CN106022030B - A kind of identity authorization system and method based on user's acquired behavior feature - Google Patents

A kind of identity authorization system and method based on user's acquired behavior feature Download PDF

Info

Publication number
CN106022030B
CN106022030B CN201610515015.0A CN201610515015A CN106022030B CN 106022030 B CN106022030 B CN 106022030B CN 201610515015 A CN201610515015 A CN 201610515015A CN 106022030 B CN106022030 B CN 106022030B
Authority
CN
China
Prior art keywords
dimension
behavior
user
variance
acquired
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610515015.0A
Other languages
Chinese (zh)
Other versions
CN106022030A (en
Inventor
刘明晶
张璐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHENZHEN ONE-CARD-PASS NEW TECHNOLOGY Co Ltd
Original Assignee
SHENZHEN ONE-CARD-PASS NEW TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHENZHEN ONE-CARD-PASS NEW TECHNOLOGY Co Ltd filed Critical SHENZHEN ONE-CARD-PASS NEW TECHNOLOGY Co Ltd
Priority to CN201610515015.0A priority Critical patent/CN106022030B/en
Publication of CN106022030A publication Critical patent/CN106022030A/en
Application granted granted Critical
Publication of CN106022030B publication Critical patent/CN106022030B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Social Psychology (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The present invention relates to a kind of identity authorization systems and method based on user's acquired behavior feature, including configuration module, acquisition module, sample process module, sample size judgment module, variance computing module, combination dimension module, acquired behavior dimension comprising modules and authentication module, through acquisition module acquisition other than the dimensions such as gesture and shaking, the also dimensions such as collection activity region, movement track, touching dynamics, trading activity, then extract multiple behavioural habits by data mining and carry out identification.Solves the problem of existing disposable acquisition for only relying on the initial stage obtains user behavior characteristics, can not capture the slight change of user's acquired behavior generation as time goes by, can not identify user when being more than critical value so as to cause Behavioral change.The present invention further decreases the risk that gesture motion is imitated or the non-authentication user caused by sampling passes through certification.

Description

A kind of identity authorization system and method based on user's acquired behavior feature
Technical field
The present invention relates to a kind of identity authorization systems and method based on user's acquired behavior feature.
Background technique
With popularizing for mobile Internet, smart phone is widely used in line because of its portability, exclusivity and privacy The scenes such as lower small amount payment, gate inhibition, public transport subway, while bringing convenience, there are still safety issues, such as:Because of hand Non-user caused by machine is lost or information is stolen uses mobile phone, causes property loss.
To improve safety, need to carry out identification certification to user identity in above-mentioned application scenarios, common method is divided into Three classes:Identification technology based on password is (such as:Numerical ciphers, gesture password), (such as face knows for identification technology based on biological characteristic Not, fingerprint recognition, iris recognition, Application on Voiceprint Recognition), and (gesture signature shakes the identification technology based on user behavior characteristics naturally It moves).
Identification technology based on password has the disadvantage that:(1) security level is low:Password is easy in storage or transmission process In be replicated or intercept and capture.In addition, being easy got a glimpse of by the people of surrounding, imitate, safety reduces when inputting password in public. (2) it is difficult to remember:In order to increase safety, different passwords would generally be arranged in multiple equipment, multiple applications in same user, It is easy to cause the case where forgetting Password and certification can not be passed through.(3) convenience is poor:It is quickly complete in needs such as public transport, subway gates When under the scene of certification and authorization, inputting complicated password or forget Password, speed, poor user experience are seriously affected.
Identification technology based on biological characteristic compensate for the identification technology based on password security level it is low, be difficult to remember, Deficiency in terms of convenience, but need to increase special identification equipment or processing module on smart phone, to mobile phone hardware It is more demanding with operating system processing capacity, it can not be popularized on all smart phones in a short time.
Identification technology based on user behavior characteristics remain the identification technology based on biological characteristic it is highly-safe, be not necessarily to The advantages of memory, easy to use etc., gravity, the distance etc. that most smart phones all have are relied primarily on hardware Sensor, universal difficulty substantially reduce.Current such technology there are the problem of:
1, behavioural characteristic acquisition is disposable completes, and slight change occurs as time goes by for user behavior characteristics, when being more than When critical value, user possibly can not pass through authentication.To guarantee safety, field verification body is needed when resurveying Part carries out assistant authentification using living things feature recognition, and convenience is affected.
2, behavioural characteristic, which is extracted, uses single dimension, such as:Controlled actuation (signature) or the sky of uncontrolled movement (shaking) Middle track, when identification accuracy is turned up, user possibly can not will appear again nothing when turning down identification accuracy by certification Method identifies illegal user.
Summary of the invention
In order to solve the following technical problem in the current various identity identifying methods based on user behavior:One, it only relies on The disposable acquisition of initial stage obtains user behavior characteristics, can not capture the thin of user's acquired behavior generation as time goes by Microvariations, so as to cause Behavioral change be more than critical value when can not identify user the problem of.Two, it is adopted when single authentication With single behavioural characteristic dimension, set accuracy, is affected to practical recognition result in algorithm.The present invention provides one Identity identifying method of the kind based on user's acquired behavior feature passes through continuous collecting and updates user behavior data, and introduce Multiple behavioural characteristic dimensions improve safety.
Technical solution of the invention:
A kind of identity authorization system based on user's acquired behavior feature, including configuration module:It is special according to the behavior of user The type of the dimension configuration primitive behavior set of data samples of sign;Type includes motion path, movement locus and trading activity;Configuration The sample size lower limit value and sample size upper limit value of each type of primitive behavior set of data samples;Configure the corresponding side of each dimension Poor critical value and the variance critical value of all dimensions combination;
Acquisition module:According to the type of the primitive behavior set of data samples of configuration, the various biographies carried by mobile terminal Sensor and application program acquire user's primitive behavior data sample of corresponding dimension;
Sample process module:After carrying out noise reduction process to the primitive behavior data sample of acquisition, added respectively according to dimension Primitive behavior data sample to corresponding types is concentrated;
Sample size judgment module:Judge whether primitive behavior data sample amount collected reaches corresponding primitive behavior data The sample size lower limit value of sample set:If reaching preset lower limit value, start variance computing module, if not up to pre-determined lower limit Value, then continue to execute acquisition module;
Variance computing module:Calculate the primitive behavior data that sample set quantity reaches the dimension of preset sample size lower limit value The variance of sample set;
Variance comparison module:Compare the size for calculating variance and the variance critical value of the corresponding dimension of configuration, if calculating side When difference is less than or equal to preset variance critical value, then determine that the corresponding user behavior of the dimension has stability;
Combine dimension module:Dimension used with stability is combined, the primitive behavior number of combination dimension is calculated After the variance of sample set, compare the size for calculating variance with the corresponding variance critical value for combining dimension of configuration, if calculating side When difference is less than or equal to the variance critical value of preset combination dimension, then determines that the corresponding user behavior of combination dimension has and stablize Property;
Acquired behavior dimension comprising modules:Each user establishes at least one acquired behavior dimension, acquired behavior dimension For dimension or dimension combination with stability;
Weight distribution module:According to the variance size of each dimension, different weights is assigned to each acquired behavior dimension p;
Authentication module:One or a set of behavioral data sample to be certified is acquired, respectively in corresponding acquired behavior dimension Upper carry out significance test, after inspection result is indicated with a variable T, authentication result V=Tp.
It further include that population data summarizes platform, the population data summarizes the acquired behavior dimension that platform collects each user Degree forms virtual community according to the similarity degree of acquired behavior dimension, and virtual community is fed back to weight distribution module;
The weight distribution module can also assign different power to each acquired behavior dimension according to virtual community information Weight p.
A kind of identity identifying method based on user's acquired behavior feature, includes the following steps:
1) it configures:
1.1) type of primitive behavior set of data samples is configured according to the dimension of the behavioural characteristic of user;Type includes movement Path, movement locus and trading activity;
1.2) the sample size lower limit value and sample size upper limit value of each type of primitive behavior set of data samples are configured;
1.3) the variance critical value of each corresponding variance critical value of dimension and the combination of all dimensions is configured;
2) foundation of primitive behavior set of data samples:
2.1) according to the type of the primitive behavior set of data samples of configuration, the various sensors that are carried by mobile terminal and Application program acquires user's primitive behavior data sample of corresponding dimension;
2.2) after carrying out noise reduction process to the primitive behavior data sample of acquisition, corresponding types are respectively added to according to dimension Primitive behavior data sample concentrate;
2.3) judge whether primitive behavior data sample amount collected reaches the sample of corresponding primitive behavior set of data samples This amount lower limit value:
If reaching preset lower limit value, then follow the steps 2.4);
If not up to preset lower limit value returns to step 2.1);
2.4) dimensional stability judges:
2.4.1 the primitive behavior set of data samples that sample set quantity reaches the dimension of preset sample size lower limit value) is calculated Variance;
2.4.2) compare calculate variance and the variance critical value of the corresponding dimension of configuration size, if calculate variance be less than etc. When preset variance critical value, then determine that the corresponding user behavior of the dimension has stability;It is preset if calculating variance and being greater than Variance critical value when, then give up the primitive behavior set of data samples;
2.4.3) dimension used with stability is combined, calculates the primitive behavior set of data samples of combination dimension Variance after, compare the size for calculating variance with the corresponding variance critical value for combine dimension of configuration, if calculating variance less than etc. When the variance critical value of preset combination dimension, then determine that combining the corresponding user behavior of dimension has stability;If calculating When variance is greater than the critical value of preset variance, then give up the primitive behavior set of data samples of the combination dimension;
3) habit sexual behaviour dimension is established:
3.1) each user suggests that at least one acquired behavior dimension, the acquired behavior dimension are with stability Dimension or dimension combination;
3.2) according to the distribution principle of configuration weight, different weight p is assigned to each acquired behavior dimension;
4) authenticating identity:One or a set of behavioral data sample to be certified is acquired, is tieed up respectively in corresponding acquired behavior Significance test is carried out on degree, inspection result is indicated with a variable T:
Behavioral data sample to be certified is compared with acquired behavior dimension, is overlapped according to acquired behavior dimension Degree assigns different values to inspection result T;After being weighted galassing to the inspection result T of all dimensions, certification knot is obtained Fruit V, authentication result V=Tp;
5) authorization:It is completed according to authentication result when time authorization.
It further include analysis virtual community step:The acquired behavior dimension for collecting each user, according to acquired behavior dimension Similarity degree forms virtual community, for referring to when weight distribution;
Corresponding step 3.2) can also be:Different power is assigned to each acquired behavior dimension according to virtual community information Weight p.
The parameter of motion path includes:Enter and leave the time point of specific position;
The parameter of movement locus includes:Space angle and acceleration;
The parameter of trading activity includes:Trading object, type of transaction, exchange hour and transaction amount.
It further include the sample data update step of primitive behavior set of data samples:
When sample size after reaching the upper limit, while one new samples of every increase, primitive behavior data sample is concentrated most An early behavioral data sample is eliminated.
The basic step of authorization:
1) it is actively added by user in advance, or the authorization rule provided using operation system is agreed in confirmation;
2) authorization rule of each business is configured, establishes the corresponding relationship of identity authentication result and authorization privilege;
3) it after user completes the authentication once based on acquired behavior feature, is awarded by when time identity authentication result inquiry Power rule is authorized according to authorization rule to when time operation.
Step 3.2) assign weight principle be:The confidence level of each dimension is according to the calculating variance for combining dimension and presets The deviation size of variance critical value is calculated;Deviation is bigger, and confidence level is lower, then weight is smaller;Deviation is smaller, and confidence level is got over Height, then weight is bigger.
Beneficial effects of the present invention:
1, disposable acquisition behavior sample is solved, after user behavior habit changes over time, differentiates result More than critical value, user can not need the problem of resurveying sample by certification.
2, the safety is improved:The present invention also increases zone of action, movement track, touching other than the dimensions such as gesture and shaking The dimensions such as impact force degree, trading activity extract multiple behavioural habits by data mining and carry out identification, further decrease gesture The risk that movement is imitated or the non-authentication user caused by sampling passes through certification.
Detailed description of the invention
Fig. 1 is that the present invention is based on the structure charts of the identity authorization system of user's acquired behavior feature;
Fig. 2 is the structure chart of another identity authorization system based on user's acquired behavior feature;
Fig. 3 is that the present invention is based on the flow charts of the identity identifying method of user's acquired behavior feature.
Specific embodiment
As shown in Figure 1, a kind of identity authorization system based on user's acquired behavior feature, including
Configuration module:The type of primitive behavior set of data samples is configured according to the dimension of the behavioural characteristic of user;Type packet Include motion path, movement locus and trading activity;Configure the sample size lower limit value of each type of primitive behavior set of data samples With sample size upper limit value;Configure the variance critical value of the corresponding variance critical value of each dimension and the combination of all dimensions;Configuration The confidence level of each dimension;
Acquisition module:According to the type of the primitive behavior set of data samples of configuration, the various biographies carried by mobile terminal Sensor and application program acquire user's primitive behavior data sample of corresponding dimension;
Sample process module:After carrying out noise reduction process to the primitive behavior data sample of acquisition, added respectively according to dimension Primitive behavior data sample to corresponding types is concentrated;
Sample size judgment module:Judge whether primitive behavior data sample amount collected reaches corresponding primitive behavior data The sample size lower limit value of sample set:If reaching preset lower limit value, start variance computing module, if not up to pre-determined lower limit Value, then continue to execute acquisition module;
Variance computing module:Calculate the primitive behavior data that sample set quantity reaches the dimension of preset sample size lower limit value The variance of sample set;
Variance comparison module:Compare the size for calculating variance and the variance critical value of the corresponding dimension of configuration, if calculating side When difference is less than or equal to preset variance critical value, then determine that the corresponding user behavior of the dimension has stability;
Combine dimension module:Dimension used with stability is combined, the primitive behavior number of combination dimension is calculated After the variance of sample set, compare the size for calculating variance with the corresponding variance critical value for combining dimension of configuration, if calculating side When difference is less than or equal to the variance critical value of preset combination dimension, then determines that the corresponding user behavior of combination dimension has and stablize Property;
Acquired behavior dimension comprising modules:Each user establishes at least one acquired behavior dimension, acquired behavior dimension For dimension or dimension combination with stability;
Weight distribution module:According to the variance size of each dimension, different weights is assigned to each acquired behavior dimension p;
Authentication module:One or a set of behavioral data sample to be certified is acquired, respectively in corresponding acquired behavior dimension Upper carry out significance test, after inspection result is indicated with a variable T, authentication result V=Tp.
As shown in Fig. 2, further including that population data summarizes platform on the basis of Fig. 1, population data summarizes platform and collects respectively The acquired behavior dimension of a user forms virtual community according to the similarity degree of acquired behavior dimension, and virtual community is fed back Give weight distribution module;
Weight distribution module can also assign different weight p to each acquired behavior dimension according to virtual community information.
A kind of identity identifying method based on user's acquired behavior feature, basic step include:
1, behavioral data is acquired:The sensor and application program carried by mobile terminal, the multiple dimensions of continuous collecting User's primitive behavior data, including but not limited to:Motion path, movement locus, trading activity are (such as:Time, place, transaction master Body, type of transaction, transaction amount) etc., after carrying out noise reduction process to the data acquired recently, it is respectively added to according to dimension original Behavioral data sample set.
2, acquired behavior is extracted:After the primitive behavior data sample amount of certain dimension reaches minimum quantity requirement, calculate The variance of the standardization primitive behavior set of data samples of this dimension determines that this is one-dimensional when variance is less than preset critical value Corresponding user behavior is spent with stability;The single dimension up to standard to all primitive behavior data sample quantity is completed to examine Afterwards, then to all single dimensions it is combined, calculates the variance of the standardization primitive behavior set of data samples of each combination, the side of working as When difference is less than preset critical value, determine that this dimension combines corresponding user behavior and has stability.Each there is stability Dimension or dimension combination, a referred to as acquired behavior dimension.Same user allows that there are multiple acquired behavior dimensions, according to not With the variance size of the standardization primitive behavior set of data samples of acquired behavior dimension, each acquired behavior dimension is assigned different Weight:Variance is smaller, and imparting weight is bigger, i.e.,:More stable behavioural habits role in certification is bigger.
3, authenticating identity:When needing to carry out authentication to user, one group of new raw line is acquired according to preceding method Under preset confidence level, new primitive behavior data are examined respectively in each acquired behavior dimension for data sample Sample and existing primitive behavior data sample whether there is significant difference.No significant difference is then considered as through certification, there is significance difference It is different, it is considered as unauthenticated.
4, authorization:The scope of authority is determined according to the authentication result to new primitive behavior data sample, according to business System or the preset authorization rule of user oneself are completed when time authorization.
Such as:All acquired behavior dimension values by certification are set as 1, unauthenticated acquired behavior dimension takes Value is set as 0, is weighted and averaged using the weight that step 2 is arranged to the authentication result of all acquired behavior dimensions, according to weighting Average value is authorized.
User behavior data acquisition method:
1, the multiple sensors such as gravity, distance carried by the held mobile terminal of user carry out lasting user behavior number According to acquisition, collected Sample preservation is concentrated in primitive behavior data sample.Motion profile, behavior act, trading activity etc. are no Generic, the major parameter of acquisition is respectively:
1) major parameter of motion path includes:The time point of specific position is entered and left,
2) major parameter of movement locus includes:Space angle, acceleration
3) major parameter of trading activity includes:Trading object, type of transaction, exchange hour, transaction amount
2, primitive behavior set of data samples is equipped with sample size lower and upper limit, and sample size lower limit is to guarantee sample meter Calculate result can represent it is overall (such as:Sample size is not less than 30, meets the minimum sample size for carrying out significance test);Sample Measuring the upper limit is to improve Data Mining computational efficiency.
3, the sample data of primitive behavior set of data samples is updated using dynamic:When sample size after reaching the upper limit, every increasing While adding a new samples, Geju City sample earliest in sample set is eliminated.
Feature one:Behavioral data is acquired different from needing user to pass through specific operation (aerial signature, shaking mobile phone etc.) The authentication method of sample, this method acquire primitive behavior data sample in the state that user uses mobile terminal naturally, pass through The stabilization acquired behavior of data digging method acquisition user.
Feature two:In different application scenarios, it can be constrained according to external environment and actively complete user's controlled action data Acquisition, do not need user according to different application scene memory movement or gesture respectively.Such as:User actively close to terminal into When row payment, so that user is complied with terminal tilt angle and make a shaking motion, repeats the movement naturally when paying again.
Feature three:Continuous acquisition user behavior data is added to primitive behavior set of data samples, on sample size reaches After limit, historical sample is phased out according to the sampling time, adds newest sample.Make extract user behavior characteristics data always with The nearest behavioural habits of user are consistent.
The extracting method of user's acquired behavior feature, basic step:
1, it is concentrated from primitive behavior data sample, extracts whole sample datas under each data acquisition dimension respectively, It is standardized.
2, after the primitive behavior data sample amount of a data acquisition dimension reaches minimum quantity requirement, it is one-dimensional to calculate this The variance of the standardization primitive behavior data sample of degree.
3, the discriminant critical value of a variance is set, when the variance of standardization primitive behavior data sample is less than the critical value When, determine that the corresponding user behavior of this dimension has stability.
4, the single dimension up to standard to all primitive behavior data sample quantity is completed after differentiating, then to all single dimensions It is combined, calculates the variance of the standardization primitive behavior set of data samples of each combination, when variance is less than preset critical value When, determine that this dimension combines corresponding user behavior and has stability.
5, each dimension with stability or dimension combination, referred to as an acquired behavior dimension.Same user's is multiple Importance of the acquired behavior dimension in authentication has differences.The smaller acquired behavior dimension of variance is standardized, in identity Weight in certification is higher.
Feature one:As the dynamic of primitive behavior set of data samples updates, calculated according to three the method for right all Dimension and the sample standardization variance of dimension combination are possible to change at any time, also become therewith to the differentiation result of variance Change.This method is able to record and handles the slight change of user's acquired behavior, avoids needing to adopt again because acquired behavior changes Sample.
Feature two:Same user allows there are multiple acquired behavior dimensions, according to the standardization of different acquired behavior dimensions The variance size of primitive behavior set of data samples assigns different weights to each acquired behavior dimension:Variance is smaller, assigns power It is again bigger, i.e.,:More stable behavioural habits role in certification is bigger.
The basic step of authorization method:
1, it is actively added by user in advance, or the authorization rule provided using operation system is agreed in confirmation.To each industry The authorization rule of business is configured, and establishes the corresponding relationship of identity authentication result and authorization privilege.Authorization rule, and authorization rule Then with the corresponding relationship of identity authentication result, it is maintained in operation system.
2, after user completes the authentication once based on acquired behavior feature, by the authentication of mobile terminal calculating As a result it is uploaded to operation system.
3, operation system extracts the corresponding relationship of authorization rule and identity authentication result, works as time body by what mobile terminal uploaded Part authentication result inquires authorization rule, authorizes according to rule to when time operation.
Feature one:Authorization rule is preset by the operation system of different application, or by user in advance in mobile terminal Actively it is arranged, if obtain authorization and depend on the authentication result when time behavior, user does not need to remember.
Feature two:Allow to automatically adjust the scope of authority according to the acquired behavior authentication result of user, in primitive behavior early period In the lesser situation of data sample amount, the certain basic permission of user can be assigned, not only guarantees safety, but also can overcome the disadvantages that small sample It is inconvenient to user's bring to judge by accident.
Such as:
In primary payment, authentication result allows to carry out by systemic presupposition highest amount to exempt from close payment, authentication result when being 1 When being 0.7, allowing to exempt from close payment according to the 70% of systemic presupposition highest amount, when authentication result is 0.5, refusal exempts from close payment, User must input payment cipher as assistant authentification means.
Embodiment 1:
This method descends the specific implementation process in small amount payment application as follows online:
S1, since small amount payment application under user installation line, the following primitive behavior data sample of continuous collecting:User is every The trade company of secondary consumption, time point, single spending amount, close to cash receiving terminal when gesture motion, be denoted as:U (x, y, z, t), In, x indicates that single spending amount, y indicate trade company, and t indicates that consumption time, z indicate gesture motion characteristic value;
S2,20 effective samples of acquisition in continuous acquisition one week, U={ u1,u2,...,u20}
S21 calculates single spending amount x, trade company y, consumption time t, the standard of the four dimensions such as gesture motion characteristic value z Variance is denoted as respectivelySet variance critical value asThere is following differentiation result:
S22, to single spending amount x, trade company y, consumption time t, the four dimensions such as gesture motion characteristic value z carry out group It closes, calculates the standard variance of variable after combination, differentiation is made compared with the variance critical value of setting.Optional combined method has more Kind, a kind of common method is:Fixed one of dimension value calculates the standard variance of another or another several dimensions.
Trade company y is fixed, in convenience store's consumption, value is y1, in Eatery Consumption, value is y2, calculate separately y not With single spending amount x under value, consumption time t, the standard variance of three dimensions such as gesture motion characteristic value z has and sentences as follows Other result:
According to the calculated result of S2, the acquired behavior dimension for obtaining user is as follows:
1) full accuracy
2) degree of precision
S23 assigns different habits behavior dimension and weighs according to the standard variance size that primitive behavior data sample calculates, The smaller weight of principle upside deviation is bigger.A kind of optional method in this example is, by after the descending sequence of variance according to serial number Square assign power.
V (z) is calculated by this method, v (y1, z), v (y2, x), v (y2, t), v (y2, z) weighted value be:P=(0.02, 0.02,0.37,0.02,0.57)T
S3 acquires a newest primitive behavior data sample, in each habit when needing to carry out authentication to user Significance test is carried out in used behavior dimension, common method has t to examine, F is examined etc..Inspection result indicates with a variable, By examining value 1, not verified value 0 in each acquired behavior dimension.The inspection result of all dimensions is weighted After average, authentication result is obtained.
The inspection result of this example is T=(1,1,0,0,1), authentication result V=Tp=0.61
S4 is authorized according to authentication result.
Preset authorization rule is in this example:3
1) as V < 0.50, when secondary payment needs to input password.
2) as 0.50≤V < 0.75, when it is secondary payment allow to carry out exempting from by minimum amount it is close payment (such as:5 yuan), be more than It needs to input password when the amount.
3) super when secondary payment allows to carry out by 2 times of minimum amount to exempt from close payment (10 yuan) as 0.75≤V < 0.90 It needs to input password when crossing the amount.
4) as V >=0.90, when it is secondary payment allow to carry out exempting from by highest amount it is close payment (such as:50 yuan), it is more than the volume It needs to input password when spending.
Judged according to authorization rule, the result is that:When secondary payment is to exempt from the close payment upper limit with 5 yuan.
Embodiment 2:
S1 extracts all parameter sensings on customer mobile terminal;
The business datum of specified services movement is completed in S2 acquisition;
S3 concentrates the primitive behavior data sample that collected business datum is saved in corresponding types;
S4 judges whether that acquired behavior feature has been found;
If finding acquired behavior feature, judge that whether user's acquired behavior is the value range of degree in acquired behavior feature In range;
If in range, success identity authorization, while increasing authorization amount grade;
If do not authorized by habitual to authenticate not in range.
If not finding habituation to be characterized, whether judgement sample collection reaches 5:
If not up to 5, user's basic act judgment models can not be established;
If reaching 5, the variance of each dimension is calculated separately, and judges whether to be less than critical value;
If more than variance critical value, then acquired behavior feature can not be established;
If being less than, acquired behavior dimension is established;And habituation is sent to number for dimension and summarizes platform;Judge same Habituation is whether dimension value range has more people to be overlapped:
If being overlapped without more people, personal habits behavioural characteristic is established;
If there are more people to be overlapped, judge whether the value range of multiple behavior dimensions that formed the habit has uniqueness:
If there is uniqueness, personal habits behavioural characteristic is established;
If increasing new acquired behavior dimension without uniqueness.
The present invention also supports:(1) mobile phone is signed for confirming face-to-face;2) it, is paid under line:Small amount payment collects money face to face, is public Traffic etc..2) authentication:Gate inhibition, attendance, library, electronic ticket, discount coupon etc..

Claims (8)

1. a kind of identity authorization system based on user's acquired behavior feature, it is characterised in that:Including
Configuration module:The type of primitive behavior set of data samples is configured according to the dimension of the behavioural characteristic of user;Type includes fortune Dynamic path, movement locus and trading activity;Configure the sample size lower limit value and sample of each type of primitive behavior set of data samples This amount upper limit value;Configure the variance critical value of the corresponding variance critical value of each dimension and the combination of all dimensions;
Acquisition module:According to the type of the primitive behavior set of data samples of configuration, the various sensors carried by mobile terminal And application program, acquire user's primitive behavior data sample of corresponding dimension;
Sample process module:After carrying out noise reduction process to the primitive behavior data sample of acquisition, it is respectively added to pair according to dimension The primitive behavior data sample of type is answered to concentrate;
Sample size judgment module:Judge whether primitive behavior data sample amount collected reaches corresponding primitive behavior data sample The sample size lower limit value of collection:If reaching preset lower limit value, start variance computing module, if not up to preset lower limit value, Continue to execute acquisition module;
Variance computing module:Calculate the primitive behavior data sample that sample set quantity reaches the dimension of preset sample size lower limit value The variance of collection;
Variance comparison module:Compare the size for calculating variance and the variance critical value of the corresponding dimension of configuration, if it is small to calculate variance When being equal to preset variance critical value, then determine that the corresponding user behavior of the dimension has stability;
Combine dimension module:Dimension used with stability is combined, the primitive behavior data sample of combination dimension is calculated After the variance of this collection, compare the size for calculating variance with the corresponding variance critical value for combining dimension of configuration, if it is small to calculate variance When being equal to the variance critical value of preset combination dimension, then determine that combining the corresponding user behavior of dimension has stability;
Acquired behavior dimension comprising modules:Each user establishes at least one acquired behavior dimension, and acquired behavior dimension is tool There are the dimension or dimension combination of stability;
Weight distribution module:According to the variance size of each dimension, different weight p is assigned to each acquired behavior dimension;
Authentication module:One or a set of behavioral data sample to be certified is acquired, it is enterprising in corresponding acquired behavior dimension respectively Row significance test, after inspection result is indicated with a variable T, authentication result V=Tp.
2. the identity authorization system according to claim 1 based on user's acquired behavior feature, it is characterised in that:Further include Population data summarizes platform, and the population data summarizes the acquired behavior dimension that platform collects each user, according to acquired behavior The similarity degree of dimension forms virtual community, and virtual community is fed back to weight distribution module;
The weight distribution module can also assign different weight p to each acquired behavior dimension according to virtual community information.
3. a kind of identity identifying method based on user's acquired behavior feature, it is characterised in that:Include the following steps:
1) it configures:
1.1) type of primitive behavior set of data samples is configured according to the dimension of the behavioural characteristic of user;Type includes movement road Diameter, movement locus and trading activity;
1.2) the sample size lower limit value and sample size upper limit value of each type of primitive behavior set of data samples are configured;
1.3) the variance critical value of each corresponding variance critical value of dimension and the combination of all dimensions is configured;
2) foundation of primitive behavior set of data samples:
2.1) according to the type of the primitive behavior set of data samples of configuration, the various sensors carried by mobile terminal and application Program acquires user's primitive behavior data sample of corresponding dimension;
2.2) after carrying out noise reduction process to the primitive behavior data sample of acquisition, the original of corresponding types is respectively added to according to dimension It begins as data sample concentration;
2.3) judge whether primitive behavior data sample amount collected reaches the sample size of corresponding primitive behavior set of data samples Lower limit value:
If reaching preset lower limit value, then follow the steps 2.4);
If not up to preset lower limit value returns to step 2.1);
2.4) dimensional stability judges:
2.4.1) calculating sample set quantity reaches the side of the primitive behavior set of data samples of the dimension of preset sample size lower limit value Difference;
2.4.2) compare the size for calculating variance and the variance critical value of the corresponding dimension of configuration, be less than or equal in advance if calculating variance If variance critical value when, then determine the corresponding user behavior of the dimension have stability;If calculating variance is greater than preset side When the critical value of difference, then give up the primitive behavior set of data samples;
2.4.3) dimension used with stability is combined, calculates the side of the primitive behavior set of data samples of combination dimension After difference, compare the size for calculating variance with the corresponding variance critical value for combining dimension of configuration, if calculating variance less than or equal to pre- If combination dimension variance critical value when, then determine that combining the corresponding user behavior of dimension has stability;If calculating variance Greater than preset variance critical value when, then give up the primitive behavior set of data samples of the combination dimension;
3) habit sexual behaviour dimension is established:
3.1) each user suggests that at least one acquired behavior dimension, the acquired behavior dimension are the dimension with stability Degree or dimension combination;
3.2) according to the distribution principle of configuration weight, different weight p is assigned to each acquired behavior dimension;
4) authenticating identity:One or a set of behavioral data sample to be certified is acquired, respectively in corresponding acquired behavior dimension Significance test is carried out, inspection result is indicated with a variable T:
Behavioral data sample to be certified is compared with acquired behavior dimension, is overlapped journey according to acquired behavior dimension Degree, different values is assigned to inspection result T;After being weighted galassing to the inspection result T of all dimensions, authentication result is obtained V, authentication result V=Tp;
5) authorization:It is completed according to authentication result when time authorization.
4. the identity identifying method according to claim 3 based on user's acquired behavior feature, it is characterised in that:Further include Analyze virtual community step:The acquired behavior dimension for collecting each user forms empty according to the similarity degree of acquired behavior dimension Quasi-group body, for being referred to when weight distribution;
Corresponding step 3.2) can also be:Different weight p is assigned to each acquired behavior dimension according to virtual community information.
5. the identity identifying method according to claim 3 or 4 based on user's acquired behavior feature, it is characterised in that:
The parameter of motion path includes:Enter and leave the time point of specific position;
The parameter of movement locus includes:Space angle and acceleration;
The parameter of trading activity includes:Trading object, type of transaction, exchange hour and transaction amount.
6. the identity identifying method according to claim 5 based on user's acquired behavior feature, it is characterised in that:Further include The sample data of primitive behavior set of data samples updates step:
When sample size after reaching the upper limit, while one new samples of every increase, primitive behavior data sample is concentrated earliest One behavioral data sample is eliminated.
7. the identity identifying method according to claim 6 based on user's acquired behavior feature, it is characterised in that:Authorization Basic step:
1) it is actively added by user in advance, or the authorization rule provided using operation system is agreed in confirmation;
2) authorization rule of each business is configured, establishes the corresponding relationship of identity authentication result and authorization privilege;
3) after user completes the authentication once based on acquired behavior feature, by when time identity authentication result inquiry authorization rule Then, it is authorized according to authorization rule to when time operation.
8. the identity identifying method according to claim 7 based on user's acquired behavior feature, it is characterised in that:Step 3.2) principle of imparting weight is:The confidence level of each dimension is according to the calculating variance and default variance critical value for combining dimension Deviation size is calculated;Deviation is bigger, and confidence level is lower, then weight is smaller;Deviation is smaller, and confidence level is higher, then weight is got over Greatly.
CN201610515015.0A 2016-06-30 2016-06-30 A kind of identity authorization system and method based on user's acquired behavior feature Active CN106022030B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610515015.0A CN106022030B (en) 2016-06-30 2016-06-30 A kind of identity authorization system and method based on user's acquired behavior feature

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610515015.0A CN106022030B (en) 2016-06-30 2016-06-30 A kind of identity authorization system and method based on user's acquired behavior feature

Publications (2)

Publication Number Publication Date
CN106022030A CN106022030A (en) 2016-10-12
CN106022030B true CN106022030B (en) 2018-11-20

Family

ID=57106304

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610515015.0A Active CN106022030B (en) 2016-06-30 2016-06-30 A kind of identity authorization system and method based on user's acquired behavior feature

Country Status (1)

Country Link
CN (1) CN106022030B (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110392886A (en) * 2017-04-11 2019-10-29 惠普发展公司,有限责任合伙企业 User authentication
CN107230084B (en) * 2017-05-03 2020-12-29 同济大学 Big data-based user behavior authentication method and system
CN107633573A (en) * 2017-07-28 2018-01-26 移康智能科技(上海)股份有限公司 The method for unlocking and intelligent door lock of a kind of intelligent door lock
CN107515379B (en) * 2017-07-28 2020-03-27 歌尔股份有限公司 Method for testing quality of high-low temperature low-pressure test chamber
CN109426714B (en) * 2017-08-30 2022-04-19 创新先进技术有限公司 Method and device for detecting person changing and method and device for verifying user identity
CN107612921A (en) * 2017-09-30 2018-01-19 北京梆梆安全科技有限公司 A kind of auth method and device based on click location
CN107612922A (en) * 2017-09-30 2018-01-19 北京梆梆安全科技有限公司 User ID authentication method and device based on user operation habits and geographical position
CN107632722A (en) * 2017-09-30 2018-01-26 北京梆梆安全科技有限公司 A kind of various dimensions user ID authentication method and device
CN107516218B (en) * 2017-09-30 2020-09-29 北京梆梆安全科技有限公司 User identity authentication method and device based on multiple features
CN107623696B (en) * 2017-09-30 2020-11-24 北京梆梆安全科技有限公司 User identity verification method and device based on user behavior characteristics
CN107657156B (en) * 2017-09-30 2021-03-19 北京梆梆安全科技有限公司 User identity authentication method and device based on user operation habit and touch area
CN110046481A (en) * 2018-01-15 2019-07-23 上海聚虹光电科技有限公司 It is accustomed to the identity identifying method of feature based on user
CN108595923A (en) * 2018-04-20 2018-09-28 北京元心科技有限公司 Identity identifying method, device and terminal device
CN109190342B (en) * 2018-08-20 2020-10-23 济南大学 Owner identity verification method of smart community and community server
CN109318612B (en) * 2018-09-25 2022-01-28 平安科技(深圳)有限公司 Anti-counterfeiting method and device for seal and intelligent seal
CN109462691B (en) * 2018-10-27 2021-01-26 中国人民解放军战略支援部队信息工程大学 Implicit protection method and system based on multi-sensor data fusion
CN111723349A (en) * 2019-03-18 2020-09-29 顺丰科技有限公司 User identification method, device, equipment and storage medium
CN112784224B (en) * 2019-11-08 2024-01-30 中国电信股份有限公司 Terminal safety protection method, device and system
CN113114653A (en) * 2020-09-30 2021-07-13 陈梅玉 Business equipment processing method of office network on cloud and cloud office platform
CN115001843B (en) * 2022-06-24 2024-08-09 咪咕文化科技有限公司 Identity verification method, device, electronic equipment and computer readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5557686A (en) * 1993-01-13 1996-09-17 University Of Alabama Method and apparatus for verification of a computer user's identification, based on keystroke characteristics
CN103646197A (en) * 2013-12-12 2014-03-19 中国石油大学(华东) User credibility authentication system and method based on user behaviors
CN103678346A (en) * 2012-09-07 2014-03-26 阿里巴巴集团控股有限公司 Man-machine recognition method and system
CN105049421A (en) * 2015-06-24 2015-11-11 百度在线网络技术(北京)有限公司 Authentication method based on use behavior characteristic of user, server, terminal, and system
CN105207783A (en) * 2015-10-26 2015-12-30 联动优势电子商务有限公司 Authentication method and device for user's confidence level

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150134421A1 (en) * 2013-11-14 2015-05-14 Eugene DUPONT Optimizing customer promotions

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5557686A (en) * 1993-01-13 1996-09-17 University Of Alabama Method and apparatus for verification of a computer user's identification, based on keystroke characteristics
CN103678346A (en) * 2012-09-07 2014-03-26 阿里巴巴集团控股有限公司 Man-machine recognition method and system
CN103646197A (en) * 2013-12-12 2014-03-19 中国石油大学(华东) User credibility authentication system and method based on user behaviors
CN105049421A (en) * 2015-06-24 2015-11-11 百度在线网络技术(北京)有限公司 Authentication method based on use behavior characteristic of user, server, terminal, and system
CN105207783A (en) * 2015-10-26 2015-12-30 联动优势电子商务有限公司 Authentication method and device for user's confidence level

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于动态手势的身份认证方法及其在智能手机上的应用;高焕芝等;《电子学报》;同方知网;20140930;第42卷(第9期);第1858-1862页 *

Also Published As

Publication number Publication date
CN106022030A (en) 2016-10-12

Similar Documents

Publication Publication Date Title
CN106022030B (en) A kind of identity authorization system and method based on user&#39;s acquired behavior feature
US11783018B2 (en) Biometric authentication
US20220398591A1 (en) Systems and methods for biometric transaction management
RU2625050C1 (en) System and method of transactions trusted declaration
CN110163611A (en) A kind of personal identification method, device and relevant device
Qin et al. A fuzzy authentication system based on neural network learning and extreme value statistics
WO2020135115A1 (en) Method and device for authenticating near-field information, electronic apparatus, and computer storage medium
CA3023925A1 (en) Transaction confirmation and authentication based on device sensor data
US20180308101A1 (en) A system for proximate and/or remote electronic transaction authorization based on user authentication and/or biometric identification
CN104765453B (en) A kind of identity identifying method of the handheld device based on embedded three-dimensional accelerometer
CN109063977A (en) A kind of no-induction transaction risk monitoring method and device
Halevi et al. Context-aware defenses to RFID unauthorized reading and relay attacks
CN109274683A (en) A kind of combined crosswise Verification System and its authentication method
CN111563746A (en) Method, device, electronic equipment and medium for user identity authentication
CN102314594B (en) Biometric authentication device and biometric authentication method
US20210173910A1 (en) Thermally enriched multi-modal and multi-channel biometric authentication
Abazi et al. Application of biometric models of authentication in mobile equipment
JP6928191B1 (en) Authentication system, program
KR102302293B1 (en) blockchain system for authorized recommendation of cryptocurrency based on context-aware smart kisok
Li et al. The evolution of biometrics
CN102034034A (en) Biological authentication device
Jagadeesh et al. Conceptual view of the Iris recognition systems in the biometric world using image processing techniques
CN111353139A (en) Continuous authentication method and device, electronic equipment and storage medium
Jiang et al. Mobile payment authentication
Ochang et al. An Enhanced Automated Teller Machine Security Prototype using Fingerprint Biometric Authentication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant