CN105678125B - A kind of user authen method, device - Google Patents

A kind of user authen method, device Download PDF

Info

Publication number
CN105678125B
CN105678125B CN201410670073.1A CN201410670073A CN105678125B CN 105678125 B CN105678125 B CN 105678125B CN 201410670073 A CN201410670073 A CN 201410670073A CN 105678125 B CN105678125 B CN 105678125B
Authority
CN
China
Prior art keywords
user
behavioral data
terminal
touches
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410670073.1A
Other languages
Chinese (zh)
Other versions
CN105678125A (en
Inventor
王志扬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201410670073.1A priority Critical patent/CN105678125B/en
Publication of CN105678125A publication Critical patent/CN105678125A/en
Application granted granted Critical
Publication of CN105678125B publication Critical patent/CN105678125B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • User Interface Of Digital Computer (AREA)
  • Collating Specific Patterns (AREA)
  • Telephone Function (AREA)

Abstract

The application provides a kind of user authen method, which comprises the user for receiving terminal acquisition touches behavioral data;Judge that the user touches the habit touch behavior whether behavioral data matches the authorized user of the terminal;If so, determining the user for authorized user;If not, determining the user for unauthorized user, the user that the application is acquired based on terminal touches behavioral data and carries out authentication, is not easy counterfeit, and safety is more preferable;And authentication can be completed to user in the unwitting situation of user, there is certain crypticity, therefore when terminal is lost, the leakage of personal information will not be caused.

Description

A kind of user authen method, device
Technical field
This application involves field of terminal technology more particularly to a kind of user authen method and devices.
Background technique
In existing realization, authentication is carried out to user, is normally based on user name-password or physiological characteristic (example Such as fingerprint) it is authenticated.
For based on user name-password identification authentication mode, due to much being applied in current mobile device, for example (,) it is micro- Believe, know, everybody etc. social applications, usually only the identity of user is authenticated when user logs in for the first time, user only needs An account and password are inputted, subsequent user is no longer needed for repeatedly inputting account and password when using the application, therefore works as After mobile device is lost, these accounts and password are also at a kind of stolen status, and the personal information of user will be let out at this time Dew, to cause damages.
For the identification authentication mode based on physiological characteristic, although highly-safe in user name-password authentication side Then formula but exists and is easy to the shortcomings that forging, such as counterfeiter can be smooth by one fingerprint authentication equipment of purchase By authentication, to achieve the purpose that steal userspersonal information.
Summary of the invention
To solve the problems, such as that background technique, the application provide one kind in user authen method and device.
According to the embodiment of the present application in a first aspect, the application proposes a kind of user authen method, apply in server-side, institute The method of stating includes:
The user for receiving terminal acquisition touches behavioral data;
Judge that the user touches the habit touch behavior whether behavioral data matches the authorized user of the terminal;
If so, determining the user for authorized user;
If not, determining the user for unauthorized user.
Optionally, the user touch finger contact area, contact position, time of contact that behavioral data includes: user, One or more combination in the information such as press pressure and glide direction.
Optionally, described to judge that the user touches the habit touching whether behavioral data matches the authorized user of the terminal Before touching behavior, further includes:
The user for collecting the terminal acquisition touches behavioral data;
Behavioral data is touched to the user being collected into and carries out data cleansing;
The user after data cleansing is touched into behavioral data and is organized into vector, and is chosen to be white sample, and from originally The user of the other users stored in ground database touches the black sample that preset quantity is selected in behavioral data;
Classified calculating is carried out to the selected white sample and the black sample according to default sorting algorithm, is determined described The classifying face of white sample and the black sample.
Optionally, described to judge that the user touches the habit touching whether behavioral data matches the authorized user of the terminal The behavior of touching includes:
The user received touch behavioral data is organized into vector;
Judge whether the vector sorted out is located at the white sample side of the classifying face;
When the vector is located at the white sample side of the classifying face, determine that the user touches described in behavioral data matching The habit of the authorized user of terminal touches behavior;
When the vector is located at the black sample side of the classifying face, determine that the user touches behavioral data and mismatches institute The habit for stating the authorized user of terminal touches behavior.
Optionally, the method also includes:
When the vector is located at the black sample side of the classifying face, the vector and the classifying face are further calculated Distance;
When the distance is greater than threshold value, determine that the user touches the authorized user that behavioral data mismatches the terminal Habit touch behavior;
When the distance is less than threshold value, the corresponding user of behavioral data is touched to the user and is further recognized Card determines that the user touches the habit touch row that behavioral data matches the authorized user of the terminal if certification passes through For.
Optionally, the method also includes:
According to preset period of time, the user for periodically updating the terminal acquisition being collected into touches behavioral data, And behavioral data is touched for the updated user according to the default sorting algorithm and carries out classified calculating, to described point Class face is updated.
According to the second aspect of the embodiment of the present application, the application proposes a kind of user authentication device, applies in server-side, institute Stating device includes:
Receiving module touches behavioral data by the user of terminal acquisition for receiving;
Judgment module, for judging that the user touches the habit whether behavioral data matches the authorized user of the terminal Touch behavior;
If so, determining the user for authorized user;
If not, determining the user for unauthorized user.
Optionally, the user touch finger contact area, contact position, time of contact that behavioral data includes: user, One or more combination in the information such as press pressure and glide direction.
Optionally, described device further include:
Collection module, the user for collection terminal acquisition touch behavioral data;
Cleaning module carries out data cleansing for touching behavioral data to the user being collected into;
Categorization module is organized into vector for the user after data cleansing to be touched behavioral data, and is chosen to be white Sample, and the black sample that preset quantity is selected in behavioral data is touched from the user of the other users stored in local data base This;Classified calculating is carried out to the selected white sample and the black sample according to default sorting algorithm, determines the white sample The classifying face of this and the black sample.
Optionally, the judgment module is further used for:
The user that receiving module receives is touched into behavioral data and is organized into vector, whether judges the vector sorted out Positioned at the white sample side of the classifying face;When the vector is located at the white sample side of the classifying face, the user is determined The habit for touching the authorized user that behavioral data matches the terminal touches behavior;When the vector is located at the black of the classifying face Sample side determines that the user touches the habit touch behavior that behavioral data mismatches the authorized user of the terminal.
Optionally, the judgment module is further used for:
When the vector is located at the black sample side of the classifying face, the vector and the classifying face are further calculated Distance;
When the distance is greater than threshold value, determine that the user touches the authorized user that behavioral data mismatches the terminal Habit touch behavior;
When the distance is less than threshold value, the corresponding user of behavioral data is touched to the user and is further recognized Card determines that the user touches the habit touch row that behavioral data matches the authorized user of the terminal if certification passes through For.
Optionally, the collection module is further used for:
According to preset period of time, the user for periodically updating the terminal acquisition being collected into touches behavioral data;
The categorization module is further used for: touching row for the updated user according to the default sorting algorithm Classified calculating is carried out for data, to be updated to the classifying face.
According to the third aspect of the embodiment of the present application, the application proposes a kind of user authentication device, comprising:
Processor;For storing the memory of the processor-executable instruction;
Wherein, the processor is configured to:
The user for receiving terminal acquisition touches behavioral data;
Judge that the user touches the habit touch behavior whether behavioral data matches the authorized user of the terminal;
If so, determining the user for authorized user;
If not, determining the user for unauthorized user.
The application from existing realization using based on the active certifications mode such as user name-password or physiological characteristic it is different It is to use a kind of passive certificate scheme, server-side touches behavioral data and the end by the user for acquiring terminal on backstage The habit of the authorized user at end touches behavior and matches, to determine whether the user is authorized user;In existing realization User authentication mode is compared, and carries out authentication since the application touches behavioral data based on the user that terminal acquires, no Easily counterfeit, safety is more preferable;And the application can complete authentication to user in the unwitting situation of user, have one Fixed crypticity, therefore when terminal is lost, the leakage of personal information will not be caused.
Detailed description of the invention
Fig. 1 is a kind of flow chart for user authen method that one embodiment of the application provides;
Fig. 2 is the flow chart for another user authen method that one embodiment of the application provides;
Fig. 3 is the schematic diagram for the classifying face that one embodiment of the application provides;
Fig. 4 is the logical construction schematic diagram for the user authentication device that one embodiment of the application provides;
Fig. 5 is the structural schematic diagram of the operation carrier for the carrying user authentication device that one embodiment of the application provides.
Specific embodiment
The application proposes a kind of user authen method, touches behavioral data and the terminal by the user for acquiring terminal The habit of authorized user touches behavior and matches, to determine whether the user is authorized user;With the user in existing realization Authentication mode is compared, and is carried out authentication since the application touches behavioral data based on the user that terminal acquires, is not easy to imitate It emits, safety is more preferable;And the application can complete authentication to user in the unwitting situation of user, have centainly Crypticity, therefore when terminal is lost, the leakage of personal information will not be caused.
The application is described below by specific embodiment and in conjunction with different application example.
Referring to FIG. 1, Fig. 1 is a kind of user authen method that one embodiment of the application provides, the executing subject of this method It can be server-side;It the described method comprises the following steps:
Step 101, the user for receiving terminal acquisition touches behavioral data;
In the present embodiment, it may include finger contact surface of the user in operating terminal that the user, which touches behavioral data, One or more combination in the characteristic parameters such as product, contact position, time of contact, press pressure and glide direction, therefore Terminal can be realized when acquiring above-mentioned user's touch behavioral data by the touch event of monitoring users;For example, terminal can With the touch event of real-time monitoring users, then on backstage by the user listened in operating terminal when occur sliding, point It hits the relevant information collection of equal touch events to get off, and is uploaded to server-side.
It is worth noting that it is logical can only to acquire those when acquiring the touch behavioral data of user for terminal when realizing The touch behavioral data of the user tentatively authenticated is crossed, for example, terminal can carry out just user based on user name-password mode Step certification, only acquires the touch behavioral data for the user that those have input correct username and password;Certainly, if the end The preliminary certification or this programme is not supported (for example to be replaced hand with this programme as system-level user authen method in end The function of machine lock), terminal can default the acquisition that all users touch with behavioral data, and be uploaded to server-side;Due to The user uploaded at this time touches in behavioral data, may touch behavioral data comprising the user of some unauthorized users, therefore A preliminary screening or server-side can be carried out to the data that terminal uploads in service end side to handle to data When, the user that the user touches the unauthorized user for including in behavioral data is touched into behavioral data in the data cleansing stage and is picked It removes.
Step 102, judge that the user touches the habit touch whether behavioral data matches the authorized user of the terminal Behavior;If so, determining the user for authorized user;If not, determining the user for unauthorized user.
In the present embodiment, server-side touches behavioral data in the user for receiving terminal acquisition, carries out to the user When authentication, the user of the user can be touched to the habit of behavioral data and the preset authorized user for being used to characterize the terminal The data model of used touch behavior is matched, thus to confirm whether the user is authorized user.
The data model can be server-side for largely by user's touch behavioral data progress mould of terminal acquisition It is obtained after type training.Server-side, can be according to pre- when touching behavioral data progress data model training for the user If machine learning classification algorithm, for example, the machine learning classification algorithm may include SVM algorithm, GBDT algorithm, decision tree The collected user of this terminal is touched behavioral data and is chosen to be white sample, by local data base by algorithm, KNN algorithm scheduling algorithm The user of other users of middle storage touches behavioral data (including using the user of other users of the terminal to touch behavioral data With the user's touch behavioral data for using other terminals) it is chosen to be black sample, when realizing, the black sample can be selected preferentially Those touch behavioral data using the user of other users of present terminal, if the user of other users using present terminal Touch behavioral data data volume it is less is not enough to complete to calculate, can also be stored from local data base again using other ends The user at end touches in behavioral data and extracts a part of data as black sample.It, can after the completion of black sample and white sample are selected To carry out classified calculating for selected white sample and black sample, so that it is determined that the classifying face of the white sample and black sample out.
Specifically, carrying out classified calculating to selected white sample and black sample according to preset machine learning classification algorithm When, data cleansing can be carried out to selected white sample and black sample first, by some invalid and missing data or white sample The user of some unauthorized users mixed in this touches behavioral data and rejects, and by the data after cleaning be organized into respectively to Amount, then according to preset sorting algorithm to after being organized into vector white sample and black sample calculate, and finally determine The classifying face of white sample and black sample.Certainly, if when realizing, the same terminal is there are when multiple authorized users, server-side Classifying face will be calculated separately for multiple authorized user, i.e. server-side needs to distinguish for each authorized user of the same terminal Establish a classifying face.
Wherein, the classifying face can classify to selected white sample and black sample, i.e., by server-side classification meter White sample and black sample vector after calculation, are located at the two sides of calculated classifying face.By in this present embodiment using described The collected user of terminal touches behavioral data as white sample, the user of the other users stored in server-side local data base Behavioral data is touched as black sample, therefore the classifying face can be used for characterizing using the authorized user of the terminal and other use The customary difference of the touch at family.
In the present embodiment, after server-side calculates the classifying face of the black sample and the white sample, the data Model training finishes, and the subsequent user that can be acquired the terminal received touches behavioral data and data model progress Match to determine using whether the user of the terminal is authorized user.
Specifically, there is still a need for what will be received to be organized by the collected user's touch behavioral data of the terminal for server-side Then vector the vector sorted out is compared with the classifying face, if the vector is located at the white sample of the classifying face Then should then can be determined that the user touches the habit touch behavior that behavioral data matches the authorized user of the terminal side User is authorized user;On the contrary, can be determined that user's touching if the vector is located at the black sample side of the classifying face The habit for touching the authorized user that behavioral data mismatches the terminal touches behavior, which is unauthorized user.Certainly, it is realizing When, the data model can also be synchronized to terminal by server-side, confirm user since above-mentioned matching process is executed by terminal Whether it is authorized user, is no longer described in detail.
In the present embodiment, for authorized user, can normally pass through into the system of terminal or into certification Using progress normal operating;For unauthorized user, its system for entering terminal can be refused, or user is currently made It removes in application in the userspersonal information that system background saves, and user is authenticated again;For example, this programme can With the user authentication for system level, for example it may be substituted for the function of cell-phone lock, when user is judged as unauthorized use Behind family, mobile phone can be directly locked;This programme can also carry out user authentication for some specific applications installed in terminal, For example Alipay wallet can be close by the user name saved in Alipay wallet after user is judged as unauthorized user Code is removed, and user is prompted to re-enter account number cipher.
In the embodiment above, server-side touches behavioral data by the user that collection terminal uploads, according to what is be collected into The user that user touches the other users stored in behavioral data and local data base touches behavioral data and carries out classification based training, The data model of the habit touch behavior for the authorized user that can characterize terminal is trained, and when authenticating to user, it will Terminal acquisition user touch behavioral data matched with the data model, by judge the user operation behavior whether The habit for matching authorized user touches behavior, to determine whether the user is authorized user;With the user authentication in existing realization Mode is compared, and is carried out authentication since the application touches behavioral data based on the user that terminal acquires, is not easy counterfeit, safety More preferably;And the application can complete authentication to user in the unwitting situation of user, have certain crypticity, because This will not cause the leakage of personal information when terminal is lost.
Referring to FIG. 2, Fig. 2 is a kind of user authen method that one embodiment of the application provides, the executing subject of this method It can be server, the server can be server, server cluster and the cloud platform that authentication is carried out to user; It the described method comprises the following steps:
The user that step 201, collection terminal acquire touches behavioral data;
Step 202 touches behavioral data progress data cleansing to the user being collected into;
User touch behavioral data after data cleansing is organized into vector, and is chosen to be white sample by step 203, And the black sample that preset quantity is selected in behavioral data is touched from the user of the other users stored in local data base;
Step 204 carries out classified calculating to the selected white sample and the black sample according to default sorting algorithm, really Make the classifying face of the white sample and the black sample;
Step 205, the user for receiving terminal acquisition touch behavioral data, and the user received is touched behavioral data and is arranged At vector, and judge whether the vector is located at the white sample side of the classifying face;
Step 206, when the vector is located at the white sample side of the classifying face, determine the user for authorized user;When The vector is located at the black sample side of the classifying face, determines the user for unauthorized user.
In the present embodiment, it may include finger contact surface of the user in operating terminal that the user, which touches behavioral data, One or more combination in the information such as product, contact position, time of contact, press pressure and glide direction, therefore terminal When acquiring user's touch behavioral data, can be realized by the touch event of monitoring users;For example, terminal can be real When monitoring users touch event, then on backstage by the user listened in operating terminal when sliding, the click etc. that occur The relevant information collection of touch event is got off, and is uploaded to server-side.
It is worth noting that terminal can be based on user name-password when acquiring the behavioral data of user when realizing Mode user is tentatively authenticated, only acquire the touch behavior number for the user that those have input correct username and password According to;For example, it is assumed that this programme is used to carry out user identity authentication to some specific applications installed in terminal, for example this programme can To be used to carry out user identity authentication to similar to payment application as Alipay wallet, therefore terminal is in the touching for acquiring user When touching behavioral data, the behavioral data for the user that those have input correct username and password can be only acquired, then will be adopted The data collected are uploaded to server.When realizing, this programme is also used as system-level user authen method, for example utilizes The application replaces the function of cell-phone lock, therefore for this system-level application scenarios, terminal can be defaulted to all uses The user of the terminal touch the acquisition of behavioral data, and is uploaded to server;Since under the application scenarios, terminal is uploaded User touch in behavioral data, behavioral data may be touched comprising the user of some unauthorized users, therefore can taken Business device side carries out a preliminary screening to the data that terminal uploads, or when server handles data, in data The user that the user touches the unauthorized user for including in behavioral data is touched behavioral data and rejected by wash phase.
In the present embodiment, server touches behavioral data in the user for receiving terminal acquisition, carries out to the user When authentication, the user of the user can be touched to the habit of behavioral data and the preset authorized user for being used to characterize the terminal The data model of used touch behavior is matched, to confirm whether the user is authorized user.
Wherein, the data model can be server for largely by user's touch behavioral data of terminal acquisition It is obtained after progress model training.Server, can be with when touching behavioral data for the user and carrying out data model training According to preset machine learning classification algorithm, the collected user of terminal is touched into behavioral data and is chosen to be white sample, it will be local The user of the other users stored in database touches behavioral data (including using the user of other users of the terminal to touch row Behavioral data is touched for data and using the user of other terminals) it is chosen to be black sample, when realizing, the black sample can be excellent It first selectes those and touches behavioral data using the user of other users of present terminal, if using other users of present terminal User touch behavioral data data volume it is less be not enough to complete to calculate, the use that can also be stored from local data base again The user of other terminals touches in behavioral data and extracts a part of data as black sample.When black sample and the selected completion of white sample Afterwards, classified calculating can be carried out for selected white sample and black sample, so that it is determined that point of the white sample and black sample out Class face.Wherein, Fig. 3 is referred to, the classifying face can classify to selected white sample and black sample, that is, pass through server White sample and black sample vector after classified calculating, are located at the two sides of calculated classifying face.The machine learning classification Algorithm, main technology and algorithm comprising classifying to data, such as the machine learning classification algorithm may include that SVM is calculated Method, GBDT algorithm, decision Tree algorithms, KNN algorithm scheduling algorithm effectively can make modeling to data and carry out data classification, and have very well Prediction effect;By touching behavioral data as white sample, service using the collected user of the terminal in this present embodiment The user of the other users stored in device local data base touches behavioral data as black sample, therefore the classifying face can be used The customary difference of touch of the authorized user and other users of the terminal are used in characterization.
In the present embodiment, server according to preset machine learning classification algorithm to selected white sample and black sample When carrying out classified calculating, data cleansing can be carried out to selected white sample and black sample first, it will be some invalid and missing The users of some unauthorized users mixed in data or white sample touches behavioral data and rejects, and by the data after cleaning It is organized into vector respectively, is then calculated according to preset sorting algorithm based on the vector sorted out, and finally determine white The classifying face of sample and black sample.Certainly, if when realizing, for the same terminal there are when multiple authorized users, server-side will Classifying face is calculated separately for multiple authorized user, i.e. server-side needs to build respectively for each authorized user of the same terminal Found a classifying face.
Wherein, it is worth noting that, server arranges white sample and black sample after becoming vector, and the vector sorted out can To be multi-C vector;For example, as can be seen from the above description, the user, which touches behavioral data, in the present embodiment can be user In the characteristic parameters such as finger contact area, contact position, time of contact, press pressure and glide direction in operating terminal One or more combination, therefore when the user touches the combination that behavioral data is multiple characteristic parameters, it arranges at this time Vector out will be rendered into a kind of form of multi-C vector, and theoretically the dimension of the vector is higher, and server is by classification meter The data model trained after calculation is then more accurate, therefore when realizing, the user touches behavioral data can be as far as possible The combination for selecting different characteristic parameters.
In the present embodiment, after server calculates the classifying face of the black sample and the white sample, the data Model training finishes, and the subsequent user that can be acquired the terminal received touches behavioral data and data model progress Match to determine using whether the user of the terminal is authorized user.
Specifically, there is still a need for what will be received to be organized by the collected user's touch behavioral data of the terminal for server Then vector the vector sorted out is compared with the classifying face, if the vector is located at the white sample of the classifying face Then should then can be determined that the user touches the habit touch behavior that behavioral data matches the authorized user of the terminal side User is authorized user;On the contrary, can be determined that user's touching if the vector is located at the black sample side of the classifying face The habit for touching the authorized user that behavioral data mismatches the terminal touches behavior, which is unauthorized user.Certainly, it is realizing When, the data model can also be synchronized to terminal by server, confirm user since above-mentioned matching process is executed by terminal Whether it is authorized user, is no longer described in detail.
In the present embodiment, for authorized user, can normally pass through into the system of terminal or into certification Using progress normal operating;For unauthorized user, its system for entering terminal can be refused, or user is currently made It removes in application in the userspersonal information that system background saves, and user is authenticated again;For example, this programme can With the user authentication for system level, for example it may be substituted for the function of cell-phone lock, when user is judged as unauthorized use Behind family, mobile phone can be directly locked;This programme can also carry out user authentication for some specific applications installed in terminal, For example Alipay wallet can be close by the user name saved in Alipay wallet after user is judged as unauthorized user Code is removed, and user is prompted to re-enter account number cipher.
In the embodiment above, server-side touches behavioral data by the user that collection terminal uploads, according to what is be collected into The user that user touches the other users stored in behavioral data and local data base touches behavioral data and carries out classification based training, The data model of the habit touch behavior for the authorized user that can characterize terminal is trained, and when authenticating to user, it will Terminal acquisition user touch behavioral data matched with the data model, by judge the user operation behavior whether The habit for matching authorized user touches behavior, to determine whether the user is authorized user;With the user authentication in existing realization Mode is compared, and is carried out authentication since the application touches behavioral data based on the user that terminal acquires, is not easy counterfeit, safety More preferably;And the application can complete authentication to user in the unwitting situation of user, have certain crypticity, because This will not cause the leakage of personal information when terminal is lost.
As previously mentioned, in practical applications, user's touch behavioral data that terminal uploads is likely to mix some unauthorized The touch behavioral data of user, and, in some special scenes, such as crowded public arena, user is in operating terminal When, it is possible that some be different from the abnormal operation for touching habit, behavior number is touched so as to cause the user that terminal is collected into According to the operating habit for deviateing user, therefore for this kind of data, if server-side fails to reject in time during data cleansing, It may result in server to judge by accident when carrying out authentication to user.Therefore, in another alternative embodiment, exist On the basis of above embodiments, the user received touch behavioral data is being organized into vector by server, and will be sorted out It, can be further if the vector is located at the black sample side of the classifying face when classifying face described in vector sum is compared The vector is calculated at a distance from the classifying face, if calculated distance is greater than threshold value, can directly determine that the user is Unauthorized user;If calculated distance is less than threshold value, the vector and the classifying face are very close at this time, it is likely that deposit It is judging by accident, therefore the user can further authenticated, for example user name-password or other certifications can be based on Mode authenticates the user, if certification passes through, it is possible to determine that the user is authorized user.
In the embodiment above, it is located at the black of the classifying face by touching the corresponding vector of behavioral data in the user When sample side, the vector is calculated at a distance from classifying face, and when calculated distance is less than threshold value, which is carried out into one The certification of step, and after certification passes through, determine that the user for authorized user, can effectively reduce the erroneous judgement of server-side.
In another alternative embodiment, on the basis of above embodiments, since user is in the process of using terminal In, over time, the operating habit of user can also may change over time, therefore server-side may be used also To set a modeling period (preset period of time), periodically the data model is carried out more according to modeling period Newly;Specifically, server-side can periodically update the user uploaded by terminal being collected into and touch behavior according to modeling period Data, and behavioral data progress classified calculating is touched for the updated user according to default sorting algorithm and obtains classification Face is updated with calculating the classifying face to a upper modeling period, so as to avoid the operating habit of user with After the passage of time changes, server-side is caused to judge by accident.
In the embodiment above, by setting modeling period, and modeling period periodically carries out the data model Update, can to avoid the operating habit as user changes over time and caused by server-side judge by accident.
Corresponding with above method embodiment, present invention also provides a kind of embodiments of user authentication device.It refers to Fig. 4, the application also propose a kind of user authentication device 40, are applied to server-side, such as the server-side can be server;Its In, refer to Fig. 5, as the operation carrier of the application device 40, the server-side typically at least include CPU, memory, it is non-easily The property lost memory, network interface and internal bus etc.;Taking software implementation as an example, the application device 40 is it is generally understood that add Computer program in memory is carried, the logic device combined by the software and hardware formed after CPU operation;Described device 40 Include:
Receiving module 401 touches behavioral data by the user of terminal acquisition for receiving;
Judgment module 402, for judging whether user's touch behavioral data matches the authorized user's of the terminal It is accustomed to touch behavior;If so, determining the user for authorized user;If not, determining the user for unauthorized user.
In the present embodiment, described device further include:
Collection module 403, the user for collection terminal acquisition touch behavioral data;
Cleaning module 404 carries out data cleansing for touching behavioral data to the user being collected into;
Categorization module 405 is organized into vector for the user after data cleansing to be touched behavioral data, and is chosen to be White sample, and the black sample that preset quantity is selected in behavioral data is touched from the user of the other users stored in local data base This;Classified calculating is carried out to the selected white sample and the black sample according to default sorting algorithm, determines the white sample The classifying face of this and the black sample.
In the present embodiment, the judgment module 402 is further used for:
The user that receiving module receives is touched into behavioral data and is organized into vector, whether judges the vector sorted out Positioned at the white sample side of the classifying face;When the vector is located at the white sample side of the classifying face, the user is determined The habit for touching the authorized user that behavioral data matches the terminal touches behavior;When the vector is located at the black of the classifying face Sample side determines that the user touches the habit touch behavior that behavioral data mismatches the authorized user of the terminal.
In the present embodiment, the judgment module 402 is further used for:
When the vector is located at the black sample side of the classifying face, the vector and the classifying face are further calculated Distance;
When the distance is greater than threshold value, determine that the user touches the authorized user that behavioral data mismatches the terminal Habit touch behavior;
When the distance is less than threshold value, the corresponding user of behavioral data is touched to the user and is further recognized Card determines that the user touches the habit touch row that behavioral data matches the authorized user of the terminal if certification passes through For.
In the present embodiment, the collection module 403 is further used for:
According to preset period of time, the user for periodically updating the terminal acquisition being collected into touches behavioral data;
The categorization module is further used for: touching row for the updated user according to the default sorting algorithm Classified calculating is carried out for data, to be updated to the classifying face.
In the present embodiment, the user touches behavioral data and includes: the finger contact area of user, contact position, connects Touch one or more the combination in the information such as time, press pressure and glide direction.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The module of explanation may or may not be physically separated, and the component shown as module can be or can also be with It is not physical module, it can it is in one place, or may be distributed on multiple network modules.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Present invention also provides a kind of embodiments of server.
The server includes: processor, and the memory for storing the processor-executable instruction;Further, The server can also include input/output interface, network interface, various hardware etc..
The server can be configured as:
The user for receiving terminal acquisition touches behavioral data;
Judge that the user touches the habit touch behavior whether behavioral data matches the authorized user of the terminal;
If so, determining the user for authorized user;
If not, determining the user for unauthorized user.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the application Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the application Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the application are by following Claim is pointed out.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and And various modifications and changes may be made without departing from the scope thereof.Scope of the present application is only limited by the accompanying claims.

Claims (9)

1. a kind of user authen method is applied in server-side, which is characterized in that the described method includes:
The user for receiving terminal acquisition touches behavioral data;
The user is touched the corresponding vector of behavioral data to be compared with classifying face;Wherein, the classifying face be will be described The corresponding vector of the collected user behavior data of terminal is as white sample, by the use of the other users stored in local data base Family touches the corresponding vector of behavioral data as black sample and carries out classified calculating, the white sample and the black sample determined Classifying face;
If the user touches the white sample side that the corresponding vector of behavioral data is located at the classifying face, determine that the user is The authorized user of the terminal;
If the user touches the black sample side that the corresponding vector of behavioral data is located at the classifying face, institute is further calculated Vector is stated at a distance from the classifying face;When the distance is greater than threshold value, determine that the user is the unauthorized use of the terminal Family;When the distance is less than threshold value, the corresponding user of behavioral data is touched to the user and is further authenticated, if Certification passes through, then determines that the user is the authorized user of the terminal.
2. the method according to claim 1, wherein the user touches the finger that behavioral data includes: user One or more combination in the information such as contact area, contact position, time of contact, press pressure and glide direction.
3. the method according to claim 1, wherein the method also includes:
The user for collecting the terminal acquisition touches behavioral data;
Behavioral data is touched to the user being collected into and carries out data cleansing;
The user after data cleansing is touched into behavioral data and is organized into vector, and is chosen to be white sample, and from local number The black sample that preset quantity is selected in behavioral data is touched according to the user of the other users stored in library;
Classified calculating is carried out to the selected white sample and the black sample according to default sorting algorithm, determines the white sample The classifying face of this and the black sample.
4. according to the method described in claim 3, it is characterized in that, the method also includes:
According to preset period of time, the user for periodically updating the terminal acquisition being collected into touches behavioral data, and root Behavioral data is touched for the updated user according to the default sorting algorithm and carries out classified calculating, to the classifying face It is updated.
5. a kind of user authentication device is applied in server-side, which is characterized in that described device includes:
Receiving module touches behavioral data by the user of terminal acquisition for receiving;
Judgment module is compared for the user to be touched the corresponding vector of behavioral data with classifying face;Wherein, described point Class face is using the corresponding vector of the collected user behavior data of the terminal as white sample, by what is stored in local data base If the user of other users touches the corresponding user of behavioral data and touches the corresponding vector of behavioral data positioned at described point The white sample side in class face determines that the user is the authorized user of the terminal;If it is corresponding that the user touches behavioral data Vector be located at the black sample side of the classifying face, further calculate the vector at a distance from the classifying face;When described When distance is greater than threshold value, determine that the user is the unauthorized user of the terminal;When the distance is less than threshold value, to the use Family touches the corresponding user of behavioral data and is further authenticated, if certification passes through, determines that the user is the end The authorized user at end.
6. device according to claim 5, which is characterized in that the user touches the finger that behavioral data includes: user One or more combination in the information such as contact area, contact position, time of contact, press pressure and glide direction.
7. device according to claim 5, which is characterized in that described device further include:
Collection module, the user for collection terminal acquisition touch behavioral data;
Cleaning module carries out data cleansing for touching behavioral data to the user being collected into;
Categorization module is organized into vector for the user after data cleansing to be touched behavioral data, and is chosen to be white sample, And the black sample that preset quantity is selected in behavioral data is touched from the user of the other users stored in local data base;According to Default sorting algorithm carries out classified calculating to the selected white sample and the black sample, determines the white sample and described The classifying face of black sample.
8. device according to claim 7, which is characterized in that the collection module is further used for:
According to preset period of time, the user for periodically updating the terminal acquisition being collected into touches behavioral data;
The categorization module is further used for: touching behavior number for the updated user according to the default sorting algorithm According to classified calculating is carried out, to be updated to the classifying face.
9. a kind of user authentication device characterized by comprising
Processor;For storing the memory of the processor-executable instruction;
Wherein, the processor is configured to:
The user for receiving terminal acquisition touches behavioral data;
The user is touched the corresponding vector of behavioral data to be compared with classifying face;Wherein, the classifying face be will be described The corresponding vector of the collected user behavior data of terminal is as white sample, by the use of the other users stored in local data base Family touches the corresponding vector of behavioral data as black sample and carries out classified calculating, the white sample and the black sample determined Classifying face;If the user touches the white sample side that the corresponding vector of behavioral data is located at the classifying face, determining should User is the authorized user of the terminal;If the user touches behavioral data, corresponding vector is located at the black of the classifying face Sample side further calculates the vector at a distance from the classifying face;When the distance is greater than threshold value, the user is determined For the unauthorized user of the terminal;When the distance is less than threshold value, the corresponding user of behavioral data is touched to the user It is further authenticated, if certification passes through, determines that the user is the authorized user of the terminal.
CN201410670073.1A 2014-11-20 2014-11-20 A kind of user authen method, device Active CN105678125B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410670073.1A CN105678125B (en) 2014-11-20 2014-11-20 A kind of user authen method, device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410670073.1A CN105678125B (en) 2014-11-20 2014-11-20 A kind of user authen method, device

Publications (2)

Publication Number Publication Date
CN105678125A CN105678125A (en) 2016-06-15
CN105678125B true CN105678125B (en) 2019-02-19

Family

ID=56958016

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410670073.1A Active CN105678125B (en) 2014-11-20 2014-11-20 A kind of user authen method, device

Country Status (1)

Country Link
CN (1) CN105678125B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12039021B2 (en) 2019-03-07 2024-07-16 British Telecommunications Public Limited Company Multi-level classifier based access control

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107786528B (en) * 2016-08-31 2020-09-22 阿里巴巴集团控股有限公司 Application login method and device and communication system
CN106791195A (en) * 2017-02-20 2017-05-31 努比亚技术有限公司 A kind of operation processing method and device
CN107194216A (en) * 2017-05-05 2017-09-22 中南大学 A kind of mobile identity identifying method and system of the custom that swiped based on user
CN107944871A (en) * 2017-11-16 2018-04-20 中国银行股份有限公司 Identity identifying method, device, computer equipment and computer-readable recording medium
CN109800548B (en) * 2017-11-17 2021-02-02 深圳市鹰硕技术有限公司 Method and device for preventing personal information from being leaked
WO2020024117A1 (en) * 2018-07-31 2020-02-06 华为技术有限公司 Fingerprint authentication method and device, storage medium, and computer program product
CN109635622A (en) * 2018-09-28 2019-04-16 阿里巴巴集团控股有限公司 Personal identification method, device and electronic equipment
CN109462691B (en) * 2018-10-27 2021-01-26 中国人民解放军战略支援部队信息工程大学 Implicit protection method and system based on multi-sensor data fusion
EP3935525A1 (en) * 2019-03-07 2022-01-12 British Telecommunications public limited company Access control
US10885160B1 (en) 2019-08-21 2021-01-05 Advanced New Technologies Co., Ltd. User classification
CN110516418A (en) * 2019-08-21 2019-11-29 阿里巴巴集团控股有限公司 A kind of operation user identification method, device and equipment
CN110795708A (en) * 2019-10-25 2020-02-14 支付宝(杭州)信息技术有限公司 Security authentication method and related device
CN110730459B (en) * 2019-10-25 2021-05-28 支付宝(杭州)信息技术有限公司 Method and related device for initiating near field communication authentication
CN110795722A (en) * 2019-10-25 2020-02-14 支付宝(杭州)信息技术有限公司 Deployment method and device of security authentication model and electronic equipment
CN110909327A (en) * 2019-11-08 2020-03-24 支付宝(杭州)信息技术有限公司 Abnormity detection model updating method and device and electronic equipment
CN111199027B (en) * 2019-12-30 2023-02-28 航天信息股份有限公司 User authentication method and device, computer-readable storage medium and electronic equipment
CN111935162A (en) * 2020-08-14 2020-11-13 山东云海国创云计算装备产业创新中心有限公司 Cloud file access method and device and related components

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102203794A (en) * 2011-06-01 2011-09-28 华为终端有限公司 A terminal authentication method and a device thereof
CN102637105A (en) * 2011-02-15 2012-08-15 鸿富锦精密工业(深圳)有限公司 Screen unlocking method
CN103678965A (en) * 2012-09-14 2014-03-26 百度在线网络技术(北京)有限公司 Method and device for protecting safety of mobile equipment
CN104007929A (en) * 2014-05-26 2014-08-27 南京泰锐斯通信科技有限公司 Gesture recognition based mobile terminal unlocking method and mobile terminal
CN104200147A (en) * 2014-09-04 2014-12-10 王洋 Identity authentication method and system based on touch screen equipment and security and privacy encryption method
CN104318138A (en) * 2014-09-30 2015-01-28 杭州同盾科技有限公司 Method and device for verifying identity of user

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102637105A (en) * 2011-02-15 2012-08-15 鸿富锦精密工业(深圳)有限公司 Screen unlocking method
CN102203794A (en) * 2011-06-01 2011-09-28 华为终端有限公司 A terminal authentication method and a device thereof
CN103678965A (en) * 2012-09-14 2014-03-26 百度在线网络技术(北京)有限公司 Method and device for protecting safety of mobile equipment
CN104007929A (en) * 2014-05-26 2014-08-27 南京泰锐斯通信科技有限公司 Gesture recognition based mobile terminal unlocking method and mobile terminal
CN104200147A (en) * 2014-09-04 2014-12-10 王洋 Identity authentication method and system based on touch screen equipment and security and privacy encryption method
CN104318138A (en) * 2014-09-30 2015-01-28 杭州同盾科技有限公司 Method and device for verifying identity of user

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12039021B2 (en) 2019-03-07 2024-07-16 British Telecommunications Public Limited Company Multi-level classifier based access control

Also Published As

Publication number Publication date
CN105678125A (en) 2016-06-15

Similar Documents

Publication Publication Date Title
CN105678125B (en) A kind of user authen method, device
KR102038851B1 (en) Method and system for verifying identities
JP5160911B2 (en) User authentication device, user authentication method, and user authentication program
US9509688B1 (en) Providing malicious identity profiles from failed authentication attempts involving biometrics
CN106650350B (en) Identity authentication method and system
CN106384027A (en) User identity recognition system and recognition method thereof
US10366217B2 (en) Continuous user authentication
KR102167602B1 (en) Trusted terminal verification method and apparatus
CN104426884A (en) Method for authenticating identity and device for authenticating identity
CN109600336A (en) Store equipment, identifying code application method and device
CN103745148A (en) Information protection method based on fingerprint recognition and mobile terminal
CN104392160A (en) Identity authentication method and identity authentication device
CN109558918A (en) A kind of certificate chain real estate electronics license system and its application method
CN110120928A (en) A kind of identity authentication method, device, server and computer-readable medium
CN105868610A (en) Method and system for realizing user authentication through biological characteristic information
CN110955677A (en) Identity verification method, device and system
CN104486306B (en) Identity authentication method is carried out based on finger hand vein recognition and cloud service
US10965696B1 (en) Evaluation of anomaly detection algorithms using impersonation data derived from user data
WO2022245581A1 (en) Methods and systems for facilitating secure authentication of users based on known data
CN105450412B (en) Identity identifying method and device
WO2016062200A1 (en) Fingerprint authentication method and apparatus, and server
US10511585B1 (en) Smoothing of discretized values using a transition matrix
CN107615299B (en) For assessing the method and system of fingerprint template
Yang et al. Retraining and dynamic privilege for implicit authentication systems
US10255558B1 (en) Managing knowledge-based authentication systems

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1225823

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200922

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20200922

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Patentee before: Alibaba Group Holding Ltd.

TR01 Transfer of patent right