CN106911661A - A kind of short-message verification method, device, client, server and system - Google Patents

A kind of short-message verification method, device, client, server and system Download PDF

Info

Publication number
CN106911661A
CN106911661A CN201610849490.1A CN201610849490A CN106911661A CN 106911661 A CN106911661 A CN 106911661A CN 201610849490 A CN201610849490 A CN 201610849490A CN 106911661 A CN106911661 A CN 106911661A
Authority
CN
China
Prior art keywords
according
destination object
terminal association
association data
short
Prior art date
Application number
CN201610849490.1A
Other languages
Chinese (zh)
Inventor
郭伟
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司 filed Critical 阿里巴巴集团控股有限公司
Priority to CN201610849490.1A priority Critical patent/CN106911661A/en
Publication of CN106911661A publication Critical patent/CN106911661A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0823Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/12Fraud detection or prevention
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]

Abstract

The application provides a kind of short-message verification method, device, client, server and system.Methods described includes:Service server adds preset check character in the initial short message content of destination object to be handed down to, and generates service note;The service server sends the service note;After client receives the service note of destination object, by the terminal association data is activation of the destination object to authentication server;The authentication server is based on the terminal association data for receiving, and is accorded with according to the second cipher mode generation client checks;The authentication server judges whether the client checks symbol matches with the preset check character in the terminal association data, and the result of the corresponding service note of the terminal association data is determined according to the result of the judgement.Using each embodiment of the application, the true and false of the short message for receiving can be verified, prevent pseudo-base station fraudulent attacks, recognize the dummy message of pseudo-base station, ensure user's property safety.

Description

A kind of short-message verification method, device, client, server and system

Technical field

The application belongs to technical field of information communication, more particularly to a kind of short-message verification method, device, client, service Device and system.

Background technology

With developing rapidly for mobile communication technology and internet, various mobile terminal devices such as mobile phone, flat board etc. is more next More popularize, user can realize various work and life requirement on line by terminal device, such as done shopping on line, handle on line it is right Public business, bank transfer, payment etc., greatly facilitate daily life.

User receives various message during the use of mobile terminal, often, these message be typically with The mode of SMS is handed down to user.For example it is related to checking, message informing of the convenient application of user's finance etc., base in internet This is all to be handed down to user by way of phone number is with short message, and such as 10086 represent official's short message, 95588 of China Mobile Represent official's short message of the Industrial and Commercial Bank of China.General, user determines whether that official is sent out by the number of short message sending side The short message come, if it is, would generally firmly believe to the short message content, then can accordingly be replied according to short message content, Connection is opened, wire back or performs other and operated.

However, due to the presence and the upgrading of Cheating Technology of pseudo-base station so that current internet financial security has safety Hidden danger, has occurred and that the high-tech swindle case that multipass pseudo-base station is implemented both at home and abroad at present.Described pseudo-base station can be with profit The various signaling procedures during mobile communication are monitored with mobile signaling protocol monitoring system, the current position letter of cellphone subscriber is obtained Breath.It is that user's issuing service is determined when the positional information (Cell-id) of user is consistent with the specific region that service selection sends The short message of system.Such as cheat sends the short message in source 95188 to user by pseudo-base station, and guiding user to fishing website is input into Password, so as to cause user to have dust thrown into the eyes, causes any property loss.One main feature of pseudo-base station, can be arbitrarily more to send elsewhere The number for sending, can select the preferable number of tail number, for example, can the use of mantissa be 10086 or 95588 grade numbers, use mobile phone Family takes for the short message that really commmunication company or industrial and commercial bank send.Or, falsely use public service number or authoritative department name Justice makes up transmission deceptive information, the severe social influence for causing.In addition, pseudo-base station also has very strong mobility, tricker Pseudo-base station equipment can be placed in automobile, drive slowly to travel or car is parked in specific region, carry out short message fraud or wide Accuse and promote so that pseudo-base station strike difficulty is very big.

At present, user receives the short message that pseudo-base station sends, during the short message that the official that especially disguises oneself as sends, due to short Letter is fascinating larger, it is easy to user is believed that the short message is real official sources, cause phone in user's clawback short message, Fishing website in opening short message etc., causes property loss difficult to the appraisal.

The content of the invention

The application purpose is to provide a kind of short-message verification method, device, client, server and system, can be verified The true and false of the short message for receiving, prevents pseudo-base station fraudulent attacks, recognizes the dummy message of pseudo-base station, ensures user's property safety.

What a kind of short-message verification method, device, client, server and the system that the application is provided were realized in:

A kind of short-message verification method, methods described includes:

Service server adds preset check character in the initial short message content of destination object to be handed down to, and generation business is short Letter, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;

The service server sends the service note;

After client receives the service note of destination object, by the terminal association data is activation of the destination object to testing Card server;

The authentication server is based on the terminal association data for receiving, and client checks are generated according to the second cipher mode Symbol;

The authentication server judges whether is preset check character in client checks symbol and the terminal association data Matching, and the result of the corresponding service note of the terminal association data is determined according to the result of the judgement.

A kind of short-message verification method, methods described includes:

Preset check character is added in the initial short message content of destination object to be handed down to, service note is generated, it is described pre- Check character is put to be generated according to the first cipher mode according to the default associated data of the destination object;

Send the service note;

The terminal association data that client sends are received, and is added according to second based on the terminal association data for receiving Close mode generates client checks symbol;

Judge whether the client checks symbol matches with the preset check character in the terminal association data, and according to described The result of judgement determines the result of the corresponding service note of the terminal association data.

A kind of short-message verification method, methods described includes:

The service note of service server is received, the service note is service server in destination object to be handed down to Preset check character generation is added in initial short message content;

By the terminal association data is activation of the corresponding destination object of the service note to authentication server.

A kind of short-message verification device, described device includes:

Service Processing Module, it is raw for adding preset check character in the initial short message content of destination object to be handed down to Into service note, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;

Communication module, for sending service note and receiving the terminal association data that client sends;

Verification process module, for generating client checks according to the second cipher mode based on the terminal association data for receiving Symbol;It is additionally operable to judge whether the client checks symbol matches with the preset check character in the terminal association data, and according to institute The result for stating judgement determines the result of the corresponding service note of the terminal association data.

A kind of short-message verification server, the server includes:

Service Processing Unit, it is raw for adding preset check character in the initial short message content of destination object to be handed down to Into service note, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;

Communication module, for sending service note and receiving the terminal association data that client sends;

Verification process unit, for generating client checks according to the second cipher mode based on the terminal association data for receiving Symbol;It is additionally operable to judge whether the client checks symbol matches with the preset check character in the terminal association data, and according to institute The result for stating judgement determines the result of the corresponding service note of the terminal association data.

A kind of short-message verification device, including short message communication module, the short message communication module are configured to,

Service note for receiving service server, the service note is service server in target pair to be handed down to Preset check character generation is added in the initial short message content of elephant;It is additionally operable to the terminal of the corresponding destination object of the service note Associated data is sent to authentication server.

A kind of client, including communication module, the communication module are configured to, the business for receiving service server Short message, the service note adds preset check character for service server in the initial short message content of destination object to be handed down to Generation;It is additionally operable to the terminal association data is activation of the corresponding destination object of the service note to authentication server.

A kind of short-message verification system, the system includes:

Service server, for adding preset check character in the initial short message content of destination object to be handed down to, generation Service note, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;Also For sending the service note;

Client, the service note for receiving destination object, and the terminal association data of the destination object are sent out Deliver to authentication server;

Authentication server, for receiving the terminal association data that client sends, and is closed based on the terminal for receiving Connection data are accorded with according to the second cipher mode generation client checks;It is additionally operable to judge the client checks symbol and the terminal association number Whether the preset check character in matches, and determines that the corresponding business of the terminal association data is short according to the result of the judgement The result of letter.

A kind of short-message verification system, the system includes:

Server, for adding preset check character in the initial short message content of destination object to be handed down to, generates business Short message, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;It is additionally operable to Send the service note;It is additionally operable to receive the terminal association data that client sends, and is closed based on the terminal for receiving Connection data are accorded with according to the second cipher mode generation client checks;It is additionally operable to judge the client checks symbol and the terminal association number Whether the preset check character in matches, and determines that the corresponding business of the terminal association data is short according to the result of the judgement The result of letter;It is additionally operable to send the result to corresponding client;

Client, the service note for receiving destination object, and the terminal association data of the destination object are sent out Deliver to authentication server;The result of the service note of the reception server return is additionally operable to, and is held according to the result The corresponding operational order of row.

A kind of short-message verification method, device, client, server and system that the application is provided, can be handed down to use Preset check character is added in the service note at family, and user can be by the terminal association number of short message content after receiving service note Verify the true and false of service note according to authentication server is sent to, so as to prevent pseudo-base station from attacking, improve the peace of short message Quan Xing, ensures user's property safety.

Brief description of the drawings

In order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art, below will be to embodiment or existing The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are only this Some embodiments described in application, for those of ordinary skill in the art, are not paying the premise of creative labor Under, other accompanying drawings can also be obtained according to these accompanying drawings.

Fig. 1 is a kind of method flow diagram of embodiment of a kind of short-message verification method that the application is provided;

Fig. 2 is a kind of method flow schematic diagram of herein described short-message verification method another kind embodiment;

Fig. 3 is a kind of a kind of herein described schematic diagram for practicing scene of short-message verification method;

Fig. 4 is a kind of method flow schematic diagram of embodiment of a kind of short message method to be verified that the application is provided;

Fig. 5 is a kind of method flow schematic diagram of short message method another kind embodiment to be verified that the application is provided;

Fig. 6 is a kind of method flow schematic diagram of embodiment of a kind of short message method to be verified that the application is provided;

Fig. 7 is a kind of modular structure schematic diagram of embodiment of a kind of short-message verification device that the application is provided;

Fig. 8 is a kind of modular structure schematic diagram of the embodiment of verification process module 103 that the application is provided;

Fig. 9 is a kind of modular structure schematic diagram of embodiment of short-message verification server that the application is provided;

A kind of a kind of framework schematic diagram of implement scene of short-message verification system that Figure 10 the application is provided;

A kind of framework schematic diagram of short-message verification system another kind implement scene that Figure 11 the application is provided.

Specific embodiment

In order that those skilled in the art more fully understand the technical scheme in the application, below in conjunction with the application reality The accompanying drawing in example is applied, the technical scheme in the embodiment of the present application is clearly and completely described, it is clear that described implementation Example is only some embodiments of the present application, rather than whole embodiments.Based on the embodiment in the application, this area is common The every other embodiment that technical staff is obtained under the premise of creative work is not made, should all belong to the application protection Scope.

Fig. 1 is a kind of a kind of herein described method flow diagram of embodiment of short-message verification method.Although the application is provided Such as following embodiments or method operating procedure shown in the drawings or apparatus structure, but based on conventional or without creative labor Moving can include more or less operating procedure or modular unit in methods described or device.Do not exist in logicality In the step of necessary causality or structure, the execution sequence of these steps or the modular structure of device are not limited to the application implementation Example or execution sequence shown in the drawings or modular structure.Described method or the device or terminal product in practice of modular structure During product application, order execution or executed in parallel can be carried out according to embodiment or method shown in the drawings or modular structure (environment of such as parallel processor or multiple threads, the even implementation environment including distributed treatment).

Specific one kind practices scene as described in Figure 1, and a kind of one kind for short-message verification method that the application is provided is real Applying example can include:

S1:Service server adds preset check character in the initial short message content of destination object to be handed down to, and generates industry Business short message, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode.

, it is necessary to the service server for being handed down to destination object notification message, PUSH message etc. can be with the embodiment of the present application The preset check character of addition user's identification checking in initial short message content (being referred to as original short message content) to be issued. Described preset check character can by server according to the default associated data of the destination object according to choosing in advance/design First cipher mode is generated.The treatment that current SMS notification, popularization etc. are mainly carried out with phone number as object, the application's In a kind of application scenarios of embodiment, the destination object can be phone number, such as the 11 of China Arabic numerals Movement, the phone number that telecommunications or operator of UNICOM are user's distribution.Service server in different industries scene can be with It is that destination object sends notice, popularization message etc., such as service server of the Industrial and Commercial Bank of China in certain region by phone number The end of the year expired notifying messages can be integrated to the phone number broadcast transmission of the reserved user of registration, or businessman fills out to user The contact number of the addressee for writing sends shipped notifying messages content for noting checking and accepting of trade company etc..

It can be that mobile communication carrier is the phone number of user's distribution, this Shen that destination object described above is common Please be not excluded in other examples, described destination object can receive object for other short messages, as mentioned target Object can also be identity or the EIC equipment identification code of the other modes of user.Such as intranet in a kind of application scenarios Interior identification code can be the colored name mark of employee's distribution, can include the combination of Chinese and English, and enterprise can be set by broadcast It is standby to send enterprise's notifying messages to the employee's terminal for being subjected to the broadcast.

Service server can add preset check character in the initial short message content for being handed down to destination object.Described is pre- Putting check character can be generated by the service server, it is also possible to including being entered by special server or third-party server The corresponding treatment of row, generation.The preset check character of the embodiment of the present application addition can be according to the default association of the destination object Data are generated according to certain cipher mode.Described default associated data can include the destination object for pre-setting Specify some or multiple associated data, such as short message content, identification number, ID, using this or The associated data of multiple generate preset check character according to the cipher mode for setting.

After obtaining the default associated data of destination object, preset school can be generated according to the first cipher mode set in advance Symbol is tested, then preset check character can be added in initial short message content, destination object is sent in generation the present embodiment Service note.In a kind of embodiment of the application, described destination object can be the use that common carrier is user's distribution The 11 of family identification number, such as China are Arabic numerals.In i.e. a kind of embodiment party, the default associated data can be wrapped Include:The initial short message content, the identification code of destination object.The identification code of the destination object can be phone number, or Destination object is phone number, and its identification code can be for phone number in itself.

In a specific application scenarios, such as certain payment is handed down to user using the service server S of A by phone number Initial short message content C1 be:

" please log in www.xxxpay.com carries out real-name authentication.”

The user user1 of client, phone number be 186XXXX6666 service log-on is carried out using A by payment, it is necessary to Receive the short message of service server S.Now, service server can be waited to be handed down to the initial short of the user user1 according to this Letter content and phone number generate a string of check characters according to the first cipher mode chosen:L4IEK4KA5S1.Specific use First cipher mode can be chosen by designer according to application scenarios, or self-defined setting cipher mode.Can be by the school Symbol " L4IEK4KA5S1 " is tested as preset check character, it is then possible to by for the preset of this initial short message content and phone number Check character is added in initial short message content, generates service note:

" please log in www.xxxpay.com carries out real-name authentication [L4IEK4KA5S1].”

In other implementation methods, the first described cipher mode can also use md5 digest algorithms, you can with according to short Letter content+identification code generation md5, the character of md5 is taken as check character according to default value mode.

In the embodiment of the present application, service server can be added in advance in the initial short message content of destination object to be handed down to Check character is put, service note is generated.The preset check character can be according to the default associated data of the destination object according to One cipher mode is generated.

S2:The service server sends the service note.

After service server generation with the addition of the service note of preset check character, the service note can be sent out Go.General, described service server can be the server of the common carrier as China Mobile, China Telecom, Can by corresponding server by service note content transmission to specific base, then base station by broadcast transmission to being linked into The terminal user of the base station cell.Certainly, described service server can also be the service server of each enterprise application, such as The service server of above-mentioned payment application A, or the Industrial and Commercial Bank of China service server.The business service of these enterprises application Device is not excluded for that the service note, common these enterprises can be sent by the private base station of oneself in some embodiments User can send the service note to destination object using the base station by common carrier.

S3:After client receives the service note of destination object, by the terminal association data is activation of the destination object To authentication server.

Described client it is general can include the destination object where terminal device, such as SIM of phone number Block the mobile communication terminal (such as mobile phone) installed.General, a destination object can be included in a client, it is other real Applying can also include multiple destination objects in example, and the double-card dual-standby that can be such as realized in current mobile phone can simultaneously use two hands Machine number.The terminal association data of described destination object can include the finger of the destination object in the client that pre-sets Some or multiple associated data are determined, such as in the information of the service note of certain destination object that client is received Hold, or client where destination object device identification or other associated datas specified.General, described terminal Associated data can be identical with the parameters/properties type that the default associated data is specified, such as can include short message content or Person's phone number.The application is not precluded within other some embodiments, and the terminal that client will be sent to authentication server is closed The type of connection data can be differed or part is identical.Specifically, paying the service server S of application A in the present embodiment It is handed down in the application scenarios of initial short message content C1 of user by phone number, described terminal association data can be set It is to include:The identification code of the service note, the destination object of the reception service note.

When the mobile phone of user is received, " please log in www.xxxpay.com carries out real-name authentication [L4IEK4KA5S1]." During service note, mobile phone by this service note content and can receive the phone number of the service note automatically The terminal association data of 186XXXX6666 together send to specified authentication server the checking for carrying out the short message true and false.

In a kind of embodiment of the application, described authentication server can include with separated in traffic server logic, The server for short message authenticity verification being separately provided.Can be specifically to belong to same businessman or industry with service server Authentication server under business system, or the authentication server of cooperation competitor.It is described in another embodiment of the application Authentication server and the service server can also be same server, different Business Processing moulds can be belonged to Block.Service server S such as certain payment application can send notifying messages to destination object, while destination object can also be received The terminal association data that place client is sended over, carry out corresponding verification process.Therefore, one kind of herein described method In embodiment, the service server and authentication server are configured to using any one implementation method in following:

The service server is same server with authentication server;

The service server is servers different on logical place from authentication server.On described logical place not With the different disposal server that can belong to same computer room or same operation system including physical location.

In the embodiment of the present application, after client receives the service note of destination object, can be by the destination object Terminal association data is activation is to authentication server.Described terminal association data can preassign setting destination object described One or more associated data of client associate.

S4:The authentication server is based on the terminal association data for receiving, according to the second cipher mode generation terminal school Test symbol.

Authentication server can open corresponding interface service, receive the terminal association data that client upload is come, and be used for The authenticity verification of client traffic short message.Authentication server can be tested according to the terminal association data of the destination object Card, the corresponding client checks symbol of the terminal association data can be generated in the present embodiment using the second cipher mode of selection.

In a kind of implementation method, described the second cipher mode can check character preset with above-mentioned generation when use first Cipher mode is identical, can such as obtain with the default associated data type identical terminal association data (as being all according to short Letter content and phone number generation check character), authentication server will using domain the second cipher mode of the first cipher mode identical Terminal association data (short message content and the phone number of user that terminal is uploaded) generation client checks symbol of client upload.When So, in the application others embodiments, the second described cipher mode can also be differed with first cipher mode, and such as the Two cipher modes can be according to the particular content included by terminal association data on the basis of first cipher mode Some other processing mode or change some of them parameters are set.

S5:The authentication server judges that the client checks symbol is with the preset check character in the terminal association data No matching, and the result of the corresponding service note of the terminal association data is determined according to the result of the judgement.

Authentication server can extract the terminal association data of the destination object of client upload, obtain terminal association data In preset check character.Authentication server may determine that and described be generated according to second cipher mode according to terminal association data Client checks symbol with included in the terminal association data client checks symbol whether match.

Described matching, can include client checks symbol and the preset check character identical implementation method, also may be used Meet default corresponding/mapping relations with the preset check character with including client checks symbol.If for example, both adopted With short message content and phone number as the associated data for generating check character, and the cipher mode for using is also identical.So, test Card server can compare according to the preset check character carried in the client checks of terminal association data genaration symbol and service note It is whether identical, if identical, it is verified, the service note that expression client is received is for real service server is issued 's;Otherwise, checking does not pass through.

If it should be noted that authentication server do not extracted from the terminal association data of client upload it is preset Check character, then can directly judge that the corresponding service note checking of the terminal association data does not pass through, example in a kind of implementation method As the operation system that some fraudsters have no knowledge about implementing this programme implements short-message verification function.Under application scenes, If the service note that the real service server of client sends and comes, can be comprising preset check character in the service note Information.Client also can be the letter comprising the preset check character in being now uploaded to the terminal association data of authentication server Breath, the true and false of the service note is verified so as to authentication server.And client receives the industry that some are not added with preset check character During business short message, client can also be by corresponding terminal association data, and such as short message content and phone number are sent to the service for checking credentials Device.There is no preset check character in detecting the terminal association data for receiving due to authentication server, then can directly judge this Service note is fraud short message etc., and checking does not pass through.Certainly, even if containing preset verification in the terminal association data for uploading Symbol, because the treatment of the associated data, cipher mode that use is different, authentication server is raw according to short message content, phone number etc. The client checks symbol matched with preset check character is not become, same checking can not pass through.

It is described after authentication server is to the true and false according to the terminal association data verification corresponding service object of client upload Method can also include

S6:The result is returned into corresponding client.

Fig. 2 is a kind of method flow schematic diagram of herein described short-message verification method another kind embodiment.Now client End can perform corresponding operation, if such as service note the result does not pass through, client application according to the result Prompt the user with the information of short message warning;If the verification passes, then service note can be set for official's short message, or checking is logical Out-of-date acquiescence occurs without prompt message.

Fig. 3 is a kind of a kind of herein described schematic diagram for practicing scene of short-message verification method.As shown in figure 3, each The service provider of individual application can be by internet by means of common carrier base station service note is sent to client, client End can include that the terminal association data of reception time upload to application after receiving service note by such as service note or again Authentication server.Authentication server verified, recognizes the service note true and false.By above-mentioned as can be seen that passing through the application reality Scheme is applied, service server can add preset check character in the service note for be handed down to user, and user receives business The terminal association data is activation of short message content to authentication server can verify the true and false of service note after short message, so that Prevent pseudo-base station from attacking, improve the security of short message, ensure user's property safety.

Based on described above, the application also provide it is a kind of can be used for the short-message verification method of server-side, realize existing Be handed down in the service note of client and add preset check character, and the data verification client according to client upload industry The business short message true and false.Specifically as shown in figure 4, Fig. 4 is a kind of side of embodiment of a kind of short message method to be verified that the application is provided Method schematic flow sheet, in a kind of short-message verification method that the application is provided, methods described can include:

S11:Preset check character is added in the initial short message content of destination object to be handed down to, service note, institute is generated Preset check character is stated to be generated according to the first cipher mode according to the default associated data of the destination object;

S22:Send the service note;

S33:Receive the terminal association data that send of client, and based on the terminal association data for receiving according to the Two cipher modes generation client checks symbol;

S44:Judge whether the client checks symbol matches with the preset check character in the terminal association data, and according to The result of the judgement determines the result of the corresponding service note of the terminal association data.

As it was previously stated, in a kind of embodiment of herein described method, can during the treatment of the check code added in short message To use md5 digest algorithms.The service for checking credentials is provided in application service open platform, to the application for accessing, such as application service is opened The client application of platform oneself or the client application of cooperation competitor provide the service of the checking short message true and false.Specifically, this Shen Please be in a kind of a kind of embodiment of short-message verification method, first cipher mode and the second cipher mode can be set Into:

S110:Based on default associated data, the first source is generated using predetermined encryption algorithm and is checked character string;Taken according to default Value mode take first source check character string specified location in character as preset check character;

Based on terminal association data, the second source is generated using predetermined encryption algorithm and is checked character string;According to default value side Formula take second source check character string specified location in character as client checks accord with.

It is above-mentioned to phone number for 186XXXX6666 is issued initial short message content for " www.xxxpay.com please be log in Carry out real-name authentication." in application scenarios treatment, if the md5 sources that 32 can be generated during using md5 digest algorithms are checked character String:742D07543B0DFED86255296AC6EEE3DC, then can take wherein specific bit section the 2nd, 4,8,16,32 character As check character:4D48C.In issuing service short message processing procedure, can be added to the check character as preset check character In initial short message content, generating final service note is:

" please log in www.xxxpay.com carries out real-name authentication [4D48C].”

If in the short-message verification result stage, then business is short during authentication server can extract terminal association data " please log in www.xxxpay.com carries out real-name authentication [4D48C] to the content of letter.", then add subscriber phone number 186XXXX6666, is accorded with using the second cipher mode generation client checks.The client checks symbol for ultimately generating, if the first encryption Mode and the second cipher mode use identical AES, then can generate client checks symbol " 4D48C ".If using difference AES, then can generate other client checks symbol.General, if added if setting the first cipher mode and second Close mode uses different AESs, and the check character of generation is generally also different, can now take the first cipher mode with Second cipher mode has corresponding relation, so as to can be added with using first using the client checks symbol that the second cipher mode is generated Close mode generates preset check character and is compared, matches, and verifies the short message true and false.

In another embodiment of herein described method,

S220:The default associated data includes the initial short message content, the identification code of destination object;The terminal is closed Connection data include the service note, the identification code of the destination object of the reception service note;

In specific implementation process, can using short message content and phone number as the associated data of generation check character, and And identical AES is used when generating preset check character and client checks symbol, such as use md5 digest algorithms, fetching positioning 5 characters put.

In another embodiment of herein described short-message verification method, the identification code according to different users can be set Different check character value modes are set.Therefore, in another embodiment of herein described method,

S330:The predetermined encryption algorithm can be configured to, and be provided with least two source check characters according to identification code The default value mode of character;When the identification code of destination object is obtained, corresponding default value is chosen according to the identification code Mode generates preset check character/client checks symbol.

The default value mode of character specifically can be certainly in the source check character according to identification code is provided with least two Rule is defined, such as different number segments sets different value modes, or different ending sources are checked character to go here and there and set different Value mode, or even, each identification code can correspond to only one value mode.Such as said short message content+cell-phone number During code is using the application scenarios of md5 digest algorithms, if phone number section is 186, can be configured to take source and check character string The 2nd, 4,8,16,32 character is used as check character;If phone number section is 139, can be configured to take source and check character String the 1st, 3,9,17,31 character is used as check character.It is, of course, also possible to other default value modes are designed, to realize root Different value modes is used according to identification code, increases the security of check character encryption.

In another embodiment of herein described method, destination object can also be added when preset check character is generated Key is processed, and further strengthens the security of check character, it is to avoid cause whole service system after the leakage of some encryption information It is unavailable.Specifically, in another embodiment of a kind of herein described short-message verification method,

S440:The default associated data also dynamic key including destination object, the dynamic key is configured to, root Cipher key sets are generated according to the identification code of destination object, and destination object is selected in the treatment according to the process time of service note Key in time corresponding cipher key sets is used as the dynamic key for generating preset check character;

The terminal association data also receive the reception time of service note including client;

Accordingly, the methods described after the terminal association data are received can also include:

S441:The destination object for receiving the service note is obtained in the reception time corresponding check key;

And, it is described to include according to the second cipher mode generation client checks symbol:According to the terminal association data and institute Check key is stated, is accorded with according to the second cipher mode generation client checks.

For example in above-described embodiment application scenarios md5 can be generated using the mode of short message content+phone number+key, Then 5 characters of specified location are taken as preset check character according to default value mode.An embodiment of the present embodiment In, the identification code of the destination object can be the user identification number that common carrier is user's distribution, then, the key Key in set the character of the user identification number specified location can be generated according to.

In specific implementation process, different keys can be set according to latter several of phone number, it is to avoid certain is close After key leakage, the short-message verification service of user is unavailable.For example can use last 6 bit digital of phone number, from 000000 to 999999,1,000,000 keys can be generated altogether.If taking its 6 characters with reference to the md5 of 32, there can be up to 600,000,000 group Close.Each cell-phone number can generate such cipher key sets, and the key in cipher key sets can be designed in the different time Point uses different keys.Such as converted a secondary key every 30 seconds, present system time according to the currently processed business hours from Then the corresponding cipher key sets of subscriber phone number are entered again from the corresponding key of the present system time is selected as dynamic key The treatment of one step.

The time for receiving service note can be simultaneously uploaded during client upload terminal association data.Authentication server according to The reception time of service note extracts the key for being used at that time point, is then verified using this key.

As it was previously stated, in a kind of mode of herein described method, the identification code of the destination object can be transported for communication Battalion business is the user identification number of user's distribution, and the key in the cipher key sets user identification number can refer to according to The character generation that positioning is put.

Further, the corresponding service note true and false of terminal association data that authentication server is received according to check character checking Afterwards, the result can be returned to corresponding client.Fig. 5 is that a kind of short message method to be verified that the application is provided is another real Apply the method flow schematic diagram of example.Client-side can accordingly be processed according to the result, if for example checking is not Pass through, then it is the prompt message for cheating short message etc. to issue the user with service note.So, the result of server can be based on The security of the short message that client user receives is ensured, therefore, in a kind of embodiment of herein described short-message verification method, It is determined that after the result of the corresponding service note of the terminal association data, methods described can also include:

S55:The result is back to corresponding client.

Each embodiment of the above-mentioned short-message verification method for server-side, specific embodiment is referred to this Apply for the associated description of other embodiment, will not be described here.The short-message verification method provided using the embodiment of the present application, service Device can add preset check character in the service note for be handed down to user, and user can be by short message after receiving service note The terminal association data is activation of content to authentication server verify the true and false of service note, so as to prevent pseudo-base station from attacking, The security of short message is improved, user's property safety is ensured.

Further, the application also provide it is a kind of can be used for the short-message verification method of client, realize client-side The true and false of the short message for receiving is identified, prevents client user from being attacked by pseudo-base station, ensure client user's property.Fig. 6 It is a kind of a kind of method flow schematic diagram of embodiment of short message method to be verified of the application offer.Specifically as shown in fig. 6, one Plant in embodiment, methods described can include:

S301:The service note of service server is received, the service note is service server in target to be handed down to Preset check character generation is added in the initial short message content of object.The preset check character can be according to the pre- of the destination object If associated data is generated according to the first cipher mode.

S302:By the terminal association data is activation of the corresponding destination object of the service note to authentication server.

As it was previously stated, in a kind of implementation method, the terminal association data can include the service note, receive described The identification code of the destination object of service note, so that authentication server generates terminal school according to the content and identification code of service note Test symbol.

In other implementation methods, the terminal association data can also include:The reception time of service note is received, So that authentication server obtains the destination object for receiving service note in the reception time corresponding school according to the received time Key is tested, and client checks symbol is generated according to the check key.

In a kind of implementation method, to prevent cracking, server-side is provided with key and is updated according to some cycles.For visitor Family end side, short message can be simultaneously uploaded when short message is uploaded and receives the time, and then that short message of server by utilizing receives the time Key carry out short-message verification, greatly improve short-message verification safety and reliability.

Based on short-message verification method described above, the application provides a kind of short-message verification device.The short-message verification dress Put and can be used in server, realize the checking to the client traffic short message true and false, prevent pseudo-base station from attacking, there is provided short message service Security, ensures user's property safety.Fig. 7 is a kind of modular structure of embodiment of a kind of short-message verification device that the application is provided Schematic diagram, as shown in fig. 7, described device can include:

Service Processing Module 101, can be used for adding preset school in the initial short message content of destination object to be handed down to Test symbol, generate service note, the preset check character is according to the default associated data of the destination object according to the first encryption side Formula is generated;

Communication module 102, can be used for sending service note and receives the terminal association data that client sends;

Verification process module 103, can be used for being generated according to the second cipher mode based on the terminal association data for receiving Client checks are accorded with;Can be also used for judging preset check character in the client checks symbol and the terminal association data whether Match somebody with somebody, and the result of the corresponding service note of the terminal association data is determined according to the result of the judgement.

In a kind of another embodiment of the short-message verification device provided with reference to the implementation method of preceding method, the application, First cipher mode and the second cipher mode are configured to:

Based on default associated data, the first source is generated using predetermined encryption algorithm and is checked character string;According to default value side Formula take first source check character string specified location in character as preset check character;

Based on terminal association data, the second source is generated using predetermined encryption algorithm and is checked character string;According to default value side Formula take second source check character string specified location in character as client checks accord with.

Described default associated data and terminal association data can be determined according to business scenario or short-message verification mode Justice is set.In a kind of implementation method that the application is provided, the default associated data includes the initial short message content, target pair The identification code of elephant;The terminal association data include the service note, the identification of the destination object of the reception service note Code.

In another embodiment of herein described device, different schools can be set according to the identification code of different users Test symbol value mode.Therefore, in another embodiment of herein described device, the verification process module 103 can include:

Value rule module 1031, can be used for storage according to character at least two source check characters of identification code setting Value mode;

Value mode determining module 1032, can be used for when the identification code of destination object is obtained, according to the identification code Determine the value mode of character in the check character of source;

Check character generation module 1033, can be used for generating preset school according to the value mode of character in the source check character Test symbol/client checks symbol.

Fig. 8 is a kind of modular structure schematic diagram of the embodiment of verification process module 103 that the application is provided.According to identification code Being provided with the default value mode of character in source check character described at least two specifically can be with custom rule, such as different numbers Code section sets different value modes, or different ending sources are checked character to go here and there and set different value modes, or even, each Identification code can correspond to only one value mode.Described source check character can be pre- according to when preset check character is generated If the first source check character of associated data generation, accordingly, generation phase is accorded with client checks, the source check character can be root According to the second source check character of terminal association data genaration.

In a kind of another embodiment of described short-message verification device, can also be added when preset check character is generated The key of destination object is processed, and further strengthens the security of check character, it is to avoid caused after the leakage of some encryption information whole Individual service system is unavailable.Therefore, in a kind of another embodiment of described short-message verification device, the default incidence number According to the dynamic key that can also include destination object, the dynamic key is configured to, the identification code generation according to destination object Cipher key sets, and destination object is selected in the corresponding cipher key sets of the process time according to the process time of service note Key is used as the dynamic key for generating preset check character;

The terminal association data also receive the reception time of service note including client;

Accordingly, the verification process module also includes after the terminal association data are received:

The destination object for receiving the service note is obtained in the reception time corresponding check key;And,

It is described to include according to the second cipher mode generation client checks symbol:According to the terminal association data and the verification Key, accords with according to the second cipher mode generation client checks.

The short-message verification device provided using the embodiment of the present application, server can be in the service note for being handed down to user Preset check character is added, and user can take the terminal association data is activation of short message content to checking after receiving service note Business device verify the true and false of service note, so as to prevent pseudo-base station from attacking, improves the security of short message, ensures user's wealth Produce safety.

Method or apparatus described above can be used in server, realize the checking to the client traffic short message true and false, Prevent pseudo-base station from attacking.Therefore, the application also provides a kind of short-message verification server, and Fig. 9 is the short-message verification that the application is provided A kind of modular structure schematic diagram of embodiment of server, as shown in figure 9, the server can include:

Service Processing Unit 100, can be used for adding preset school in the initial short message content of destination object to be handed down to Test symbol, generate service note, the preset check character is according to the default associated data of the destination object according to the first encryption side Formula is generated;

Communication module 110, can be used for sending service note and receives the terminal association data that client sends;

Verification process unit 120, can be used for being generated according to the second cipher mode based on the terminal association data for receiving Client checks are accorded with;It is additionally operable to judge whether the client checks symbol matches with the preset check character in the terminal association data, And the result of the corresponding service note of the terminal association data is determined according to the result of the judgement.

Certainly, with reference to foregoing described, first cipher mode and the second cipher mode can be configured to:

Based on default associated data, the first source is generated using predetermined encryption algorithm and is checked character string;According to default value side Formula take first source check character string specified location in character as preset check character;

Based on terminal association data, the second source is generated using predetermined encryption algorithm and is checked character string;According to default value side Formula take second source check character string specified location in character as client checks accord with.

Further, in another embodiment, the predetermined encryption algorithm is also configured to, and is set according to identification code There is the default value mode of character at least two source check characters;When the identification code of destination object is obtained, according to the identification Code chooses corresponding default value mode and generates preset check character/client checks symbol.

Described default associated data and terminal association data equally can be with self-defined settings.Herein described server is obtained To in a kind of embodiment, the default associated data can include the initial short message content, the identification code of destination object;It is described Terminal association data can include the service note, the identification code of the destination object of the reception service note.Certainly, other Embodiment in, key can also be added, realize key dynamically update, further strengthen short-message verification.

Each embodiment of the above-mentioned short-message verification device for server-side and the possible embodiment party of destination object Formula, the reference unit that the result is returned relative client etc., the other embodiment of method, are specifically referred to this Shen Please other embodiment associated description, will not be described here.

The short-message verification server provided using the embodiment of the present application, can be added in the service note for be handed down to user Preset check character, and user can be by the terminal association data is activation of short message content to authentication server after receiving service note Verify the true and false of service note, so as to prevent pseudo-base station from attacking, improve the security of short message, ensure user's property peace Entirely.

Correspondence client-side, the application is also provided and a kind of can be used for the short-message verification device of client, described device Short message communication module can be included.In a kind of embodiment, the short message communication module can be configured to,

Can be used for receiving the service note of service server, the service note is service server in mesh to be handed down to Preset check character generation is added in the initial short message content for marking object;Can be also used for the corresponding target pair of the service note The terminal association data is activation of elephant is to authentication server.

Said short message checking device can be used for client, the payment application of certain enterprise such as in client.This is being installed When the client for paying application receives service note, service note can be sent to authentication server and be verified, to recognize Whether the service note is from real service server.Therefore, the application also provides a kind of client, including communication module, In a kind of embodiment, the communication module is configured to, and can be used for receiving the service note of service server, and the business is short Believe for service server adds preset check character generation in the initial short message content of destination object to be handed down to;It is additionally operable to institute State the terminal association data is activation of the corresponding destination object of service note to authentication server.

The implementation method of short-message verification method, device, server, client described in above-mentioned implementation etc. can apply to hand The authenticity verification of machine short message.Based on above-mentioned, the application also provides a kind of short-message verification system, it is possible to achieve the checking short message true and false, Prevent pseudo-base station from attacking, there is provided short message service security.A kind of implementation field of a kind of short-message verification system that Figure 10 the application is provided The framework schematic diagram of scape, as shown in figure 1, the short-message verification system can include:

Service server 1, can be used for adding preset check character in the initial short message content of destination object to be handed down to, Generation service note, the preset check character is given birth to according to the default associated data of the destination object according to the first cipher mode Into;Can be also used for sending the service note;

Client 2, can be used for receiving the service note of destination object, and by the terminal association number of the destination object According to transmission to authentication server;

Authentication server 3, can be used for receiving the terminal association data that client sends, and based on the end for receiving End associated data is accorded with according to the second cipher mode generation client checks;It is additionally operable to judge that the client checks symbol is closed with the terminal Whether the preset check character in connection data matches, and determines the corresponding industry of the terminal association data according to the result of the judgement The result of short message of being engaged in.

The middle service server of the checking system that above-described embodiment is provided and authentication server can be logically separate Server.Certainly, during the application provides another embodiment of short-message verification system, the service server and authentication server It can be same processing server.A kind of framework of short-message verification system another kind implement scene that Figure 11 the application is provided shows It is intended to, as shown in figure 11, in a kind of another embodiment of short-message verification system that the application is provided, the system can be wrapped Include:

Server, can be used for adding preset check character in the initial short message content of destination object to be handed down to, generation Service note, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;Also Can be used for sending the service note;Can be also used for receiving the terminal association data that send of client, and based on connecing The terminal association data for receiving are accorded with according to the second cipher mode generation client checks;Can be also used for judging the client checks symbol Whether matched with the preset check character in the terminal association data, and the terminal association is determined according to the result of the judgement The result of the corresponding service note of data;Can be also used for sending the result to corresponding client;

Client, can be used for receiving the service note of destination object, and by the terminal association number of the destination object According to transmission to authentication server;The result of the service note of the reception server return is can be also used for, and is tested according to described Card result performs corresponding operational order.

If the result of the service note that client is received does not pass through for checking, client application can be to user The information of SMS Tip warning;If the verification passes, then service note can be set to be write from memory for official's short message, or when being verified Misknow existing prompt message.

The short-message verification system provided using the embodiment of the present application, can add pre- in the service note for be handed down to user Check character is put, and user can enter the terminal association data is activation of short message content to authentication server after receiving service note The true and false of row checking service note, so as to prevent pseudo-base station from attacking, improves the security of short message, ensures using terminal application User property safety.

Although mentioning service server/information interaction of client/authentication server, destination object in teachings herein For the implementation method of phone number, MD5 digest algorithm, to take phone number last 6 be generation key, preset check character and terminal school The description of information interaction approach, data encryption, the associated data definition of the encryption/generating mode of symbol or the like etc. is tested, but, this Application is not limited to meet information communication standard, mark AES, industry routine/same data definition/setting Situation described by method or embodiment.Some professional standards or the practice processes described using self-defined mode or embodiment On embodiment amended slightly can also realize above-described embodiment it is identical, equivalent or close or deformation after it is anticipated that reality Apply effect.Using the embodiment of the acquisitions such as data acquisition, interaction, judgement, the definition mode after these modifications or deformation, still may be used With within the scope of the optional embodiment for belonging to the application.

Although this application provides the method operating procedure as described in embodiment or flow chart, based on conventional or noninvasive The means of the property made can include more or less operating procedures.The step of being enumerated in embodiment order is only numerous steps A kind of mode in execution sequence, unique execution sequence is not represented.When device in practice or end product are performed, can be with Performed or executed in parallel (such as parallel processor or multiple threads according to embodiment or method shown in the drawings order Environment, even distributed data processing environment).Term " including ", "comprising" or its any other variant be intended to Nonexcludability is included, so that process, method, product or equipment including a series of key elements not only will including those Element, but also other key elements including being not expressly set out, or also include being this process, method, product or equipment Intrinsic key element.In the absence of more restrictions, be not precluded from the process including the key element, method, product or Also there are other identical or equivalent elements in person's equipment.

Unit, device or module that above-described embodiment is illustrated etc., can specifically be realized by computer chip or entity, or Realized by the product with certain function.For convenience of description, describe to be divided into various modules point with function during apparatus above Do not describe.Certainly, can the function of each module is real in same or multiple softwares and/or hardware when the application is implemented It is existing, it is also possible to will to realize that the module of same function is realized etc. by the combination of multiple submodule or subelement.Dress described above It is only schematical to put embodiment, for example, the division of the unit, only a kind of division of logic function, when actually realizing There can be other dividing mode, such as multiple units or component can combine or be desirably integrated into another system, or one A little features can be ignored, or not perform.It is another, shown or discussed coupling or direct-coupling or communication link each other Connecing can be that the INDIRECT COUPLING or communication connection of device or unit can be electrical, mechanical or other shapes by some interfaces Formula.

It is also known in the art that in addition to realizing controller in pure computer readable program code mode, it is complete Entirely can by by method and step carry out programming in logic come cause controller with gate, switch, application specific integrated circuit, may be programmed Logic controller realizes identical function with the form of embedded microcontroller etc..Therefore this controller is considered one kind Hardware component, and the device for realizing various functions included to its inside can also be considered as the structure in hardware component.Or Person even, can be used to realizing that the device of various functions is considered as not only being the software module of implementation method but also can be hardware Structure in part.

The application can be described in the general context of computer executable instructions, such as program Module.Usually, program module includes performing particular task or realizes routine, program, object, the group of particular abstract data type Part, data structure, class etc..The application can also be in a distributed computing environment put into practice, in these DCEs, Task is performed by the remote processing devices connected by communication network.In a distributed computing environment, program module can With in the local and remote computer-readable storage medium including including storage device.

As seen through the above description of the embodiments, those skilled in the art can be understood that the application can Realized by the mode of software plus required general hardware platform.Based on such understanding, the technical scheme essence of the application On the part that is contributed to prior art in other words can be embodied in the form of software product, the computer software product Can store in storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions are used to so that a computer equipment (can be personal computer, mobile terminal, server, or network equipment etc.) performs each embodiment of the application or implementation Method described in some parts of example.

Each embodiment in this specification is described by the way of progressive, same or analogous portion between each embodiment Divide mutually referring to what each embodiment was stressed is the difference with other embodiment.The application can be used for crowd In more general or special purpose computing system environments or configuration.For example:Personal computer, server computer, handheld device or Portable set, laptop device, multicomputer system, the system based on microprocessor, set top box, programmable electronics set Standby, network PC, minicom, mainframe computer, the DCE including any of the above system or equipment etc..

Although depicting the application by embodiment, it will be appreciated by the skilled addressee that the application have it is many deformation and Change is without deviating from spirit herein, it is desirable to which appended claim includes these deformations and changes without deviating from the application's Spirit.

Claims (27)

1. a kind of short-message verification method, it is characterised in that methods described includes:
Service server adds preset check character in the initial short message content of destination object to be handed down to, and generates service note, The preset check character is generated according to the default associated data of the destination object according to the first cipher mode;
The service server sends the service note;
After client receives the service note of destination object, by the terminal association data is activation of the destination object to verifying clothes Business device;
The authentication server is based on the terminal association data for receiving, and is accorded with according to the second cipher mode generation client checks;
The authentication server judges whether the client checks symbol matches with the preset check character in the terminal association data, And the result of the corresponding service note of the terminal association data is determined according to the result of the judgement.
2. a kind of short-message verification method, it is characterised in that methods described includes:
Preset check character is added in the initial short message content of destination object to be handed down to, service note, the preset school is generated Symbol is tested to be generated according to the first cipher mode according to the default associated data of the destination object;
Send the service note;
The terminal association data that client sends are received, and based on the terminal association data for receiving according to the second encryption side Formula generation client checks symbol;
Judge whether the client checks symbol matches with the preset check character in the terminal association data, and according to the judgement Result determine the result of the corresponding service note of the terminal association data.
3. a kind of short-message verification method as claimed in claim 2, it is characterised in that first cipher mode and the second encryption Mode is configured to:
Based on default associated data, the first source is generated using predetermined encryption algorithm and is checked character string;Taken according to default value mode First source check character string specified location in character as preset check character;
Based on terminal association data, the second source is generated using predetermined encryption algorithm and is checked character string;Taken according to default value mode Second source check character string specified location in character as client checks accord with.
4. a kind of short-message verification method as claimed in claim 3, it is characterised in that the default associated data include it is described just The identification code of beginning short message content, destination object;The terminal association data include the service note, receive the service note Destination object identification code.
5. a kind of short-message verification method as claimed in claim 4, it is characterised in that the predetermined encryption algorithm is configured to,
The default value mode of character at least two source check characters is provided with according to identification code;
When the identification code of destination object is obtained, corresponding default value mode is chosen according to the identification code and generates preset verification Symbol/client checks are accorded with.
6. a kind of short-message verification method as described in any one in claim 2 to 5, it is characterised in that the default association The data also dynamic key including destination object, the dynamic key is configured to, and the identification code generation according to destination object is close Key set, and it is close in the corresponding cipher key sets of the process time to select destination object according to the process time of service note Key is used as the dynamic key for generating preset check character;
The terminal association data also receive the reception time of service note including client;
Accordingly, methods described also includes after place receives the terminal association data:
The destination object for receiving the service note is obtained in the reception time corresponding check key;And,
It is described to include according to the second cipher mode generation client checks symbol:It is close according to the terminal association data and the verification Key, accords with according to the second cipher mode generation client checks.
7. a kind of short-message verification method as claimed in claim 6, it is characterised in that the identification code of the destination object is communication Operator is the user identification number of user's distribution, and the key in the cipher key sets is to be specified according to the user identification number The character generation of position.
8. a kind of short-message verification method as claimed in claim 6, it is characterised in that methods described also includes:
The result is back to corresponding client.
9. a kind of short-message verification method, it is characterised in that methods described includes:
The service note of service server is received, the service note is service server in the initial of destination object to be handed down to Preset check character generation is added in short message content;
By the terminal association data is activation of the corresponding destination object of the service note to authentication server.
10. a kind of short-message verification method as claimed in claim 9, it is characterised in that the terminal association data include described The identification code of service note, the destination object of the reception service note, so that content of the authentication server according to service note Accorded with identification code generation client checks.
11. as claim 9 or 10 a kind of short-message verification method, it is characterised in that the terminal association data also include:
The reception time of service note is received, so that authentication server obtains the mesh for receiving service note according to the received time Mark object generates client checks symbol in the reception time corresponding check key according to the check key.
12. a kind of short-message verification devices, it is characterised in that described device includes:
Service Processing Module, for adding preset check character in the initial short message content of destination object to be handed down to, generates industry Business short message, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;
Communication module, for sending service note and receiving the terminal association data that client sends;
Verification process module, for being accorded with according to the second cipher mode generation client checks based on the terminal association data for receiving; It is additionally operable to judge whether the client checks symbol matches with the preset check character in the terminal association data, and is sentenced according to described Disconnected result determines the result of the corresponding service note of the terminal association data.
13. a kind of short-message verification devices as claimed in claim 12, it is characterised in that first cipher mode and second adds Close mode is configured to:
Based on default associated data, the first source is generated using predetermined encryption algorithm and is checked character string;Taken according to default value mode First source check character string specified location in character as preset check character;
Based on terminal association data, the second source is generated using predetermined encryption algorithm and is checked character string;Taken according to default value mode Second source check character string specified location in character as client checks accord with.
14. a kind of short-message verification devices as claimed in claim 13, it is characterised in that the default associated data includes described Initial short message content, the identification code of destination object;The terminal association data include that the service note, the reception business are short The identification code of the destination object of letter.
15. a kind of short-message verification devices as claimed in claim 14, it is characterised in that the verification process module includes:
Value rule module, the value mode for storing character at least two source check characters set according to identification code;
Value mode determining module, for when the identification code of destination object is obtained, source check character being determined according to the identification code The value mode of middle character;
Check character generation module, preset check character/terminal school is generated for the value mode according to character in the source check character Test symbol.
A kind of short-message verification device in 16. such as claim 12 to 15 as described in any one, it is characterised in that the default pass The connection data also dynamic key including destination object, the dynamic key is configured to, the identification code generation according to destination object Cipher key sets, and destination object is selected in the corresponding cipher key sets of the process time according to the process time of service note Key is used as the dynamic key for generating preset check character;
The terminal association data also receive the reception time of service note including client;
Accordingly, the verification process module also includes after the terminal association data are received:
The destination object for receiving the service note is obtained in the reception time corresponding check key;And,
It is described to include according to the second cipher mode generation client checks symbol:It is close according to the terminal association data and the verification Key, accords with according to the second cipher mode generation client checks.
17. a kind of short-message verification servers, it is characterised in that the server includes:
Service Processing Unit, for adding preset check character in the initial short message content of destination object to be handed down to, generates industry Business short message, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;
Communication module, for sending service note and receiving the terminal association data that client sends;
Verification process unit, for being accorded with according to the second cipher mode generation client checks based on the terminal association data for receiving; It is additionally operable to judge whether the client checks symbol matches with the preset check character in the terminal association data, and is sentenced according to described Disconnected result determines the result of the corresponding service note of the terminal association data.
18. a kind of short-message verification servers as claimed in claim 17, it is characterised in that first cipher mode and second Cipher mode is configured to:
Based on default associated data, the first source is generated using predetermined encryption algorithm and is checked character string;Taken according to default value mode First source check character string specified location in character as preset check character;
Based on terminal association data, the second source is generated using predetermined encryption algorithm and is checked character string;Taken according to default value mode Second source check character string specified location in character as client checks accord with.
19. a kind of short-message verification servers as claimed in claim 18, it is characterised in that the default associated data includes institute State the identification code of initial short message content, destination object;The terminal association data include the service note, receive the business The identification code of the destination object of short message.
20. a kind of short-message verification servers as claimed in claim 19, it is characterised in that the predetermined encryption algorithm is set Into,
The default value mode of character at least two source check characters is provided with according to identification code;
When the identification code of destination object is obtained, corresponding default value mode is chosen according to the identification code and generates preset verification Symbol/client checks are accorded with.
A kind of 21. short-message verification server as described in claim 17 to 20 any one, it is characterised in that the default pass The connection data also dynamic key including destination object, the dynamic key is configured to, the identification code generation according to destination object Cipher key sets, and destination object is selected in the corresponding cipher key sets of the process time according to the process time of service note Key is used as the dynamic key for generating preset check character;
The terminal association data also receive the reception time of service note including client;
Accordingly, the verification process unit is also obtained after the terminal association data are received and receives the service note Destination object in the reception time corresponding check key;And, it is described to generate client checks according to the second cipher mode Symbol includes:According to the terminal association data and the check key, accorded with according to the second cipher mode generation client checks.
22. a kind of short-message verification servers as claimed in claim 21, it is characterised in that the identification code of the destination object is Common carrier is the user identification number of user's distribution, and the key in the cipher key sets is according to the user identification number The character generation of specified location.
23. a kind of short-message verification servers as claimed in claim 21, it is characterised in that the communication module is additionally operable to institute State the result and be back to corresponding client.
A kind of 24. short-message verification devices, including short message communication module, it is characterised in that the short message communication module is configured to, Service note for receiving service server, the service note is service server in the initial of destination object to be handed down to Preset check character generation is added in short message content;It is additionally operable to the terminal association data of the corresponding destination object of the service note Send to authentication server.
A kind of 25. clients, including communication module, it is characterised in that
The communication module is configured to, the service note for receiving service server, and the service note is business service Device adds preset check character generation in the initial short message content of destination object to be handed down to;It is additionally operable to the service note pair The terminal association data is activation of the destination object answered is to authentication server.
26. a kind of short-message verification systems, it is characterised in that the system includes:
Service server, for adding preset check character in the initial short message content of destination object to be handed down to, generates business Short message, the preset check character is generated according to the default associated data of the destination object according to the first cipher mode;It is additionally operable to Send the service note;
Client, the service note for receiving destination object, and by the terminal association data is activation of the destination object extremely Authentication server;
Authentication server, for receiving the terminal association data that client sends, and based on the terminal association number for receiving Accorded with according to according to the second cipher mode generation client checks;In being additionally operable to judge the client checks symbol and the terminal association data Preset check character whether match, and the corresponding service note of the terminal association data is determined according to the result of the judgement The result.
27. a kind of short-message verification systems, it is characterised in that the system includes:
Server, for adding preset check character in the initial short message content of destination object to be handed down to, generates service note, The preset check character is generated according to the default associated data of the destination object according to the first cipher mode;It is additionally operable to send institute State service note;It is additionally operable to receive the terminal association data that client sends, and based on the terminal association data for receiving Accorded with according to the second cipher mode generation client checks;In being additionally operable to judge the client checks symbol and the terminal association data Whether preset check character matches, and determines testing for the corresponding service note of terminal association data according to the result of the judgement Card result;It is additionally operable to send the result to corresponding client;
Client, the service note for receiving destination object, and by the terminal association data is activation of the destination object extremely Authentication server;The result of the service note of the reception server return is additionally operable to, and phase is performed according to the result The operational order answered.
CN201610849490.1A 2016-09-23 2016-09-23 A kind of short-message verification method, device, client, server and system CN106911661A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610849490.1A CN106911661A (en) 2016-09-23 2016-09-23 A kind of short-message verification method, device, client, server and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610849490.1A CN106911661A (en) 2016-09-23 2016-09-23 A kind of short-message verification method, device, client, server and system

Publications (1)

Publication Number Publication Date
CN106911661A true CN106911661A (en) 2017-06-30

Family

ID=59207012

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610849490.1A CN106911661A (en) 2016-09-23 2016-09-23 A kind of short-message verification method, device, client, server and system

Country Status (1)

Country Link
CN (1) CN106911661A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107801165A (en) * 2017-10-31 2018-03-13 平安科技(深圳)有限公司 Service note method for pushing, device, computer equipment and storage medium
CN109309905A (en) * 2017-07-26 2019-02-05 中国移动通信集团公司 A kind of identification of pseudo-base station note and hold-up interception method and device
WO2019109817A1 (en) * 2017-12-06 2019-06-13 中兴通讯股份有限公司 Short message verification method, apparatus, storage medium, short message verification system, and terminal

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102118710A (en) * 2011-03-08 2011-07-06 上海红松信息技术有限公司 System and method for transmitting data between mobile terminals
CN103002415A (en) * 2011-09-15 2013-03-27 阿里巴巴集团控股有限公司 Method and device for transmitting verification codes via short messages
US8412779B1 (en) * 2004-12-21 2013-04-02 Trend Micro Incorporated Blocking of unsolicited messages in text messaging networks
CN103581897A (en) * 2012-08-07 2014-02-12 苏州简拔林网络科技有限公司 Cell phone number identification system and identification method
US8832204B1 (en) * 2009-09-24 2014-09-09 Sprint Communication Company L.P. Text message spam solutions
CN104581732A (en) * 2014-12-25 2015-04-29 中国科学院信息工程研究所 Real-time pseudo base station determining method and system based on short message
CN105681248A (en) * 2014-11-17 2016-06-15 中国移动通信集团辽宁有限公司 Information authentication and transmission method, and registration authentication server, short message center and terminal

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8412779B1 (en) * 2004-12-21 2013-04-02 Trend Micro Incorporated Blocking of unsolicited messages in text messaging networks
US8832204B1 (en) * 2009-09-24 2014-09-09 Sprint Communication Company L.P. Text message spam solutions
CN102118710A (en) * 2011-03-08 2011-07-06 上海红松信息技术有限公司 System and method for transmitting data between mobile terminals
CN103002415A (en) * 2011-09-15 2013-03-27 阿里巴巴集团控股有限公司 Method and device for transmitting verification codes via short messages
CN103581897A (en) * 2012-08-07 2014-02-12 苏州简拔林网络科技有限公司 Cell phone number identification system and identification method
CN105681248A (en) * 2014-11-17 2016-06-15 中国移动通信集团辽宁有限公司 Information authentication and transmission method, and registration authentication server, short message center and terminal
CN104581732A (en) * 2014-12-25 2015-04-29 中国科学院信息工程研究所 Real-time pseudo base station determining method and system based on short message

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109309905A (en) * 2017-07-26 2019-02-05 中国移动通信集团公司 A kind of identification of pseudo-base station note and hold-up interception method and device
CN107801165A (en) * 2017-10-31 2018-03-13 平安科技(深圳)有限公司 Service note method for pushing, device, computer equipment and storage medium
WO2019109817A1 (en) * 2017-12-06 2019-06-13 中兴通讯股份有限公司 Short message verification method, apparatus, storage medium, short message verification system, and terminal

Similar Documents

Publication Publication Date Title
US8220047B1 (en) Anti-phishing system and method
US8266443B2 (en) Systems and methods for secure and authentic electronic collaboration
JP2009510567A (en) Offline authentication method in client / server authentication system
CN104077689B (en) A kind of method of Information Authentication, relevant apparatus and system
CN103546877B (en) A kind of method, system and mobile terminal obtaining simultaneously input content code
CN102790674B (en) Auth method, equipment and system
Ellison Ceremony Design and Analysis.
CN102394887B (en) OAuth protocol-based safety certificate method of open platform and system thereof
EP1436746A2 (en) Verification of a person identifier received online
EP2248295A1 (en) System and method for wireless device based user authentication
CN104320262A (en) User public key address binding, searching and verifying method and system based on crypto currency open account book technology
KR20120037330A (en) Log-in method and system using image objects
CN103944737B (en) Method for authenticating user identity, Third Party Authentication platform, carrier authorization platform
US9553864B2 (en) Dual code authentication system
JP4755866B2 (en) Authentication system, authentication server, authentication method, and authentication program
CN104518876A (en) Service login method and device
CN103929400B (en) Quick Response Code acquisition methods, generation method, verification method, equipment and system
CN102624705B (en) A kind of intelligent image verification method and system
CN102594817A (en) Password agent method, user terminal equipment and password agent server
US10503888B2 (en) Authentication system
CN102447696A (en) One-key registration and login verification method and system used in mobile equipment
CN105516195B (en) A kind of security certification system and its authentication method based on application platform login
CN103929402B (en) Sensitive operation verification method, terminal unit, server and checking system
KR101589192B1 (en) Identity authentication and management device and method thereof
CN106134143A (en) Method, apparatus and system for dynamic network access-in management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination