CN106953872A - A kind of method and apparatus of business authentication - Google Patents
A kind of method and apparatus of business authentication Download PDFInfo
- Publication number
- CN106953872A CN106953872A CN201710254432.9A CN201710254432A CN106953872A CN 106953872 A CN106953872 A CN 106953872A CN 201710254432 A CN201710254432 A CN 201710254432A CN 106953872 A CN106953872 A CN 106953872A
- Authority
- CN
- China
- Prior art keywords
- authentication
- seeds
- auc
- business
- quick response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000004044 response Effects 0.000 claims abstract description 98
- 238000011161 development Methods 0.000 claims abstract description 7
- 238000007726 management method Methods 0.000 claims description 84
- 230000005540 biological transmission Effects 0.000 claims description 13
- 230000000694 effects Effects 0.000 claims description 13
- 238000012550 audit Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 14
- 230000008569 process Effects 0.000 description 10
- 238000012795 verification Methods 0.000 description 10
- 238000005516 engineering process Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 5
- 230000001815 facial effect Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention provides a kind of method and apparatus of business authentication, it is possible to increase security during business authentication.The method of the embodiment of the present invention includes:Service generation authentication seeds needed for selection, and the authentication seeds and authentication timeliness are sent to AUC;Obtain the Quick Response Code link that the AUC generates according to the authentication seeds;Quick Response Code link and the authentication seeds are sent to user terminal;The user terminal linked according to the Quick Response Code and user's seed in the AUC it is described authentication timeliness in complete authentication, after marking the corresponding business interface of the authentication seeds by certification so as to the AUC, the certification completion message that the AUC returns is received;The business service condition that the AUC pushes is received during business development.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of method and apparatus of business authentication.
Background technology
With continuing to develop for internet and computer technology, increasing business under line by going on line.For use
, it is necessary to the identity of user first be verified, to ensure service security before family offer business.
The network authentication mode more often applied at present mainly has following several:One is based on user name, password and extra
The authentication mode of check code;Two be the authentication mode based on electronic key or U-shield;Also a kind of is the certification based on biological characteristic
Mode, such as finger print identifying.
In process of the present invention is realized, inventor has found that at least there are the following problems in the prior art:(1) business is default
Visible for user, the use request of business is sent by user;When desirable to provide new business, then need what user was used
Software etc. is updated, and adds new business, complicated and time-consuming more;Further for the high occasion of security requirement, it is desirable to
Business interface can just be got when needed by asking user to only have, and to ensure Information Security and controllability, prior art can not reach
To this effect;(2) it is used for the authority of business authentication, is such as password, electronic key, biological characteristic and previously generates preservation
, easily occur the problems such as password is revealed, influence security.
The content of the invention
In view of this, the embodiment of the present invention provides a kind of method and apparatus of business authentication, it is possible to increase during business authentication
Security.
To achieve the above object, first aspect according to embodiments of the present invention, should there is provided a kind of method of business authentication
For management end, including:
Service generation authentication seeds needed for selection, and the authentication seeds and authentication timeliness are sent to AUC;
Obtain the Quick Response Code link that the AUC generates according to the authentication seeds;
Quick Response Code link and the authentication seeds are sent to user terminal;
The user terminal linked according to the Quick Response Code and user's seed in the AUC in the authentication
Authentication is completed in timeliness, so that the AUC marks the corresponding business interface of the authentication seeds to pass through certification
Afterwards, the certification completion message that the AUC returns is received;Receive what the AUC pushed during business development
Business service condition.
To achieve the above object, second aspect according to embodiments of the present invention, should there is provided a kind of method of business authentication
For AUC, including:
Receive the authentication seeds and authentication timeliness of service generation that management end is sent, that selection is required;
Quick Response Code and the link of corresponding Quick Response Code are generated according to the authentication seeds, and Quick Response Code link is returned to
Management end;
Authentication is carried out to the user terminal according to the authentication seeds and authentication timeliness;
It is determined that after user terminal completion authentication, marking the corresponding business interface of the authentication seeds by recognizing
Card, and to the management end return authentication completion message;
The record traffic service condition during business development, and it is pushed to management end.
Optionally, authentication is carried out to the user terminal according to the authentication seeds and authentication timeliness, including:
The user terminal is obtained by recognizing 2 D code information that the Quick Response Code is got and being obtained from the management end
After authentication seeds, the certification factor generated according to the 2 D code information and the authentication seeds;
According to the authentication seeds and authentication timeliness, judge whether the certification factor meets authentication condition.
To achieve the above object, the third aspect according to embodiments of the present invention, should there is provided a kind of method of business authentication
For user terminal, including:
Authentication seeds that management end is sent, selecting required service generation and AUC are received according to the certification kind
Quick Response Code link that is that son is generated and returning to the management end;
Recognize that the Quick Response Code links corresponding Quick Response Code;
Authentication is carried out with the AUC according to the authentication seeds and the Quick Response Code, so as in the authentication
The heart marks the corresponding business interface of the authentication seeds by certification after it is determined that completing authentication, and to the management
Hold return authentication completion message;
Regular check authentication state, it is determined that by certification when, obtain the corresponding business interface of the authentication seeds.
Optionally, authentication is carried out with the AUC according to the authentication seeds and the Quick Response Code, including:
The Quick Response Code is recognized to obtain 2 D code information;
According to the authentication seeds, biological identification is locally completed;
According to the 2 D code information and the authentication seeds generation certification factor, and send to AUC progress
Authentication.
To achieve the above object, there is provided a kind of device of business authentication, bag for fourth aspect according to embodiments of the present invention
Include:
Authentication seeds generation module, for selecting required service generation authentication seeds, and by the authentication seeds and mirror
Temporary effect is sent to AUC;
The receiver module of management end first, for obtaining the Quick Response Code chain that the AUC generates according to the authentication seeds
Connect;
Management end sending module, for Quick Response Code link and the authentication seeds to be sent to user terminal;
The receiver module of management end second, for the user terminal linked according to the Quick Response Code and user's seed in
The AUC completes authentication in the authentication timeliness, so that the AUC marks the authentication seeds correspondence
Business interface by certification after, receive the certification completion message that the AUC returns;
The receiver module of management end the 3rd, is used for receiving the business that the AUC pushes during carrying out in business
Situation.
To achieve the above object, there is provided a kind of device of business authentication, bag for the 5th aspect according to embodiments of the present invention
Include:
AUC's receiver module, receives the authentication seeds and authentication of service generation that management end is sent, that selection is required
Timeliness;
The sending module of AUC first, generates Quick Response Code according to the authentication seeds and corresponding Quick Response Code is linked, and
Quick Response Code link is returned into management end;
Authentication module, for carrying out authentication to the user terminal according to the authentication seeds and authentication timeliness;
The sending module of AUC second, for it is determined that after user terminal completion authentication, marking the certification
The corresponding business interface of seed is by certification, and to the management end return authentication completion message;
Operating audit module, for carrying out in business during record traffic service condition, and be pushed to management end.
Optionally, the authentication module is additionally operable to:The user terminal is obtained by recognizing that the Quick Response Code gets two dimension
Code information is simultaneously obtained after authentication seeds from the management end, the certification generated according to the 2 D code information and the authentication seeds
The factor;According to the authentication seeds and authentication timeliness, judge whether the certification factor meets authentication condition.
To achieve the above object, there is provided a kind of device of business authentication, bag for the 6th aspect according to embodiments of the present invention
Include:
The receiver module of user terminal first, for receiving management end transmission, the authentication seeds of the service generation needed for selection
Quick Response Code link that is being generated with AUC according to the authentication seeds and returning to the management end;
Quick Response Code identification module, for recognizing that the Quick Response Code links corresponding Quick Response Code;
Business authentication module, recognizes for carrying out identity with the AUC according to the authentication seeds and the Quick Response Code
Card, so that the AUC is after it is determined that complete authentication, marks the corresponding business interface of the authentication seeds to pass through
Certification, and to the management end return authentication completion message;
Business acquisition module, for regular check authentication state, it is determined that by certification when, obtain the authentication seeds
Corresponding business interface.
Optionally, the business authentication module is additionally operable to:The Quick Response Code is recognized to obtain 2 D code information;According to described
Authentication seeds, locally complete biological identification;The certification factor is generated according to the 2 D code information and the authentication seeds, concurrently
Deliver to the AUC and carry out authentication.
One embodiment in foregoing invention has the following advantages that or beneficial effect:Industry is started by management end because employing
Business verification process, just from AUC to the technological means of user terminal transmission service interface after the completion of business authentication, is solved
Business is that user is visible, can not issue or hide the technical problem of business as needed in the prior art, has reached raising industry
Business issue flexibility, the technique effect of service security.
The further effect that above-mentioned non-usual optional mode has adds hereinafter in conjunction with embodiment
With explanation.
Brief description of the drawings
Accompanying drawing is used to more fully understand the present invention, does not constitute inappropriate limitation of the present invention.Wherein:
Fig. 1 is the schematic diagram of the key step of the method for business authentication according to a first embodiment of the present invention;
Fig. 2 is the schematic diagram of the key step of the method for business authentication according to a second embodiment of the present invention;
Fig. 3 is the schematic diagram of the key step of the method for business authentication according to a third embodiment of the present invention;
Fig. 4 is the schematic diagram of the main modular of the device of business authentication according to a fourth embodiment of the present invention;
Fig. 5 is the schematic diagram of the main modular of the device of business authentication according to a fifth embodiment of the present invention;
Fig. 6 is the schematic diagram of the main modular of the device of business authentication according to a sixth embodiment of the present invention;
Fig. 7 is the time diagram of the critical piece function of the system of business authentication according to a seventh embodiment of the present invention.
Embodiment
The one exemplary embodiment of the present invention is explained below in conjunction with accompanying drawing, including the various of the embodiment of the present invention
Details should think them only exemplary to help understanding.Therefore, those of ordinary skill in the art should recognize
Arrive, various changes and modifications can be made to the embodiments described herein, without departing from scope and spirit of the present invention.Together
Sample, for clarity and conciseness, eliminates the description to known function and structure in following description.
First embodiment
Fig. 1 is the schematic diagram of the key step of the method for business authentication according to a first embodiment of the present invention.
As shown in figure 1, first embodiment of the invention provides a kind of method of business authentication, (possesses pipe applied to management end
Authority is managed, is capable of the terminal of issuing service), including:
S10, the service generation authentication seeds needed for selection, and the authentication seeds and authentication timeliness are sent into authentication
The heart.Authentication seeds are to be selected by keeper after information task specifies object (such as a certain user name), type of service, by managing
What end was automatically generated, it can further include biometric information (such as fingerprint, iris information, face that task specifies object
Portion's identification information etc.), and encryption seed for communication encryption etc..It is a default time span to authenticate timeliness, for
AUC controls the total time-consuming maximum of user terminal finishing service identifying procedure, when user terminal is not completed in authentication timeliness
During business authentication, it is determined that the issue failure of this subtask.
S11, obtains the Quick Response Code link that AUC of institute generates according to the authentication seeds.AUC can be according to certification
Seed, generation include the Quick Response Code of authentication seeds information, and uniquely corresponding Quick Response Code is linked with the Quick Response Code, and by two
Tie up code link and return to management end.
S12, Quick Response Code link and the authentication seeds are sent to user terminal.
S13, the user terminal linked according to the Quick Response Code and user's seed in the AUC described
Authenticate and authentication is completed in timeliness, so that the AUC marks the corresponding business interface of the authentication seeds by recognizing
After card, the certification completion message that the AUC returns is received.Wherein, business interface refers to that user terminal is used for orientation business
Entrance, for example, can be a page link.
S14, receives the business service condition that the AUC pushes during business development.In the AUC
During realizing business after being finished with user terminal progress business authentication and certification, whenever AUC and user terminal
Once more important communication is carried out, when advancing operation flow, the progress that AUC returns to business authentication to management end is believed
Breath, so that management end is supervised to this business process.
From the above it can be seen that the technical scheme of the embodiment of the present invention, business is started because employing by management end
Verification process, just from AUC to the technological means of user terminal transmission service interface after the completion of business authentication, is solved existing
There is business in technology to be that user is visible, can not issue or hide the technical problem of business as needed, reached raising business
Issue flexibility, the technique effect of service security.
Second embodiment
Fig. 2 is the schematic diagram of the key step of the method for business authentication according to a second embodiment of the present invention;
As shown in Fig. 2 second embodiment of the invention provides a kind of method of business authentication, applied to AUC, including:
S20, receives the authentication seeds and authentication timeliness of service generation that management end is sent, that selection is required.Authentication seeds
It is to be selected by keeper after information task specifies object (such as a certain user name), type of service, is automatically generated by management end
, it can further include biometric information (such as fingerprint, iris information, facial recognition information that task specifies object
Deng), and encryption seed for communication encryption etc..It is a default time span to authenticate timeliness, so that AUC is controlled
The total time-consuming maximum of user terminal finishing service identifying procedure processed, when the user terminal not finishing service certification in authentication timeliness
When, it is determined that the issue failure of this subtask.
S21, generates Quick Response Code according to the authentication seeds and corresponding Quick Response Code is linked, and Quick Response Code link is returned
Back to management end.AUC can generate according to authentication seeds and include the Quick Response Code of authentication seeds information, and with the two dimension
The unique corresponding Quick Response Code link of code, and Quick Response Code link is returned into management end.
S22, authentication is carried out according to the authentication seeds and authentication timeliness to the user terminal.
S23, it is determined that after user terminal completion authentication, marking the corresponding business interface of the authentication seeds to lead to
Cross certification, and to the management end return authentication completion message.Wherein, business interface refers to that user terminal is used for entering for orientation business
Mouthful, for example can be a page link.
S24, the record traffic service condition during business development, and it is pushed to management end.The AUC with
During the user terminal progress business authentication and certification realize business after finishing, whenever AUC enters with user terminal
Row once more important communication, when advancing operation flow, AUC returns to the progress msg of business authentication to management end,
So that management end is supervised to this business process.
In some optional embodiments, S22 is carried out according to the authentication seeds and authentication timeliness to the user terminal
Authentication, including:The user terminal is obtained by recognizing 2 D code information that the Quick Response Code is got and from the management
End is obtained after authentication seeds, the certification factor generated according to the 2 D code information and the authentication seeds;According to the certification
Seed and authentication timeliness, judge whether the certification factor meets authentication condition.The certification factor includes user terminal for certification kind
The match condition comprising information, user terminal are locally carrying out the performance of other Additional Verification modes etc. information in sub, recognize
The card factor is considered as user terminal after parsing authentication seeds, the answer carried out for the information included in authentication seeds, mirror
Power center is according to the corresponding informance compared in authentication seeds and the certification factor, you can judge user terminal whether can finishing service recognize
Card.
From the above it can be seen that the technical scheme of the embodiment of the present invention, business is started because employing by management end
Verification process, just from AUC to the technological means of user terminal transmission service interface after the completion of business authentication, is solved existing
There is business in technology to be that user is visible, can not issue or hide the technical problem of business as needed, reached raising business
Issue flexibility, the technique effect of service security.
3rd embodiment
Fig. 3 is the schematic diagram of the key step of the method for business authentication according to a third embodiment of the present invention.
As shown in figure 3, third embodiment of the invention provides a kind of method of business authentication, applied to user terminal, including:
S30, the authentication seeds and AUC for receiving service generation that management end is sent, that selection is required are recognized according to
Quick Response Code link that is that card seed is generated and returning to the management end.Authentication seeds are to select task by keeper to specify object
After information (such as a certain user name), type of service, automatically generated by management end, can further include task and specify
The biometric information (such as fingerprint, iris information, facial recognition information) of object, and the encryption kind for communication encryption
Son etc..AUC can generate the Quick Response Code for including authentication seeds information according to authentication seeds, and unique with the Quick Response Code
Corresponding Quick Response Code link, and Quick Response Code link is returned into management end.
S31, recognizes that the Quick Response Code links corresponding Quick Response Code.It can be the browser using user terminal itself, also may be used
To be the browser using external equipment, as long as successful request can be linked according to the Quick Response Code to the Quick Response Code.
S32, carries out authentication, so as to the mirror according to the authentication seeds and the Quick Response Code with the AUC
Power center marks the corresponding business interface of the authentication seeds by certification after it is determined that completing authentication, and to described
Management end return authentication completion message.Business interface refers to that user terminal is used for the entrance of orientation business, for example, can be a page
Face is linked.
In some optional embodiments, S32, according to the authentication seeds and the Quick Response Code and the AUC
Authentication is carried out, including:The Quick Response Code is recognized to obtain 2 D code information;According to the authentication seeds, locally complete
Biological identification, it is ensured that be that user is operating;According to the 2 D code information and the authentication seeds generation certification factor, and
Send to the AUC and carry out authentication.The certification factor includes user terminal for including the matching of information in authentication seeds
Situation, user terminal are considered as user locally carrying out the performance of other Additional Verification modes etc. information, the certification factor
End is after parsing authentication seeds, the answer carried out for the information included in authentication seeds, and AUC is according to comparison certification
Corresponding informance in seed and the certification factor, you can judge whether user terminal being capable of finishing service certification.
In the previous embodiments it has been noted that business seed, which can include task, specifies the biometric information of object (for example
Fingerprint, iris information, facial recognition information etc.), and user terminal needs to complete to verify local according to these biometric informations,
So the current holder for having ensured user terminal is user, further increases security during authentication business, can
To be prevented effectively from business information leakage.
From the above it can be seen that the technical scheme of the embodiment of the present invention, business is started because employing by management end
Verification process, just from AUC to the technological means of user terminal transmission service interface after the completion of business authentication, is solved existing
There is business in technology to be that user is visible, can not issue or hide the technical problem of business as needed, reached raising business
Issue flexibility, the technique effect of service security;Because employing the mode of biometric information certification, existing skill is solved
Art certification authority is default, the problem of security is not enough, has reached the technique effect of further raising service security.
Fourth embodiment
Fig. 4 is the schematic diagram of the main modular of the device of business authentication according to a fourth embodiment of the present invention.
As shown in figure 4, fourth embodiment of the invention provides a kind of device 40 of business authentication, applied to management end, including
Authentication seeds generation module 401, the first receiver module of management end 402, management end sending module 403, management end second receive mould
Block 404 and the receiver module 405 of management end the 3rd, wherein:Authentication seeds generation module 401, for selecting required service generation
Authentication seeds, and the authentication seeds and authentication timeliness are sent to AUC;The first receiver module of management end 402, is used for
Obtain the Quick Response Code link that the AUC generates according to the authentication seeds;Management end sending module 403, for by described in
Quick Response Code is linked and the authentication seeds are sent to user terminal;The second receiver module of management end 404, in the user terminal root
Authentication is completed in described authenticate in timeliness in the AUC according to Quick Response Code link and user's seed, so as to
After the AUC marks the corresponding business interface of the authentication seeds by certification, receive what the AUC returned
Certification completion message;The receiver module 405 of management end the 3rd, for receiving what the AUC pushed during carrying out in business
Business service condition.
From the above it can be seen that the technical scheme of the embodiment of the present invention, business is started because employing by management end
Verification process, just from AUC to the technological means of user terminal transmission service interface after the completion of business authentication, is solved existing
There is business in technology to be that user is visible, can not issue or hide the technical problem of business as needed, reached raising business
Issue flexibility, the technique effect of service security.
5th embodiment
Fig. 5 is the schematic diagram of the main modular of the device of business authentication according to a fifth embodiment of the present invention.
As shown in figure 5, fourth embodiment of the invention provides a kind of device 50 of business authentication, applied to AUC, bag
Include AUC's receiver module 501, the first sending module of AUC 502, authentication module 503, the transmission mould of AUC second
Block 504 and operating audit module 505;Wherein:AUC's receiver module 501, receives the industry needed for management end is sent, selection
The authentication seeds and authentication timeliness of business generation;The first sending module of AUC 502, Quick Response Code is generated according to the authentication seeds
Linked with corresponding Quick Response Code, and Quick Response Code link is returned into management end;Authentication module 503, for recognizing according to
Demonstrate,prove seed and authentication timeliness carries out authentication to the user terminal;The second sending module of AUC 504, for it is determined that institute
State user terminal to complete after authentication, mark the corresponding business interface of the authentication seeds by certification, and to the management
Hold return authentication completion message;Operating audit module 505, for carrying out in business during record traffic service condition, and push away
Give management end.
In some optional embodiments, the authentication module 503 is additionally operable to:The user terminal is obtained by recognizing
State Quick Response Code to get 2 D code information and obtain after authentication seeds from the management end, according to the 2 D code information and described
The certification factor of authentication seeds generation;According to the authentication seeds and authentication timeliness, judge whether the certification factor meets mirror
Power condition.
From the above it can be seen that the technical scheme of the embodiment of the present invention, business is started because employing by management end
Verification process, just from AUC to the technological means of user terminal transmission service interface after the completion of business authentication, is solved existing
There is business in technology to be that user is visible, can not issue or hide the technical problem of business as needed, reached raising business
Issue flexibility, the technique effect of service security.
Sixth embodiment
Fig. 6 is the schematic diagram of the main modular of the device of business authentication according to a sixth embodiment of the present invention.
As shown in fig. 6, a kind of device 60 of business authentication of the embodiment of the present invention, applied to user terminal, including user terminal
First receiver module 601, Quick Response Code identification module 602, business authentication module 603 and business acquisition module 604, wherein:User
The first receiver module 601 is held, for receiving management end transmission, the authentication seeds of the service generation needed for selection and AUC
Quick Response Code link that is being generated according to the authentication seeds and returning to the management end;Quick Response Code identification module 602, for recognizing
The Quick Response Code links corresponding Quick Response Code;Business authentication module 603, for according to the authentication seeds and the Quick Response Code with
The AUC carries out authentication, so that the AUC is after it is determined that complete authentication, marks the certification kind
The corresponding business interface of son is by certification, and to the management end return authentication completion message;Business acquisition module 604, is used
In regular check authentication state, it is determined that by certification when, obtain the corresponding business interface of the authentication seeds.
In some optional embodiments, the business authentication module 603 is additionally operable to:The Quick Response Code is recognized to obtain two
Tie up code information;According to the authentication seeds, biological identification is locally completed;According to the 2 D code information and the authentication seeds
The certification factor is generated, and is sent to AUC progress authentication.
From the above it can be seen that the technical scheme of the embodiment of the present invention, business is started because employing by management end
Verification process, just from AUC to the technological means of user terminal transmission service interface after the completion of business authentication, is solved existing
There is business in technology to be that user is visible, can not issue or hide the technical problem of business as needed, reached raising business
Issue flexibility, the technique effect of service security;Because employing the mode of biometric information certification, existing skill is solved
Art certification authority is default, the problem of security is not enough, has reached the technique effect of further raising service security.
7th embodiment
Fig. 7 is the time diagram of the critical piece function of the system of business authentication according to a seventh embodiment of the present invention.
As shown in fig. 7, the embodiment of the present invention also provides a kind of system of business authentication, including authorized administrator APP, mandate
Center, user APP and user browser.System is used to complete following identifying procedure:
1. keeper's selection needs open business;
2. keeper APP automatically generates certification Seed values, and Seed values and the term of validity are sent into authorization center.In mandate
The heart, which is received, generates interim and unique certification URL and corresponding Quick Response Code after the certification Seed values of keeper APP transmissions;And will
URL returns to keeper APP;
3. keeper is as needed, selection needs to use the user of service, and now keeper APP issues certification Seed automatically
Give user APP;
4. certification URL is sent to user by keeper;
5. user opens the URL received in a browser, the Quick Response Code of certification is showed in the page;
6. user is according to the authorization prompt of the page, scans Quick Response Code with APP and recognize authentication content therein;
7.APP prompting users need to verify fingerprint;
8. fingerprint authentication is by rear, APP produces the certification factor according to two-dimentional digital content, certification Seed and submits to authorization center
Checking;
9. authorization center authentication verification information, return authentication result is to APP;
10. the user passed through for certification, then the transmission service Portal pages;It should be noted that pushing here
The Portal pages, are not intended to be pushed to specific browser, in terms of Project Realization, the 5th step open this Quick Response Code URL its
In fact can regularly go AUC detect authentication state, when certification by after, browser automatically will obtain business service
To and show, therefore, essence be browser go acquisition;As for which kind of browser of use, if use browsing for user terminal
Device, then need not be limited.
11. authorization center notifies keeper, the user selected starts access service by certification;
12. during access service is performed, monitor user behavior according to preset rules and generate behavior auditing message
Return to keeper.
Additional description:
In the 8th step, follow-up identifying procedure is not continued to if fingerprint authentication failure;
In the 9th step, if authorization center authentication failed, user's APP authentification failures are returned to.
Above-mentioned embodiment, does not constitute limiting the scope of the invention.Those skilled in the art should be bright
It is white, depending on design requirement and other factors, can occur various modifications, combination, sub-portfolio and replacement.It is any
Modification, equivalent and improvement for being made within the spirit and principles in the present invention etc., should be included in the scope of the present invention
Within.
Claims (10)
1. a kind of method of business authentication, it is characterised in that applied to management end, including:
Service generation authentication seeds needed for selection, and the authentication seeds and authentication timeliness are sent to AUC;
Obtain the Quick Response Code link that the AUC generates according to the authentication seeds;
Quick Response Code link and the authentication seeds are sent to user terminal;
The user terminal linked according to the Quick Response Code and user's seed in the AUC in the authentication timeliness
Interior completion authentication, after marking the corresponding business interface of the authentication seeds by certification so as to the AUC, connects
Receive the certification completion message that the AUC returns;
The business service condition that the AUC pushes is received during business development.
2. a kind of method of business authentication, it is characterised in that applied to AUC, including:
Receive authentication seeds that management end is sent, according to required service generation and authentication timeliness;
Quick Response Code and the link of corresponding Quick Response Code are generated according to the authentication seeds, and Quick Response Code link is returned into management
End;
Authentication is carried out to the user terminal according to the authentication seeds and authentication timeliness;
After it is determined that the user terminal completes authentication, the corresponding business interface of the authentication seeds is marked by certification,
And to the management end return authentication completion message;
The record traffic service condition during business development, and it is pushed to management end.
3. method according to claim 2, it is characterised in that according to the authentication seeds and authentication timeliness to the user
End carries out authentication, including:
The user terminal is obtained by recognizing 2 D code information that the Quick Response Code is got and obtaining certification from the management end
After seed, the certification factor generated according to the 2 D code information and the authentication seeds;
According to the authentication seeds and authentication timeliness, judge whether the certification factor meets authentication condition.
4. a kind of method of business authentication, it is characterised in that applied to user terminal, including:
The authentication seeds and AUC for receiving service generation that management end is sent, that selection is required are given birth to according to the authentication seeds
Into and return to the management end Quick Response Code link;
Recognize that the Quick Response Code links corresponding Quick Response Code;
Authentication is carried out with the AUC according to the authentication seeds and the Quick Response Code, so that the AUC exists
It is determined that completing after authentication, the corresponding business interface of the authentication seeds is marked by certification, and return to the management end
Return certification completion message;
Regular check authentication state, it is determined that by certification when, obtain the corresponding business interface of the authentication seeds.
5. method according to claim 4, it is characterised in that according to the authentication seeds and the Quick Response Code and the mirror
Power center carries out authentication, including:
The Quick Response Code is recognized to obtain 2 D code information;
According to the authentication seeds, biological identification is locally completed, it is ensured that be that user is operating;
According to the 2 D code information and the authentication seeds generation certification factor, and send to AUC progress identity
Certification.
6. a kind of device of business authentication, it is characterised in that including:
Authentication seeds generation module, for selecting required service generation authentication seeds, and during by the authentication seeds and authentication
Effect is sent to AUC;
The receiver module of management end first, is linked for obtaining the Quick Response Code that the AUC generates according to the authentication seeds;
Management end sending module, for Quick Response Code link and the authentication seeds to be sent to user terminal;
The receiver module of management end second, for being linked in the user terminal according to the Quick Response Code and user's seed is in described
AUC completes authentication in the authentication timeliness, so that the AUC marks the corresponding industry of the authentication seeds
Be engaged in interface by certification after, receive the certification completion message that the AUC returns;
The receiver module of management end the 3rd, feelings are used for receiving the business that the AUC pushes during carrying out in business
Condition.
7. a kind of device of business authentication, it is characterised in that including:
AUC's receiver module, receives authentication seeds that management end is sent, according to required service generation and authentication timeliness;
The sending module of AUC first, generates Quick Response Code and corresponding Quick Response Code according to the authentication seeds and links, and by institute
State Quick Response Code link and return to management end;
Authentication module, for carrying out authentication to the user terminal according to the authentication seeds and authentication timeliness;
The sending module of AUC second, for it is determined that after user terminal completion authentication, marking the authentication seeds
Corresponding business interface is by certification, and to the management end return authentication completion message;
Operating audit module, for carrying out in business during record traffic service condition, and be pushed to management end.
8. device according to claim 7, it is characterised in that the authentication module is additionally operable to:The user terminal is obtained to lead to
Cross and recognize that the Quick Response Code gets 2 D code information and obtained from the management end after authentication seeds, believed according to the Quick Response Code
The certification factor that breath and the authentication seeds are generated;According to the authentication seeds and authentication timeliness, judge that the certification factor is
It is no to meet authentication condition.
9. a kind of device of business authentication, it is characterised in that including:
The receiver module of user terminal first, for receiving management end transmission, to select required service generation authentication seeds and mirror
Quick Response Code link that is that power center is generated according to the authentication seeds and returning to the management end;
Quick Response Code identification module, for recognizing that the Quick Response Code links corresponding Quick Response Code;
Business authentication module, for carrying out authentication with the AUC according to the authentication seeds and the Quick Response Code,
So that the AUC is after it is determined that complete authentication, the corresponding business interface of the authentication seeds is marked by recognizing
Card, and to the management end return authentication completion message;
Business acquisition module, for regular check authentication state, it is determined that by certification when, obtain the authentication seeds correspondence
Business interface.
10. device according to claim 9, it is characterised in that the business authentication module is additionally operable to:Recognize the two dimension
Code is to obtain 2 D code information;According to the authentication seeds, biological identification is locally completed;According to the 2 D code information and institute
The authentication seeds generation certification factor is stated, and is sent to AUC progress authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710254432.9A CN106953872B (en) | 2017-04-18 | 2017-04-18 | A kind of method and apparatus of business authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710254432.9A CN106953872B (en) | 2017-04-18 | 2017-04-18 | A kind of method and apparatus of business authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106953872A true CN106953872A (en) | 2017-07-14 |
| CN106953872B CN106953872B (en) | 2019-08-16 |
Family
ID=59476312
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710254432.9A Active CN106953872B (en) | 2017-04-18 | 2017-04-18 | A kind of method and apparatus of business authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106953872B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436280A (en) * | 2008-12-15 | 2009-05-20 | 北京华大智宝电子系统有限公司 | Method and system for implementing electronic payment of mobile terminal |
| CN101482962A (en) * | 2009-02-26 | 2009-07-15 | 北控易码通(北京)科技有限公司 | Service data processing terminal and service data processing method |
| CN102208923A (en) * | 2011-05-19 | 2011-10-05 | 中国联合网络通信集团有限公司 | Application-type service management method of near filed communication intelligent card and system thereof |
| US20130081101A1 (en) * | 2011-09-27 | 2013-03-28 | Amazon Technologies, Inc. | Policy compliance-based secure data access |
| CN103236935A (en) * | 2013-05-21 | 2013-08-07 | 北京梅泰诺电子商务有限公司 | Two-dimension code user registration certification system and method thereof |
| CN103297231A (en) * | 2012-03-01 | 2013-09-11 | 盛大计算机(上海)有限公司 | Identity authentication method and system |
| US20140189359A1 (en) * | 2012-12-28 | 2014-07-03 | Vasco Data Security, Inc. | Remote authentication and transaction signatures |
| WO2014182957A1 (en) * | 2013-05-08 | 2014-11-13 | Acuity Systems, Inc. | Authentication system |
| CN106230594A (en) * | 2016-07-22 | 2016-12-14 | 浪潮通用软件有限公司 | A kind of method carrying out user authentication based on dynamic password |
-
2017
- 2017-04-18 CN CN201710254432.9A patent/CN106953872B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436280A (en) * | 2008-12-15 | 2009-05-20 | 北京华大智宝电子系统有限公司 | Method and system for implementing electronic payment of mobile terminal |
| CN101482962A (en) * | 2009-02-26 | 2009-07-15 | 北控易码通(北京)科技有限公司 | Service data processing terminal and service data processing method |
| CN102208923A (en) * | 2011-05-19 | 2011-10-05 | 中国联合网络通信集团有限公司 | Application-type service management method of near filed communication intelligent card and system thereof |
| US20130081101A1 (en) * | 2011-09-27 | 2013-03-28 | Amazon Technologies, Inc. | Policy compliance-based secure data access |
| CN103297231A (en) * | 2012-03-01 | 2013-09-11 | 盛大计算机(上海)有限公司 | Identity authentication method and system |
| US20140189359A1 (en) * | 2012-12-28 | 2014-07-03 | Vasco Data Security, Inc. | Remote authentication and transaction signatures |
| WO2014182957A1 (en) * | 2013-05-08 | 2014-11-13 | Acuity Systems, Inc. | Authentication system |
| CN103236935A (en) * | 2013-05-21 | 2013-08-07 | 北京梅泰诺电子商务有限公司 | Two-dimension code user registration certification system and method thereof |
| CN106230594A (en) * | 2016-07-22 | 2016-12-14 | 浪潮通用软件有限公司 | A kind of method carrying out user authentication based on dynamic password |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106953872B (en) | 2019-08-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2018090183A1 (en) | Identity authentication method, terminal device, authentication server and electronic device | |
| CN109150541B (en) | Authentication system and working method thereof | |
| CN105847247A (en) | Authentication system and working method thereof | |
| US11811952B2 (en) | Authentication system and working method thereof | |
| CN103986584A (en) | Double-factor identity verification method based on intelligent equipment | |
| CN101087193A (en) | New method for using the mobile number bond with account for identity identification | |
| US20120300927A1 (en) | Method of registering smart phone when accessing security authentication device and method of granting access permission to registered smart phone | |
| CN104869099A (en) | Multi-network-account login method and system based on fingerprint account | |
| KR20030097847A (en) | Authenticating user on computer network for biometric information | |
| US8914847B2 (en) | Multiple user authentications on a communications device | |
| CN106060073B (en) | Channel key machinery of consultation | |
| CN105450658B (en) | A kind of system login method and device | |
| CN106488453A (en) | A kind of method and system of portal certification | |
| CN104469736B (en) | A kind of data processing method, server and terminal | |
| CN104253818A (en) | Server and terminal authentication method, server, terminal | |
| CN114531277A (en) | User identity authentication method based on block chain technology | |
| CN106161475A (en) | The implementation method of subscription authentication and device | |
| CN108920919A (en) | Control method, the device and system of interactive intelligence equipment | |
| CN106549909A (en) | A kind of authority checking method and apparatus | |
| CN115842680B (en) | Network identity authentication management method and system | |
| CN108810003A (en) | A kind of safety verification scheme of multi-service side's message access | |
| CN104125230A (en) | Short message authentication service system and authentication method | |
| CN105515781A (en) | Login system of application platform and login method thereof | |
| CN107819766B (en) | Security authentication method, system and computer readable storage medium | |
| CN112383401B (en) | User name generation method and system for providing identity authentication service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100083 room 6, floor 708, No. 1, No. 1, North Beach a, Chaoyang District, Beijing Applicant after: BEIJING ABLOOMY TECHNOLOGIES, Inc. Address before: 100083 room 6, floor 708, No. 1, No. 1, North Beach a, Chaoyang District, Beijing Applicant before: BEIJING ABLOOMY TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231124 Address after: Room 307, 3rd Floor, Building 1-5, No.1 Beishatan A, Chaoyang District, Beijing, 100083 Patentee after: Beijing Heyun Shengxing Technology Co.,Ltd. Address before: Room 708, 6 / F, building 1, No.1, Beisha beach, Chaoyang District, Beijing 100083 Patentee before: BEIJING ABLOOMY TECHNOLOGIES, Inc. |
|
| TR01 | Transfer of patent right |