain numerical value, be defined as user carry out this checking,Let slip the checking to identifying code, in conjunction with the double verification of identifying code and geographical location information, can improve useThe security of family operation, greatly reduces and leaks the malicious operation success rate causing because of identifying code.
Fig. 2 is the structured flowchart of an embodiment of above-mentioned server 10. As shown in Figure 2, serviceDevice 10 can because of configuration or performance is different produces larger difference, can comprise one or moreCentral processing unit (centralprocessingunits, CPU) 122 (for example, one or more placesReason device) and memory 132, the storage of one or more storage application programs 142 or data 144Medium 130 (for example one or more mass memory units). Wherein, memory 132 and storageMedium 130 can be of short duration storage or storage lastingly. The program that is stored in storage medium 130 can be wrappedDraw together one or more modules (illustrating not shown), each module can comprise one in serverSeries of instructions operation. Further, central processing unit 122 can be set to and storage medium 130The a series of command operatings in storage medium 130 are carried out in communication on server 10. Server 10Can also comprise one or more power supplys 126, one or more wired or wireless network interfaces150, one or more input/output interfaces 158, and/or, one or more operating systems141, for example WindowsServerTM, MacOSXTM, UnixTM, LinuxTM,FreeBSDTM etc. Passable by the performed step of server 10 described in each embodiment belowBased on the server architecture shown in this Fig. 2.
Fig. 3 shows a kind of structured flowchart of mobile terminal device. As shown in Figure 3, mobile terminalEquipment 20 can comprise memory 202, storage control 204, one or more (only illustrating in figureOne) processor 206, Peripheral Interface 208, radio-frequency module 210 and Touch Screen 212. ThisA little assemblies are by the mutual communication of one or more communication bus/holding wire 222.
Be appreciated that the structure shown in Fig. 3 is only signal, it is not to mobile terminal device 20Structure cause restriction. For example, mobile terminal device 20 also can comprise than more shown in Fig. 3 orAssembly still less, or have and configurations different shown in Fig. 3. Each assembly shown in Fig. 3 is passableAdopt hardware, software or its combination to realize.
Memory 202 can be used for storing software program and module, as in the embodiment of the present inventionCharacters input method and install corresponding programmed instruction/module in terminal device, processor 206 passes throughOperation is stored in software program and the module in memory 204, thereby carries out various function applicationAnd data processing, realize above-mentioned instant communication message player method.
Memory 202 can comprise high speed random access memory, also can comprise nonvolatile memory, asOne or more magnetic storage device, flash memory or other non-volatile solid state memories. ?In some examples, memory 202 can further comprise depositing with respect to processor 206 long-range settingsReservoir, these remote memories can be connected to mobile terminal device 20 by network. Above-mentioned networkExample include but not limited to internet, intranet, LAN, mobile radio communication and group thereofClose. Processor 206 and other possible assemblies can be controlled in storage the access of memory 202Under the control of device 204, carry out.
Various input/output devices are coupled to CPU and memory 202 by Peripheral Interface 208. PlaceVarious softwares, instruction in reason device 206 run memories 202 are various with execution terminal device 20Function and carry out data processing.
In certain embodiments, Peripheral Interface 208, processor 206 and storage control 204Can in one single chip, realize. In some other example, they can be respectively by core independentlySheet is realized.
Radio-frequency module 210, for receiving and sending electromagnetic wave, is realized the phase of electromagnetic wave and the signal of telecommunicationConversion mutually, thus carry out communication with communication network or other equipment. Radio-frequency module 210 can compriseVarious existing for carrying out the component of these functions, for example, antenna, RF transceiver,Digital signal processor, encrypt/decrypt chip, subscriber identity module (SIM) card, memory etc.Deng. Radio-frequency module 210 can carry out as internet, intranet, wireless network with diverse networkCommunication or carry out communication by wireless network and other equipment. Above-mentioned wireless network can comprise honeybeeNest formula telephone network, WLAN or Metropolitan Area Network (MAN). Above-mentioned wireless network can use various logicalBeacon standard, agreement and technology, include, but are not limited to global system for mobile communications (GlobalSystemForMobileCommunication, GSM), enhancement mode mobile communication technology (EnhancedDataGSMEnvironment, EDGE), Wideband CDMA Technology (widebandcodedivisionMultipleaccess, W-CDMA), CDMA (Codedivisionaccess,CDMA), tdma (timedivisionmultipleaccess, TDMA), bluetooth,Adopting wireless fidelity technology (Wireless, Fidelity, WiFi) is (as U.S. electric and Electronics EngineerAssociation criterion IEEE802.11a, IEEE802.11b, IEEE802.11g and/or IEEE802.11n), the networking telephone (Voiceoverinternetprotocal, VoIP), global microwave are mutualConnect into (WorldwideInteroperabilityforMicrowaveAccess, Wi-Max),Other are for the agreement of mail, instant messaging and short message, and any other suitable communication associationView, even can comprise those current agreements being developed not yet.
Touch Screen 212 provides an output and input circle between first terminal 20 and user simultaneouslyFace. Particularly, Touch Screen 212 is to the output of user's display video, the content that these videos are exportedCan comprise word, figure, video and any combination thereof. Some Output rusults are corresponding to someUser interface object. Touch Screen 212 also receives user's input, for example user's click, cunningThe moving gesture operation that waits, so that user interface object is made response to these users' input. Detect and useThe technology of family input can be based on resistance-type, condenser type or other any possible touch control detectionTechnology. The instantiation of Touch Screen 212 display units include, but are not limited to liquid crystal display orLight emitting polymer display.
Refer to Fig. 4, the safe verification method that the second embodiment provides comprises:
401,, in the time receiving user and carry out the request of initialize operation, generate the first identifying code;
User carries out initialize operation by terminal device, and this initialize operation is generally login, payment etc. and needsWant the operation of higher-security. User is by opening the APP of equipment on mobile terminal, real by APPNow this initialize operation, or open webpage by mobile terminal device, on webpage, realize this preset behaviourDo. The request that user is carried out this initialize operation by mobile terminal device sends to server.
This server reception user carries out the request of this initialize operation, confirms that this initialize operation need to be to usingThe checking of identifying code is carried out at family, to confirm this user's legal identity, after being proved to be successful, can enterSingle stepping. For the identity of authentication of users, generate first identifying code, this first identifying code canTo be string number, for example " 2547 ", can be also multiple Chinese characters, for example " lemon fruit tree ", and alsoCan be other forms of being convenient to realize checking.
402, send to the reserved terminal corresponding with this user's user account to establish this first identifying codeStandby, and ask this reserved terminal device to report the first geographical location information;
Inquire about this user's reserved terminal device corresponding to user account, send to this reserved terminal deviceThis first identifying code, makes this reserved terminal device that this first identifying code is shown to user. For example," 2547 " are sent to the reserved phone number of this user as the content of identifying code with the form of note.
Ask this reserved terminal device to report the first geographical location information, this first geographical position letter simultaneouslyBreath refers to the various information in the geographical position that can represent this reserved terminal device. Particularly, this firstGeographical location information can comprise: the LBS information of reserved terminal device, or, pre-for searching thisStay the index information in this first geographical position of terminal device. For example this reserved terminal device is currently located atIn certain office building, there is fixed identifier in the geographical position of this office building in system of geographic location, shouldThe first geographical location information can not be a concrete address, but can search consolidating of specific addressDetermine identifier, can in database, find corresponding particular geographic location by this fixed identifier,The identifier that so, can find particular geographic location is exactly this index information.
This reserved terminal device of server request reports the first geographical location information, this reserved terminal deviceThe geographical location information that obtains self by built-in locating module reports, further, and serviceDevice can also pass through the radio communication network (as GSM net, CDMA net) of telecommunications mobile operatorOr the LBS information of this reserved terminal device of outside locate mode (as global positioning system) active obtaining,For example obtain its geographical coordinate or geodetic coordinates.
403, obtain the second identifying code of user's input of current checking, and ask the terminal of current checkingEquipment reports the second geographical location information;
When carrying out the user of current checking in the identifying code input of the operation interface of the terminal device of its useWhen the second identifying code of Position input, this server obtains this second identifying code, and asks current checkingTerminal device report the second geographical location information.
This second geographical location information is the current geographic position information of the terminal device of this current checking,This second geographical location information can comprise: the LBS information of the terminal device of current checking, or,Be used for the index information in this second geographical position of the terminal device of searching this current checking.
404,, according to this first geographical location information and this second geographical location information, calculate this and reserve eventuallyDistance between end equipment and the terminal device of this current checking;
According to this first geographical location information and this second geographical location information, can calculate this firstDistance between geographical position and this second geographical position, calculates this reserved terminal device and current testingDistance between the terminal device of card.
405, judge whether this distance is less than or equal to default value, if so, let slip this second checkingThe checking of code.
Judge whether the distance between this reserved terminal device and the terminal device of current checking is less than or equal toDefault value. This default value is arranged by system, for example, can be 10 meters.
If this distance is less than or equal to this default value, show the terminal device of this current checking and this is pre-Stay the close together of terminal device, wherein, in the time that this distance equals this default value, show the two distanceFrom being zero, be same terminal device, can confirm that the current user who verifies enters before beingThe user of row initialize operation, the checking of letting slip the second identifying code to user's input, that is, confirmThe current user who verifies is after user, does not tackle the checking to this second identifying code,Next this second identifying code is verified, judge this second identifying code whether with this first identifying codeIdentical.
In the embodiment of the present invention, the user who obtains request initialize operation in issuing identifying code is reservedThe geographical location information that terminal device reports, and the user who verifies is for carrying out current checkingThe geographical location information that terminal device reports, the relatively terminal of this reserved terminal device and this current checkingDistance between equipment, when this distance is less than certain numerical value, is defined as user and carries out thisChecking, lets slip the checking to identifying code, in conjunction with the double verification of identifying code and geographical location information, and canImprove the security of user operation, greatly reduce and leak the malicious operation success rate causing because of identifying code.
Refer to Fig. 5, the safe verification method that the 3rd embodiment provides comprises:
501,, in the time receiving user and carry out the request of initialize operation, generate the first identifying code;
User carries out initialize operation by terminal device, and this initialize operation is generally login, payment etc. and needsWant the operation of higher-security. The request that user is carried out this initialize operation by mobile terminal device sends toServer. This server reception user carries out the request of this initialize operation, confirms this initialize operation needsUser is carried out to the checking of identifying code, to confirm this user's legal identity, after being proved to be successful, can enterThe single stepping of advancing. For the identity of authentication of users, generate first identifying code
502, send to the reserved terminal corresponding with this user's user account to establish this first identifying codeStandby, and ask this reserved terminal device to report the first geographical location information;
Inquire about this user's reserved terminal device corresponding to user account, send to this reserved terminal deviceThis first identifying code, makes this reserved terminal device that this first identifying code is shown to user.
Ask this reserved terminal device to report the first geographical location information, this first geographical position letter simultaneouslyBreath refers to the various information in the geographical position that can represent this reserved terminal device. Particularly, this firstGeographical location information can comprise: the LBS information of reserved terminal device, or, pre-for searching thisStay the index information in this first geographical position of terminal device.
503, obtain the second identifying code of user's input of current checking, and ask the terminal of current checkingEquipment reports the second geographical location information;
When carrying out the user of current checking in the identifying code input of the operation interface of the terminal device of its useWhen the second identifying code of Position input, this server obtains this second identifying code, and asks current checkingTerminal device report the second geographical location information.
This second geographical location information is the current geographic position information of the terminal device of this current checking,This second geographical location information can comprise: the LBS information of the terminal device of current checking, or,Be used for the index information in this second geographical position of the terminal device of searching this current checking.
504,, according to this first geographical location information and this second geographical location information, calculate this and reserve eventuallyDistance between end equipment and the terminal device of this current checking;
505, judge whether this distance is less than or equal to default value;
Judge whether the distance between this reserved terminal device and the terminal device of current checking is less than or equal toDefault value.
If so, perform step 506, if not, perform step 507.
506, let slip the checking to this second identifying code;
If this distance is less than or equal to this default value, show the terminal device of this current checking and this is pre-Stay the close together of terminal device, wherein, in the time that this distance equals this default value, show the two distanceFrom being zero, be same terminal device, can confirm that the current user who verifies enters before beingThe user of row initialize operation. Let slip the checking of the second identifying code to user's input, that is, reallyAfter recognizing the current user who verifies and be user, do not tackle the checking to this second identifying code,Next this second identifying code is verified, judge this second identifying code whether with this first identifying codeIdentical.
507, the checking of interception to this second identifying code;
If the distance calculating is greater than this default value, the terminal device that shows this current checking withThis reserved terminal device distant, can confirm that the current user who verifies enters before not beingThe user of row initialize operation is disabled user. Tackle the checking to this second identifying code,No longer verify that whether this second identifying code is correct, the first identifying code whether before issuing for it.
508, call calling device and call out the terminal device of described current checking, to confirm to initiate current testingWhether the user of card is validated user.
If so, perform step 506, let slip the checking to this second identifying code, if not, execution step507, the checking of interception to this second identifying code.
After system has been tackled the checking of this second identifying code, in order to prevent mistake interception, just call and exhaleBe the terminal device of this current checking of device call, taking this user of confirming to initiate current checking whether asValidated user, the validated user here refers to the personnel of user or subscriber authorisation. Specifically canThat the terminal of calling out current checking to user's reserved terminal initiation outgoing call service by artificial customer service is establishedWhether standby, understanding in detail this operation to the user of the terminal device of current checking is that user carries outOr subscriber authorisation related personnel completes, if it is let slip the checking to this second identifying code, if notIt is the checking of tackling this second identifying code. Can further improve to user identification confirmation accuratelyProperty.
In the embodiment of the present invention, the user who obtains request initialize operation in issuing identifying code is reservedThe geographical location information that terminal device reports, and the user who verifies is for carrying out current checkingThe geographical location information that terminal device reports, the relatively terminal of this reserved terminal device and this current checkingDistance between equipment, when this distance is less than certain numerical value, is defined as user and carries out thisChecking, lets slip the checking to identifying code, in conjunction with the double verification of identifying code and geographical location information, and canImprove the security of user operation, greatly reduce and leak the malicious operation success rate causing because of identifying code.
Refer to Fig. 6, the safe verification method that Fig. 6 provides for the 4th embodiment, reserved terminal in Fig. 6The terminal device of equipment and current checking can be same terminal device, can be also two differentTerminal device, for ease of description technique scheme, Fig. 6 is to reserve the terminal of terminal device and current checkingEquipment is that two different terminal devices are that example describes, and the method comprises:
601, server generates the first identifying code;
In the time receiving user and carry out the request of initialize operation, server generates the first identifying code.
602, this first identifying code is sent to reserved terminal device by server, and ask this reserved terminalEquipment reports the first geographical location information;
Server sends to this first identifying code generating corresponding with this user's user account reservedTerminal device, and ask this reserved terminal device to report the first geographical location information.
603, reserved terminal device reports this first geographical location information to this server;
Server receives this first geographical location information that this reserved terminal device reports.
604, obtain the second identifying code of user's input of current checking, and ask the terminal of current checkingEquipment reports the second geographical location information;
The user of current checking inputs the second identifying code by the terminal device of current checking, carries out thisThe checking of initialize operation. Server obtains the second identifying code of user's input of current checking, and requestThe terminal device of current checking reports the second geographical location information.
605, the terminal device of this current checking reports this second geographical location information to this server;
This server receives this second geographical location information that the terminal device of this current checking reports.
606,, according to this first geographical location information and this second geographical location information, calculate this and reserve eventuallyDistance between end equipment and the terminal device of this current checking, and judge whether this distance is less than or equal toDefault value, if so, lets slip the checking to this second identifying code.
In the embodiment of the present invention, the user who obtains request initialize operation in issuing identifying code is reservedThe geographical location information that terminal device reports, and the user who verifies is for carrying out current checkingThe geographical location information that terminal device reports, the relatively terminal of this reserved terminal device and this current checkingDistance between equipment, when this distance is less than certain numerical value, is defined as user and carries out thisChecking, lets slip the checking to identifying code, in conjunction with the double verification of identifying code and geographical location information, and canImprove the security of user operation, greatly reduce and leak the malicious operation success rate causing because of identifying code.
Refer to Fig. 7, the safety verification device that the 5th embodiment provides, can be applicable to the service in Fig. 1In device 10, this safety verification device comprises:
Generation unit 71, in the time receiving user and carry out the request of initialize operation, generates firstIdentifying code;
Transmitting element 72, for sending to corresponding with this user's user account by this first identifying codeReserved terminal device;
Request unit 73, for asking this reserved terminal device to report the first geographical location information;
Acquiring unit 74, the second identifying code of inputting for obtaining the user of current checking;
Request unit 73, also for asking the terminal device of current checking to report the second geographical location information;
Computing unit 75, for according to this first geographical location information and this second geographical location information,Calculate the distance between this reserved terminal device and the terminal device of this current checking;
Processing unit 76, if be less than or equal to default value for this distance, lets slip this second checkingThe checking of code.
In the embodiment of the present invention, the detailed process of function is separately carried out in above-mentioned each unit, referring to above-mentioned Fig. 1To description embodiment illustrated in fig. 6, repeat no more herein.
In the embodiment of the present invention, the user who obtains request initialize operation in issuing identifying code is reservedThe geographical location information that terminal device reports, and the user who verifies is for carrying out current checkingThe geographical location information that terminal device reports, the relatively terminal of this reserved terminal device and this current checkingDistance between equipment, when this distance is less than certain numerical value, is defined as user and carries out thisChecking, lets slip the checking to identifying code, in conjunction with the double verification of identifying code and geographical location information, and canImprove the security of user operation, greatly reduce and leak the malicious operation success rate causing because of identifying code.
Refer to Fig. 8, the safety verification device that the 6th embodiment provides, can apply with Fig. 1 in serviceIn device 10, this safety verification device comprises:
Generation unit 81, in the time receiving user and carry out the request of initialize operation, generates firstIdentifying code;
Transmitting element 82, for sending to corresponding with this user's user account by this first identifying codeReserved terminal device;
Request unit 83, for asking this reserved terminal device to report the first geographical location information;
Acquiring unit 84, the second identifying code of inputting for obtaining the user of current checking;
Request unit 83, also for asking the terminal device of current checking to report the second geographical location information;
Computing unit 85, for according to this first geographical location information and this second geographical location information,Calculate the distance between this reserved terminal device and the terminal device of this current checking;
Processing unit 86, if be less than or equal to default value for this distance, lets slip this second checkingThe checking of code.
Wherein, this first geographical location information comprises: the position-based service letter of this reserved terminal deviceBreath, or, for searching the index information in this first geographical position;
The second geographical location information comprises: the position-based information on services of the terminal device of this current checking,Or, for searching the index information in this second geographical position.
Processing unit 86, if also between this reserved terminal device and the terminal device of this current checkingDistance be greater than this default value, tackle the checking to this second identifying code.
This device also further comprises:
Confirmation unit 87, calls out the terminal device of this current checking for calling calling device, to confirmWhether the described user who initiates current checking is validated user;
Further, processing unit 86, if the institute that also confirms to initiate current checking for confirmation unit 87State user for validated user, let slip the checking to this second identifying code, if not validated user,The checking of interception to this second identifying code.
In the embodiment of the present invention, the detailed process of function is separately carried out in above-mentioned each unit, referring to above-mentioned Fig. 1To description embodiment illustrated in fig. 6, repeat no more herein.
In the embodiment of the present invention, the user who obtains request initialize operation in issuing identifying code is reservedThe geographical location information that terminal device reports, and the user who verifies is for carrying out current checkingThe geographical location information that terminal device reports, the relatively terminal of this reserved terminal device and this current checkingDistance between equipment, when this distance is less than certain numerical value, is defined as user and carries out thisChecking, lets slip the checking to identifying code, in conjunction with the double verification of identifying code and geographical location information, and canImprove the security of user operation, greatly reduce and leak the malicious operation success rate causing because of identifying code.
It should be noted that, in this article, the relational terms such as the first and second grades is only usedAn entity or operation are separated with another entity or operating space, and not necessarily requirement orImply the relation or the order that between these entities or operation, there are any this reality. And, term" comprise ", " comprising " or its any other variant be intended to contain comprising of nonexcludability, thereby make bagProcess, method, article or the device of drawing together a series of key elements not only comprise those key elements, but also bagDraw together other key elements of clearly not listing, or be also included as this process, method, article orInstall intrinsic key element. In the situation that there is no more restrictions, limited by statement " comprising ... "Key element, and be not precluded within and comprise in the process, method, article of described key element or device and also existingOther identical element.
One of ordinary skill in the art will appreciate that to realize all or part of step of above-described embodiment passableComplete by hardware, also can carry out the hardware that instruction is relevant by program and complete, described program canTo be stored in a kind of computer-readable recording medium, the above-mentioned storage medium of mentioning can be read-only depositingReservoir, disk or CD etc.
The above, be only preferred embodiment of the present invention, not the present invention made to any formOn restriction, although the present invention disclose as above with preferred embodiment, but not in order to limit thisBright, any those skilled in the art, are not departing within the scope of technical solution of the present invention, when canUtilize the technology contents of above-mentioned announcement to make a little change or be modified to the equivalent embodiment of equivalent variations,In every case be not depart from technical solution of the present invention content, foundation technical spirit of the present invention is to above embodimentAny simple modification, equivalent variations and the modification done, all still belong to the scope of technical solution of the present inventionIn.
Claims (11)
1. a safe verification method, is characterized in that, comprising:
In the time receiving user and carry out the request of initialize operation, generate the first identifying code and by described firstIdentifying code sends to the reserved terminal device corresponding with described user's user account, and asks described pre-Stay terminal device to report the first geographical location information;
Obtain the second identifying code of user's input of current checking, and ask the terminal device of current checkingReport the second geographical location information;
According to described the first geographical location information and described the second geographical location information, calculate described reservedDistance between terminal device and the terminal device of described current checking;
Judge whether described distance is less than or equal to default value, if so, let slip described the second checkingThe checking of code.
2. method according to claim 1, is characterized in that, described the first geographical location informationComprise: the position-based information on services of described reserved terminal device, or, for searching described firstThe index information in geographical position.
3. method according to claim 1 and 2, is characterized in that, described the second geographical positionInformation comprises: the position-based information on services of the terminal device of described current checking, or, for looking intoLook for the index information in described the second geographical position.
4. method according to claim 3, is characterized in that, described method also comprises:
If described in the distance between described reserved terminal device and the terminal device of described current checking is greater thanDefault value, tackles the checking to described the second identifying code.
5. method according to claim 4, is characterized in that, described interception is tested described secondAfter the checking of card code, also comprise:
Call calling device and call out the terminal device of described current checking, to confirm to initiate current checkingWhether described user is validated user;
If so, let slip the checking to described the second identifying code, if not, tackle and test described secondThe checking of card code.
6. a safe verification method, is characterized in that, comprising:
In the time receiving user and carry out the request of initialize operation, server generates the first identifying code;
Send to the reserved terminal corresponding with described user's user account to establish described the first identifying codeStandby, and ask described reserved terminal device to report the first geographical location information;
Described reserved terminal device reports described the first geographical location information to described server;
Obtain the second identifying code of user's input of current checking, and ask the terminal device of current checkingReport the second geographical location information;
The terminal device of described current checking reports described the second geographical location information to described server;
Described server is according to described the first geographical location information receiving and described the second geographical position letterBreath, calculates the distance between described reserved terminal device and the terminal device of described current checking;
Judge whether described distance is less than or equal to default value, if so, let slip described the second checkingThe checking of code.
7. a safety verification device, is characterized in that, comprising:
Generation unit, in the time receiving user and carry out the request of initialize operation, generates first and testsCard code;
Transmitting element, for sending to corresponding with described user's user account by described the first identifying codeReserved terminal device;
Request unit, for asking described reserved terminal device to report the first geographical location information;
Acquiring unit, the second identifying code of inputting for obtaining the user of current checking;
Described request unit, also for asking the terminal device of current checking to report the second geographical position letterBreath;
Computing unit, for according to described the first geographical location information and described the second geographical location information,Calculate the distance between described reserved terminal device and the terminal device of described current checking;
Processing unit, if be less than or equal to default value for described distance, let slip and tests described secondThe checking of card code.
8. device according to claim 7, is characterized in that,
Described the first geographical location information comprises: the position-based information on services of described reserved terminal device,Or, for searching the index information in described the first geographical position;
The second geographical location information comprises: the position-based service letter of the terminal device of described current checkingBreath, or, for searching the index information in described the second geographical position.
9. according to the device described in claim 7 or 8, it is characterized in that,
Described processing unit, if also establish for the terminal of described reserved terminal device and described current checkingDistance between standby is greater than described default value, tackles the checking to described the second identifying code.
10. device according to claim 9, is characterized in that,
Described device also comprises:
Confirmation unit, calls out the terminal device of described current checking, to confirm for calling calling deviceWhether the described user who initiates current checking is validated user;
Described processing unit, if also confirm to initiate the described user of current checking for described confirmation unitFor validated user, let slip the checking to described the second identifying code, if not validated user, interceptionTo the checking of described the second identifying code.
11. 1 kinds of security authentication systems, is characterized in that, comprising:
Server, the terminal device of reserved terminal device and current checking;
Wherein, described server, in the time receiving user and carry out the request of initialize operation, generatesThe first identifying code, by described the first identifying code send to corresponding with described user's user account described inReserved terminal device, and ask described reserved terminal device to report the first geographical location information, obtain and work asThe second identifying code of user's input of front checking, and ask the terminal device of current checking to report the second groundReason positional information, according to described the first geographical location information and described the second geographical location information, calculatesDistance between described reserved terminal device and the terminal device of described current checking, judges described distanceWhether be less than or equal to default value, if so, let slip the checking to described the second identifying code;
Described reserved terminal device, for reporting described the first geographical location information to described server;
The terminal device of described current checking, for reporting described the second geographical position to described serverInformation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410568196.4A CN105592005B (en) | 2014-10-22 | 2014-10-22 | Security verification method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410568196.4A CN105592005B (en) | 2014-10-22 | 2014-10-22 | Security verification method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105592005A true CN105592005A (en) | 2016-05-18 |
| CN105592005B CN105592005B (en) | 2020-06-12 |
Family
ID=55931228
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410568196.4A Active CN105592005B (en) | 2014-10-22 | 2014-10-22 | Security verification method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105592005B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101125A (en) * | 2016-07-01 | 2016-11-09 | 龙官波 | Authentication processing method, Apparatus and system |
| CN107241362A (en) * | 2017-08-10 | 2017-10-10 | 青岛网信信息科技有限公司 | Recognize the method and apparatus that identifying code inputs user identity |
| CN107633403A (en) * | 2016-07-18 | 2018-01-26 | 北京网际威信科技有限公司 | Status verification method |
| CN108600215A (en) * | 2018-04-20 | 2018-09-28 | 中国联合网络通信集团有限公司 | Identifying code is anti-to steal method, apparatus and the network equipment |
| CN115759649A (en) * | 2022-11-22 | 2023-03-07 | 北京丹灵云科技有限责任公司 | Police material figure interconnection safety management and control method |
| CN116340930A (en) * | 2023-05-31 | 2023-06-27 | 一汽解放汽车有限公司 | Method, device, equipment and medium for confirming system change |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007049344A1 (en) * | 2005-10-26 | 2007-05-03 | Mitsubishi Denki Kabushiki Kaisha | Food product tracer, food product tracing system, and food product tracing method |
| CN103064594A (en) * | 2012-12-21 | 2013-04-24 | 北京推博信息技术有限公司 | Identity authentication method, device and terminal |
| CN103679460A (en) * | 2013-12-10 | 2014-03-26 | 阮桂芳 | Secure network transaction method |
| CN103971239A (en) * | 2014-05-28 | 2014-08-06 | 中国农业银行股份有限公司 | Verification method and device |
-
2014
- 2014-10-22 CN CN201410568196.4A patent/CN105592005B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007049344A1 (en) * | 2005-10-26 | 2007-05-03 | Mitsubishi Denki Kabushiki Kaisha | Food product tracer, food product tracing system, and food product tracing method |
| CN103064594A (en) * | 2012-12-21 | 2013-04-24 | 北京推博信息技术有限公司 | Identity authentication method, device and terminal |
| CN103679460A (en) * | 2013-12-10 | 2014-03-26 | 阮桂芳 | Secure network transaction method |
| CN103971239A (en) * | 2014-05-28 | 2014-08-06 | 中国农业银行股份有限公司 | Verification method and device |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101125A (en) * | 2016-07-01 | 2016-11-09 | 龙官波 | Authentication processing method, Apparatus and system |
| CN107633403A (en) * | 2016-07-18 | 2018-01-26 | 北京网际威信科技有限公司 | Status verification method |
| CN107241362A (en) * | 2017-08-10 | 2017-10-10 | 青岛网信信息科技有限公司 | Recognize the method and apparatus that identifying code inputs user identity |
| CN108600215A (en) * | 2018-04-20 | 2018-09-28 | 中国联合网络通信集团有限公司 | Identifying code is anti-to steal method, apparatus and the network equipment |
| CN115759649A (en) * | 2022-11-22 | 2023-03-07 | 北京丹灵云科技有限责任公司 | Police material figure interconnection safety management and control method |
| CN115759649B (en) * | 2022-11-22 | 2024-03-29 | 北京丹灵云科技有限责任公司 | Police material character interconnection safety control method |
| CN116340930A (en) * | 2023-05-31 | 2023-06-27 | 一汽解放汽车有限公司 | Method, device, equipment and medium for confirming system change |
| CN116340930B (en) * | 2023-05-31 | 2023-08-15 | 一汽解放汽车有限公司 | Method, device, equipment and medium for confirming system change |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105592005B (en) | 2020-06-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11700529B2 (en) | Methods and systems for validating mobile devices of customers via third parties | |
| CN105592005A (en) | Safety verification method, apparatus, and system | |
| CN108632253B (en) | Client data security access method and device based on mobile terminal | |
| US9326091B2 (en) | Near field communication automatic self-provisioning | |
| CN104637131A (en) | Authorization method and authorization device for access control system and access control system | |
| EP3337219A1 (en) | Carrier configuration processing method, device and system, and computer storage medium | |
| US11533599B2 (en) | Wireless service provider system for selling and/or activating wireless services for a wireless device | |
| EP2712220A1 (en) | Telecom smart card, air writing card system and air writing card method | |
| US10560845B1 (en) | Using a change in information and cellular account attributes associated with a mobile device network ID as risk indicators in mobile network-based authentication | |
| CN104185179A (en) | Control apparatus and method for subscriber identity module, and subscriber identity module | |
| US11575671B2 (en) | Network ID device history and mobile account attributes used as a risk indicator in mobile network-based authentication | |
| EP3675541A1 (en) | Authentication method and device | |
| CN105577375A (en) | Identity authentication method and device | |
| CN104836778A (en) | Method, device and system for realizing identifying code | |
| CN104640112A (en) | Authentication method, device and system | |
| WO2018166142A1 (en) | Authentication processing method and apparatus | |
| US10623961B1 (en) | Using a change in information associated with a mobile device network ID as a risk indicator in mobile network-based authentication | |
| EP3267708A1 (en) | Method, server and system for sending data from a source device to a destination device | |
| US20200245142A1 (en) | Mobile number device history used as a risk indicator in mobile network-based authentication | |
| KR101498000B1 (en) | System and method for managing patient management service in wireless communication network comprising patient management server node and communication service server node | |
| KR20140001264A (en) | Mobile device sales kiosk and mobile device sales system | |
| KR20150050298A (en) | Payment method using fingerprint, user terminal and payment relay server | |
| US11490233B2 (en) | Wireless service provider system and process for providing customizable wireless service for a wireless device | |
| US20160328699A1 (en) | Method and apparatus for processing data | |
| KR101542099B1 (en) | Method for SNS Account Registration and Access Authentication of WiFi |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |