CN106888090A - A kind of user authentication method, apparatus and system - Google Patents
A kind of user authentication method, apparatus and system Download PDFInfo
- Publication number
- CN106888090A CN106888090A CN201510946410.XA CN201510946410A CN106888090A CN 106888090 A CN106888090 A CN 106888090A CN 201510946410 A CN201510946410 A CN 201510946410A CN 106888090 A CN106888090 A CN 106888090A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- terminal device
- input
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
Abstract
The application is related to Internet technical field, more particularly to a kind of user authentication method, apparatus and system, is used to solve the problems, such as that the user profile for being used in user's checking at present is prevented cracking mode and has that security is low, user's identification difficulty is big.A kind of user authentication method that the embodiment of the present application is provided includes:The user input progress msg that server sends according to terminal device, the prompt message of generation is sent to terminal device, and instruction user is directed to the input operation for being currently needed for performing and carries out the change operation that the server is specified;After the user's submission information for receiving terminal device transmission, information is submitted to verify the user, it is to indicate the user to be based on the information that the prompt message performs the operation for completing that the user submits information to.Adopt in this way, can well prevent the repetition Brute Force of machine, improve the security of user profile, also do not increase extra verification step, therefore improve user profile input efficiency.
Description
Technical field
The application is related to Internet technical field, more particularly to a kind of user authentication method, apparatus and system.
Background technology
As user is more and more to the demand type of Internet service, demand is increasing, internet clothes
The security of business also becomes more and more important.User is generally required for input to use when using Internet service
Family information, such as when targeted website is logged in or using intended application, it is necessary to input login username and password.
Username and password of the user in targeted website or application is cracked (such as to enter by way of Key Logger
Row capture) after, unauthorized person may be related non-to password execution using the account with the name of the user
Method is operated, so as to bring loss to user.
As shown in figure 1, it is to increase graphical verification code (Captcha) that conventional anti-violence cracks mode.It is this
Mode reaches the purpose that machine can not be retried in batches by increasing picture to be identified, sound etc..Figure
Identifying code increases picture in the use of picture through frequently with number of mechanisms such as the mixing of multiple figure layers, font deformations
The difficulty of identification, although this mode can reduce the probability of machine Brute Force to a certain extent, when increasing
Add user's identification difficulty, caused user to be detained webpage overlong time, waste Internet resources;On the other hand,
The mode of graphical verification code typically uses a type of picture to serve as identifying code, the form of this fixation
Be easy to be captured by hacker, it is only necessary to increase optical character identification (Optical Character Recognition,
OCR) or manually picture recognition can just be cracked.
It can be seen that, current user profile is prevented cracking mode and there is a problem of that security is low, user's identification difficulty is big.
The content of the invention
The embodiment of the present application provides a kind of user authentication method, apparatus and system, is used to solve in current use
The user profile that uses is prevented cracking mode and there is a problem of that security is low, user's identification difficulty is big in the checking of family.
A kind of user authentication method that the embodiment of the present application is provided, including:
The user input progress msg that server sends according to terminal device, sends to the terminal device and generates
Prompt message, the user input progress msg is input into user for instruction user on the terminal device
The progress of information, the prompt message is used to indicate the user to enter for the input operation for being currently needed for performing
The change that the row server is specified is operated;
After user's submission information that the terminal device sends is received, information is submitted to test the user
Card, wherein, it is to indicate the user to be based on the prompt message to perform the behaviour for completing that the user submits information to
The information of work.
Alternatively, the server submits to information to verify the user, including:
The server is based on the carrying out user profile before changing for preserving, and the prompting for sending
Information, it is determined that the correct operation information of the correspondence user;
According to the correct operation information of the correspondence user for determining, information is submitted to test the user
Card.
Alternatively, the server is in the user input progress msg sent according to terminal device, to the end
End equipment sends the prompt message of generation, including:
When the user input progress msg that the server sends according to terminal device, prompting is initiated in random selection
The time point of information, and at the time point of selection, the prompt message of generation is sent to the terminal device.
Alternatively, the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
Another embodiment of the application provides a kind of user authentication method, including:
Terminal device sends user input progress msg to server, and the user input progress msg is used to refer to
Show that user is input into the progress of user profile on the terminal device;
The terminal device receives the server and is based on the prompting letter that the user input progress msg sends
Breath, and user is showed, the prompt message is used to indicate the user to be directed to the input for being currently needed for performing
Operation carries out the change operation that the server is specified;
The terminal device sends user and submits information to the server, for the server to the use
Family submits to information to be verified, wherein, the user submits information to indicate the user to be based on the prompting
Information performs the information of the operation for completing.
Alternatively, the prompt message is showed the user by the terminal device, including:
The prompt message is showed the user by the terminal device in the way of combination graphical verification code.
The embodiment of the present application provides a kind of user authentication device, including:
Generation module, for the user input progress msg sent according to terminal device, generates prompt message;
The user input progress msg is used for the progress that instruction user is input into user profile on the terminal device;
The prompt message refers to for indicating the user to carry out server for the input operation for being currently needed for performing
Fixed change operation;
Sending module, for sending the prompt message that the generation module is generated to the terminal device;
Authentication module, for after user's submission information that the terminal device sends is received, to the user
Submission information verified, wherein, the user submits information to indicate the user to be based on the prompting letter
Breath performs the information of the operation for completing.
Another embodiment of the application provides a kind of user authentication device, including:
First sending module, for sending user input progress msg, the user input progress to server
Information is used for the progress that instruction user is input into user profile on the terminal device;
Receiver module, the prompting letter that the user input progress msg sends is based on for receiving the server
Breath, and user is showed, the prompt message is used to indicate the user to be directed to the input for being currently needed for performing
Operation carries out the change operation that the server is specified;
Second sending module, submits information to, for the server pair for sending user to the server
The user submits to information to be verified, wherein, the user submits to information to be based on institute for the instruction user
State the information that prompt message performs the operation for completing.
The embodiment of the present application provides a kind of subscriber authentication system, including:Server and terminal device;
The terminal device sends user input progress msg, the user input progress letter to the server
Cease the progress for being input into user profile on the terminal device for instruction user;
The user input progress msg that the server sends according to the terminal device, generates prompt message,
And the prompt message for generating is sent to the terminal device, the prompt message is used to indicate the user to be directed to
The input operation for being currently needed for performing carries out the change operation that the server is specified;
The terminal device receives the prompt message that the server sends, and shows user;In user's base
After the prompt message performs completion operation, send user to the server and submit information, the user to
Submission information is to indicate the user to be based on the information that the prompt message performs the operation for completing;
The server is carried after user's submission information that the terminal device sends is received to the user
Friendship information is verified.
In the embodiment of the present application, when user carries out user profile on the terminal device to be input into, server is initiated
Prompt message, being directed to the input operation for being currently needed for performing for instruction user carries out the change that server is specified
Operation, such as the conversion of the deformation process specified to the character for being currently needed for input, such as capital and small letter, so
The operation that prompt message execution is based on to user afterwards is verified.Adopt in this way, due to each user
The information of input is all unfixed, therefore can well prevent the repetition Brute Force of machine, and lifting is used
The security of family information.Further, since the application does not have increases extra checking as input validation code
Step, therefore user profile input efficiency is improve, improve Consumer's Experience.
Brief description of the drawings
Fig. 1 is using the schematic diagram of graphical verification code.
The verification method flow chart that Fig. 2 is provided for the embodiment of the present application;
Fig. 3 (a) is the schematic diagram for prompting " please press cap lock " occur;
Fig. 3 (b) is the schematic diagram for prompting " please pressing cap lock again " occur;
Fig. 3 (c) is the prompt message displaying schematic diagram with reference to graphical verification code;
The checking apparatus structure schematic diagram that Fig. 4 is provided for the embodiment of the present application;
The checking apparatus structure schematic diagram that Fig. 5 is provided for the embodiment of the present application;
The checking system structural representation that Fig. 6 is provided for the embodiment of the present application.
Specific embodiment
In the embodiment of the present application, input operation of the server to user on the terminal device is monitored, service
Between device and terminal device can by website, using etc. set up connection, when user is carried out on the terminal device
When user profile is input into, server initiates prompt message, is currently needed for performing for indicating the user to be directed to
Input operation carry out the change that server specifies and operate, such as the character for being currently needed for input is specified
Deformation process, such as capital and small letter conversion, then to user be based on the prompt message perform operation test
Card.Adopt in this way, because the information of each user input is all unfixed, therefore can be well
The repetition Brute Force of machine is prevented, the security of user profile is lifted.Further, since the application does not have
Increase extra verification step as input validation code, therefore improve user profile input efficiency, lifted
Consumer's Experience.
The embodiment of the present application is described in further detail with reference to Figure of description.
As shown in Fig. 2 the user authentication method flow chart provided for the embodiment of the present application, comprises the following steps:
S201:Terminal device sends user input progress msg, the user input progress msg to server
The progress of user profile is input on the terminal device for instruction user.
In the embodiment of the present application, between server and terminal device can by website, using etc. set up data
Connection, namely the server can be Website server, application server etc., server can be by terminal
Webpage or apply upper input operation that monitoring of equipment user is presented in terminal device, specifically, can be set
Once user above has input operation in website or application, terminal device sends the content of the input operation automatically
To server, and the similar trigger action for clicking on send button is initiated without user, or, terminal device
The information of the current input progress position of instruction user can be only sent, such as instruction user is currently inputted to
3rd character.The user profile can be user in website or using upper registration or any privacy for using
Information, such as user name, password, address information etc..
Specifically, the user authentication method that the embodiment of the present application is provided can be used for Account Logon, website order
The usage scenario of user profile confirmation, payment information confirmation etc., is stepped in the embodiment of the present application with account before generation
Illustrated as a example by record.When user needs to log in, click on after logging in, terminal device sends to server and steps on
Record request, login interface is fed back to terminal device by server, to be shown to user.User can log in
Input user profile in corresponding input frame in interface, for example, input user name letter in the input frame of user name
Breath, password is input in Password Input frame.During user carries out input information, terminal device is to clothes
Business device sends user input information.
S202:The user input progress msg that server sends according to terminal device, generates prompt message;Institute
State prompt message carries out the server for indicating the user to be directed to the input operation for being currently needed for performing
The change specified is operated.
S203:The prompt message of generation is sent to terminal device, terminal device the reception server hair by server
The prompt message sent, and user is showed, so that user is directed to the input operation for being currently needed for performing and is taken
The change that business device is specified is operated.
Here, the prompt message can include:At the conversion specified to the character for being currently needed for input
Manage, such as capital and small letter conversion, input space (namely instruction user is first defeated before character to be entered is input into
Enter space), the character (spcial character such as specified) specified of input;Can also include:Perform except defeated
Enter other assigned operations outside operation, such as overturn terminal device, dragging designated button, click on to specify and press
Button etc..In specific implementation, server can also select to carry according to the type of the terminal device for detecting
Show information, such as when terminal device is mobile phone, panel computer etc., the prompt message that can be selected includes turning over
Turn the terminal, when for common computer, then do not select the prompt message.Prompt message is in terminal device
On display location can be changed according to actual conditions, for example may be displayed on around input frame (top, the right side
The orientation such as side), to facilitate user to see the prompt message of correlation.
In specific implementation, the user input progress msg that server can send according to terminal device, at random
The time point that prompt message is initiated in selection sends prompt message to terminal device.Server can be it is determined that need
When sending prompt message, according to the current input progress of user, input progress is corresponding carries with this for random generation
Show information, prompt message here can at random be generated according to current input progress, such as user works as
During preceding needs input letter, it is that prompting carries out capital and small letter conversion that can randomly choose, or prompting is input into space,
Still other deformation operations etc. are pointed out.
Further, server can be random to initiate once or repeatedly to point out according to the input progress of user,
Until user completes to be input into.User of the such as user when targeted website is registered entitled nickwang, such as Fig. 3
Shown in (a), after user input second letter i, there is prompting " cap lock please be press ", Ran Houyong
Be input to the C that 3rd letter is changed to capitalization in current text box by family, such as shown in Fig. 3 (b),
When user is ready for the 4th letter k, there is prompting " please pressing cap lock again ", now
The K of user input capitalization.
In terminal equipment side, prompt message can be ejected by the form of prompting frame, can used in user input
Ejected during the user profile such as name in an account book, password, address information.
In specific implementation, in order to further increase the security of prompt message, user terminal can will be prompted to
Information shows the user in the way of combination graphical verification code.As shown in Fig. 3 (c), prompt message is
" please when D is input into front frame ", " D " therein is represented in the way of graphical verification code.
S204:Terminal device sends user and submits information to server, and the user submits information to indicate institute
State user and be based on the information that the prompt message performs the operation for completing.
As shown in Fig. 3 (a)~(c), user performs in the prompt message based on server and completes user profile
After the input of (user name, password), click on login button and submitted to, terminal device is by user input
Information submits to server.In specific implementation, if server further indicates user's execution in prompt message
Other operations in addition to input operation, then the order of the various operations that terminal device is performed according to user, will refer to
Show that user performs the information of operation for completing and is sent to server, such as user name nickwang, when with
After family is input into second letter i, there is prompting " cap lock please be press ", after user input letter k, carry
Show that user overturns terminal device, then after user has performed correct operation according to prompting, terminal device is notified
Server user performs the operation for completing:Have input n, i, C, k, upset terminal device, have input
w、a、n、g。
S205:Server is carried after user's submission information that the terminal device sends is received to the user
Friendship information is verified.
Specifically, carry out of the server based on the preservation user profile before changing, and transmission is described
Prompt message, it is determined that the correct operation information of the correspondence user;According to the correspondence user for determining just
True operation information, submits to information to verify the user.
Here, when prompt message is sent to terminal device, also the corresponding user calculated after change believes server
Breath, such as, user name was nickwang originally, and server after second character is transfused to, is pointed out successively
" please press cap lock ", after the 3rd character is transfused to, points out " please pressing cap lock again ", then take
After business device is calculated accordingly, confirm that user name is changed to niCKwang.
Server after change is determined, after the correct operation that user should perform, perform user is actual
Correct operation after the change that the operation of completion is determined with server is compared checking.Such as Fig. 3 (a)~
C (), user performs the character that the operation for completing refers to user input, the correct operation that server determines is to refer to
Character after the change for calculating.If user terminal input be niCKwang, then point out User logs in into
Work(, continues to provide the user other servers, if that user terminal input is nickwang, not according to phase
The prompting answered is changed, then this time login is unsuccessful, can prompt the user with and " please note the prompting of display
Information ".
The embodiment of the present application has the advantages that:
The embodiment of the present application is during user carries out user profile input, and server is random by initiating
Deformation process is pointed out, and carrying out the random of user profile for the current input progress of user obscures, such as can be with
Change length (such as adding space), content (such as carry out alphabet size and write conversion), the word of user profile
Symbol order (such as exchanging the input sequence of two neighboring character) etc., due to the deformational behavior be it is random,
Point out occur time point be also it is random, therefore user be input into every time user profile be all it is not reproducible,
Automatic collision storehouse in this case cannot be realized, while by Key Logger (keylogger)
Mode can not capture real password, improve the security of user profile input.In addition, this Shen
Please embodiment will be prompted to information and user normally input be combined togather, not as input validation code one
Sample increases extra verification step, improves Consumer's Experience.Furthermore, the embodiment of the present application can also be by figure
Shape identifying code display reminding information, combines by by verification process and graphical verification code, further increases use
The security of family information input.Using the embodiment of the present application, system can also easily capture attack row
For even attacker.
Additionally provided based on same inventive concept, in the embodiment of the present application a kind of corresponding with user authentication method
User authentication device and system, due to the checking of the device and the principle and the embodiment of the present application of happiness solve problem
Method is similar, therefore the implementation of the apparatus and system may refer to the implementation of method, repeats part and repeats no more.
As shown in figure 4, the user authentication device structural representation provided for the embodiment of the present application, including:
Generation module 41, for the user input progress msg sent according to terminal device, generates prompt message;
The user input progress msg is used for the progress that instruction user is input into user profile on the terminal device;
The prompt message refers to for indicating the user to carry out server for the input operation for being currently needed for performing
Fixed change operation;
Sending module 42, for sending the prompt message that the generation module is generated to the terminal device;
Authentication module 43, for after user's submission information that the terminal device sends is received, to the use
Family submits to information to be verified, wherein, the user submits information to indicate the user to be based on the prompting
Information performs the information of the operation for completing.
Alternatively, authentication module 43 specifically for:
Based on the carrying out user profile before changing for preserving, and the prompt message for sending, it is determined that
The correct operation information of the correspondence user;It is right according to the correct operation information of the correspondence user for determining
The user submits to information to be verified.
Alternatively, sending module 42 specifically for:
According to the user input progress msg that terminal device sends, the time of prompt message is initiated in random selection
Point, and at the time point of selection, prompt message is sent to the terminal device.
Alternatively, the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
As shown in figure 5, the user authentication device structural representation provided for another embodiment of the application, including:
First sending module 51, for sending user input progress msg to server, the user input is entered
Degree information is used for the progress that instruction user is input into user profile on the terminal device;
Receiver module 52, the prompting that the user input progress msg sends is based on for receiving the server
Information, and user is showed, the prompt message is currently needed for the defeated of execution for indicating the user to be directed to
Entering operation carries out the change operation that the server is specified;
Second sending module 53, submits information to, for the server for sending user to the server
Information is submitted to verify the user, wherein, the user submits information to indicate the user to be based on
The prompt message performs the information of the operation for completing.
Alternatively, the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
Alternatively, receiver module 52 specifically for:
The prompt message is showed into the user in the way of combination graphical verification code.
As shown in fig. 6, the structural representation of subscriber authentication system 60 provided for the embodiment of the present application, including:
Terminal device 61 and server 62.
User profile is input into the corresponding input frame of display interface in user and (for example input user name or password
Etc. information) when, terminal device 61 sends user input progress msg, the user input to server 62
Progress msg is used for the progress that instruction user is input into user profile on the terminal device.
The user input progress msg that server 62 sends according to terminal device 61, generates prompt message, and
The prompt message of generation is sent to terminal device 61, the prompt message is worked as indicating the user to be directed to
The preceding input operation for needing to perform carries out the change operation that the server 62 is specified.
The prompt message that the reception server 62 of terminal device 61 is sent based on the user input progress msg,
And show user;After user is based on prompt message execution completion operation, sent to server 62
User submits information to, and the user submits information to indicate the user to perform completion based on the prompt message
Operation information.
Server 62 is submitted to after the user's submission information for receiving the transmission of terminal device 61 to the user
Information is verified.
Alternatively, server 62 submits to information to verify the user according to following steps:
Based on the carrying out user profile before changing for preserving, and the prompt message for sending, it is determined that
The correct operation information of the correspondence user;
According to the correct operation information of the correspondence user for determining, information is submitted to test the user
Card.
Alternatively, server 62 sends prompt message according to following steps to the terminal device:
According to terminal device 61 send user input progress msg, random selection initiate prompt message when
Between point, and selection the time point, to the terminal device send prompt message.
Alternatively, the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
Alternatively, the prompt message is showed the user by terminal device 61 according in the following manner:
The prompt message is showed into the user in the way of combination graphical verification code.
It should be understood by those skilled in the art that, embodiments herein can be provided as method, system or meter
Calculation machine program product.Therefore, the application can be using complete hardware embodiment, complete software embodiment or knot
Close the form of the embodiment in terms of software and hardware.And, the application can be used and wherein wrapped at one or more
Containing computer usable program code computer-usable storage medium (including but not limited to magnetic disk storage,
CD-ROM, optical memory etc.) on implement computer program product form.
The application is produced with reference to the method according to the embodiment of the present application, device (system) and computer program
The flow chart and/or block diagram of product is described.It should be understood that can by computer program instructions realize flow chart and
/ or block diagram in each flow and/or the flow in square frame and flow chart and/or block diagram and/
Or the combination of square frame.These computer program instructions to all-purpose computer, special-purpose computer, insertion can be provided
The processor of formula processor or other programmable data processing devices is producing a machine so that by calculating
The instruction of the computing device of machine or other programmable data processing devices is produced for realizing in flow chart one
The device of the function of being specified in individual flow or multiple one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions may be alternatively stored in can guide computer or the treatment of other programmable datas to set
In the standby computer-readable memory for working in a specific way so that storage is in the computer-readable memory
Instruction produce include the manufacture of command device, the command device realization in one flow of flow chart or multiple
The function of being specified in one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices, made
Obtain and series of operation steps is performed on computer or other programmable devices to produce computer implemented place
Reason, so as to the instruction performed on computer or other programmable devices is provided for realizing in flow chart one
The step of function of being specified in flow or multiple one square frame of flow and/or block diagram or multiple square frames.
Although having been described for the preferred embodiment of the application, those skilled in the art once know base
This creative concept, then can make other change and modification to these embodiments.So, appended right will
Ask and be intended to be construed to include preferred embodiment and fall into having altered and changing for the application scope.
Obviously, those skilled in the art can carry out various changes and modification without deviating from this Shen to the application
Spirit and scope please.So, if the application these modification and modification belong to the application claim and
Within the scope of its equivalent technologies, then the application is also intended to comprising these changes and modification.
Claims (15)
1. a kind of user authentication method, it is characterised in that the method includes:
The user input progress msg that server sends according to terminal device, sends to the terminal device and generates
Prompt message, the user input progress msg is input into user for instruction user on the terminal device
The progress of information, the prompt message is used to indicate the user to enter for the input operation for being currently needed for performing
The change that the row server is specified is operated;
After user's submission information that the terminal device sends is received, information is submitted to test the user
Card, wherein, it is to indicate the user to be based on the prompt message to perform the behaviour for completing that the user submits information to
The information of work.
2. the method for claim 1, it is characterised in that the server is submitted to the user
Information verified, including:
The server is based on the carrying out user profile before changing for preserving, and the prompting for sending
Information, it is determined that the correct operation information of the correspondence user;
According to the correct operation information of the correspondence user for determining, information is submitted to test the user
Card.
3. the method for claim 1, it is characterised in that the server is according to terminal device
The user input progress msg of transmission, the prompt message of generation is sent to the terminal device, including:
Prompting letter is initiated in the user input progress msg that the server sends according to terminal device, random selection
The time point of breath, and at the time point of selection, the prompt message of generation is sent to the terminal device.
4. the method as described in claims 1 to 3 is any, it is characterised in that the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
5. a kind of user authentication method, it is characterised in that the method includes:
Terminal device sends user input progress msg to server, and the user input progress msg is used to refer to
Show that user is input into the progress of user profile on the terminal device;
The terminal device receives the server and is based on the prompting letter that the user input progress msg sends
Breath, and user is showed, the prompt message is used to indicate the user to be directed to the input for being currently needed for performing
Operation carries out the change operation that the server is specified;
The terminal device sends user and submits information to the server, for the server to the use
Family submits to information to be verified, wherein, the user submits information to indicate the user to be based on the prompting
Information performs the information of the operation for completing.
6. method as claimed in claim 5, it is characterised in that the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
7. the method as described in claim 5 or 6, it is characterised in that the terminal device is carried described
Show that information shows the user, including:
The prompt message is showed the user by the terminal device in the way of combination graphical verification code.
8. a kind of user authentication device, it is characterised in that the device includes:
Generation module, for the user input progress msg sent according to terminal device, generates prompt message;
The user input progress msg is used for the progress that instruction user is input into user profile on the terminal device;
The prompt message refers to for indicating the user to carry out server for the input operation for being currently needed for performing
Fixed change operation;
Sending module, for sending the prompt message that the generation module is generated to the terminal device;
Authentication module, for after user's submission information that the terminal device sends is received, to the user
Submission information verified, wherein, the user submits information to indicate the user to be based on the prompting letter
Breath performs the information of the operation for completing.
9. device as claimed in claim 8, it is characterised in that the authentication module specifically for:
Based on the carrying out user profile before changing for preserving, and the prompt message for sending, it is determined that
The correct operation information of the correspondence user;It is right according to the correct operation information of the correspondence user for determining
The user submits to information to be verified.
10. device as claimed in claim 8, it is characterised in that the sending module specifically for:
According to the user input progress msg that terminal device sends, the time of prompt message is initiated in random selection
Point, and at the time point of selection, the prompting letter that the generation module is generated is sent to the terminal device
Breath.
11. device as described in claim 8~10 is any, it is characterised in that the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
12. a kind of user authentication devices, it is characterised in that the device includes:
First sending module, for sending user input progress msg, the user input progress to server
Information is used for the progress that instruction user is input into user profile on the terminal device;
Receiver module, the prompting letter that the user input progress msg sends is based on for receiving the server
Breath, and user is showed, the prompt message is used to indicate the user to be directed to the input for being currently needed for performing
Operation carries out the change operation that the server is specified;
Second sending module, submits information to, for the server pair for sending user to the server
The user submits to information to be verified, wherein, the user submits to information to be based on institute for the instruction user
State the information that prompt message performs the operation for completing.
13. devices as claimed in claim 12, it is characterised in that the prompt message includes:
The conversion process specified to the character for being currently needed for input;And/or,
Perform other assigned operations in addition to input operation.
14. device as described in claim 12 or 13, it is characterised in that the receiver module is specifically used
In:
The prompt message is showed into the user in the way of combination graphical verification code.
15. a kind of subscriber authentication systems, it is characterised in that the system includes:Server and terminal device;
The terminal device sends user input progress msg, the user input progress letter to the server
Cease the progress for being input into user profile on the terminal device for instruction user;
The user input progress msg that the server sends according to the terminal device, generates prompt message,
And the prompt message for generating is sent to the terminal device, the prompt message is used to indicate the user
The change operation that the server is specified is carried out for the input operation for being currently needed for performing;
The terminal device receives the prompt message that the server sends, and shows user;In user's base
After the prompt message performs completion operation, send user to the server and submit information, the user to
Submission information is to indicate the user to be based on the information that the prompt message performs the operation for completing;
The server is carried after user's submission information that the terminal device sends is received to the user
Friendship information is verified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510946410.XA CN106888090B (en) | 2015-12-16 | 2015-12-16 | User verification method, device and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510946410.XA CN106888090B (en) | 2015-12-16 | 2015-12-16 | User verification method, device and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106888090A true CN106888090A (en) | 2017-06-23 |
CN106888090B CN106888090B (en) | 2020-01-21 |
Family
ID=59176163
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510946410.XA Active CN106888090B (en) | 2015-12-16 | 2015-12-16 | User verification method, device and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106888090B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103049259A (en) * | 2012-12-07 | 2013-04-17 | 北京百度网讯科技有限公司 | Method, device and equipment for presenting graphic object representing input progress |
US20140365782A1 (en) * | 2004-06-14 | 2014-12-11 | Rodney Beatson | Method and System for Providing Password-free, Hardware-rooted, ASIC-based Authentication of a Human to a Mobile Device using Biometrics with a Protected, Local Template to Release Trusted Credentials to Relying Parties |
CN104301286A (en) * | 2013-07-15 | 2015-01-21 | 中国移动通信集团黑龙江有限公司 | User login authentication method and device |
CN105099998A (en) * | 2014-04-30 | 2015-11-25 | 杭州同盾科技有限公司 | Identity information authentication method, device and system |
EP3296908A1 (en) * | 2012-06-12 | 2018-03-21 | Square, Inc. | Securely communicating between a card reader and a mobile device |
-
2015
- 2015-12-16 CN CN201510946410.XA patent/CN106888090B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140365782A1 (en) * | 2004-06-14 | 2014-12-11 | Rodney Beatson | Method and System for Providing Password-free, Hardware-rooted, ASIC-based Authentication of a Human to a Mobile Device using Biometrics with a Protected, Local Template to Release Trusted Credentials to Relying Parties |
EP3296908A1 (en) * | 2012-06-12 | 2018-03-21 | Square, Inc. | Securely communicating between a card reader and a mobile device |
CN103049259A (en) * | 2012-12-07 | 2013-04-17 | 北京百度网讯科技有限公司 | Method, device and equipment for presenting graphic object representing input progress |
CN104301286A (en) * | 2013-07-15 | 2015-01-21 | 中国移动通信集团黑龙江有限公司 | User login authentication method and device |
CN105099998A (en) * | 2014-04-30 | 2015-11-25 | 杭州同盾科技有限公司 | Identity information authentication method, device and system |
Also Published As
Publication number | Publication date |
---|---|
CN106888090B (en) | 2020-01-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2017203608B2 (en) | Mobile human challenge-response test | |
US9923876B2 (en) | Secure randomized input | |
US9756056B2 (en) | Apparatus and method for authenticating a user via multiple user devices | |
CN106453209B (en) | Identity verification method and device | |
TWI787211B (en) | Verification method and device | |
CN104348612A (en) | Third-party website login method based on mobile terminal and mobile terminal | |
US20160127134A1 (en) | User authentication system and method | |
CN104077689A (en) | Information verification method, relevant device and system | |
TWI525467B (en) | Method and computer system for dynamically providing multi-dimensions based password/challenge authentication | |
KR101027228B1 (en) | User-authentication apparatus for internet security, user-authentication method for internet security, and recorded medium recording the same | |
KR101267229B1 (en) | Method and system for authenticating using input pattern | |
CN104079527A (en) | Information processing method and electronic equipment | |
CN108182355B (en) | Login verification method, server and computer readable storage medium | |
CN113973004B (en) | Providing multi-factor authentication credentials via device notifications | |
CN106888090A (en) | A kind of user authentication method, apparatus and system | |
WO2016202045A1 (en) | Card exchange method, device and system | |
JP5176629B2 (en) | Server apparatus, authentication method, and program | |
KR20150104667A (en) | Authentication method | |
US20200242712A1 (en) | Method, apparatus and system for self-service contract for mobile payments | |
JP6322549B2 (en) | Authentication system, authentication method, and authentication program | |
KR101691163B1 (en) | User authentication method and server performing the same | |
CN105721155A (en) | Dynamic token data processing method and system | |
CN116055197A (en) | System login method, device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1238031 Country of ref document: HK |
|
GR01 | Patent grant | ||
GR01 | Patent grant |