Background technology
With the development of informationized society, people increasingly get used to carrying out business using network.And in order to
Make network activity safer, general website may require that people carry out Account Registration in website, and provide identity
Information, to be authenticated to the identity information, determines the security of account.Such as, people are wanted in website
When buying train ticket, it is necessary to first register an account in the website, and provide identity information, only when
The website, by rear, just can buy train ticket to the identity information certification by the account.
In the prior art, the process that general website carries out authentication to login account is as shown in Figure 1.
Fig. 1 is existing authentication procedures, including:
S101:Receive the ID authentication request of account to be verified.
When the holder of account to be verified carries out authentication to the account to be verified, it is necessary to be tested by this
Demonstrate,prove account user orientation server and send ID authentication request, wherein, comprising some to be verified in the ID authentication request
Information.Also, the ID authentication request can be real-name authentication request, that is, need to enter the account to be verified
Row real-name authentication, then above-mentioned some information to be verified are exactly that can prove all kinds of letters of holder's identity
Breath.
S102:According to the ID authentication request, judge whether the authentication of the account to be verified succeeds,
Step S103 is performed if success, step S106 is performed if unsuccessful.
Server is received after the ID authentication request is received, that is, after real-name authentication request, just can basis
Some information to be verified, judge whether the real-name authentication of the account to be verified succeeds.Wherein, due to right
Each information to be verified, which carries out checking, to be needed to expend longer time, so user asks it in transmission real-name authentication
Afterwards, the result of the real-name authentication will not be instantly obtained, but needs to wait the long period.
S103:It is determined that each account corresponding with the identity information to be verified, is used as each occupancy account.
Generally, in whole accounts that server is preserved, there may be the identity information of multiple accounts with being somebody's turn to do
The consistent situation of identity information to be verified, that is, there is a situation where to take account.Due to using same identity letter
Breath can carry out real-name authentication to multiple accounts, so described occupancy account can be multiple.
It is further, each to take the account for registering and carrying out real-name authentication before account is probably the holder,
It is also likely to be to be usurped by criminal after holder's identity information, is carried out using the identity information usurped real
The account (also referred to as, falsely using account) of name certification, and there is higher security risk because this falsely uses account,
So in order to safeguard being normally carried out of all kinds of business, reduce security risk, the server is it needs to be determined that each take
Account, subsequently to determine to falsely use account according to each occupancy account, and carries out corresponding processing.
S104:The operation inquiry message of the mark comprising each occupancy account is sent to the account to be verified.
When it is determined that it is each occupancy account after, due to the account to be verified authentication success, that is to say, that this is treated
The identity for verifying account is genuine and believable, and each occupancy account is included so needing to send to the account to be verified
Mark operation inquiry message, with allow the account to be verified to it is each occupancy account selection it is corresponding
Operation.Wherein, the operation can be divided into operation associated and deprive operation, i.e. to being registered by the holder
Account, the operation being associated with the account to be verified is carried out, to not being the account registered by the holder
(that is, falsely using account), deprive the operation of the identity authentication result for falsely using account.It can so make to emit
It is deprived of with the identity authentication result of account, reduces security risk, and other accounts of the holder can be with
Without authentication is repeated.
S105:Receive the account to be verified according to the operation inquiry message return to each occupancy account
Operation information, and according to the operation information, each occupancy account is operated.
Because the identity information of the account to be verified is genuine and believable, so pair that the account to be verified is returned
Each operation information for taking account is also believable.Then, server can be according to the operation information, to each
Take the operation for associating or depriving identity authentication result of account progress and the account to be verified.
S106:Refuse the ID authentication request of the account to be verified.
From above-mentioned Fig. 1, in the prior art, user is sending authentication by the account to be verified
, it is necessary to which (that is, server carries out authentication to the account to be verified after prolonged wait after request
Process), can just receive the operation inquiry message to taking account of server transmission, and now user
Just can according to the operation inquiry message to the server return operation information.Then, identity of the prior art
Verification process has significantly been divided into two processes for a user:Send ID authentication request process and
Send the process of operation information.Also, due to identity information checking expend time generally one day with
On, so the time interval between the two processes is also very long, cause user at least to need to enter identity twice
In the flow of certification, the authentication procedures to the account to be verified can be just finally completed so that prior art
In authentication procedures it is cumbersome, not smooth, the operation of user is also more inconvenient.
Embodiment
In the embodiment of the present application, after the ID authentication request that account to be verified is sent is received, first carry out
Take the investigation of account, and operation inquiry message returned to the account to be verified, receive return to each
After the operation information for taking account, further according to identity information to be verified, judge that the identity of the account to be verified is recognized
Whether card succeeds, according to the operation information if success, and each occupancy account is operated, if failure,
Refusal is operated according to the operation information to each account.It can be seen that method described herein, can make user
Operation become easier, without repeatedly being operated into flow for authenticating ID.
It is specifically real below in conjunction with the application to make the purpose, technical scheme and advantage of the application clearer
Apply example and technical scheme is clearly and completely described corresponding accompanying drawing.Obviously, it is described
Embodiment is only some embodiments of the present application, rather than whole embodiments.Based on the implementation in the application
Example, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made
Example, belongs to the scope of the application protection.
The authentication procedures that Fig. 2 provides for the embodiment of the present application, specifically include following steps:
S201:Receive the ID authentication request of account to be verified.
In the embodiment of the present application, when account holder to be verified needs to recognize the account progress identity to be verified
During card, the holder needs to send ID authentication request to server by the account to be verified first, then
Server can receive the ID authentication request of the account to be verified.
Wherein, identity information to be verified is carried in the ID authentication request, and the identity information to be verified can be wrapped
Include:At least one of identity to be verified, authentication information to be verified and picture to be verified.Specifically,
The ID authentication request can be real-name authentication request, then the identity to be verified may include identification card number,
The authentication information to be verified may include bank's card number, and the picture to be verified may include identity card picture to be verified.
It should be noted that the identity information to be verified can also include:The corresponding other information of identity card
(e.g., Real Name, registered permanent residence location etc.), (e.g., the reserved contact of the corresponding other information of bank card
Telephone number etc.).
For example, user A wants to carry out real-name authentication to the account i of oneself, the user A is needed by account
The page of i application real-name authentication, fills in identification card number (e.g., 11010119XXXXXXXXXX), silver
Row card number (e.g., 622576XXXXXXXXXX), name (e.g., Mr. Wang), registered permanent residence location are (e.g.,
Dongcheng District, Beijing during March XXXXX), telephone number (e.g., 136XXXXXXXX), and upload identity card
Photo, the identification card number, bank's card number, name, registered permanent residence location, telephone number and identity card are shone
Piece as account i identity information to be verified, and carry server is sent in ID authentication request.In
It is that server receives the ID authentication request of account i transmissions.
S202:It is determined that each account corresponding with the identity information to be verified, is used as each occupancy account.
Identity information still to be tested is carried in the ID authentication request received due to the server, so the clothes
Business device just can judge whether the authentication of the account to be verified succeeds according to the identity information to be verified.
But, in order to reduce the time that user expends in flow for authenticating ID, so in the embodiment of the present application,
, can be first without judging that the identity of the account to be verified is recognized after the server receives the ID authentication request
Card whether successful flow, but first investigated to taking account, receiving account to be verified return
Operation information after, then judge authentication whether successfully etc. follow-up flow so that user can first return
To it is each occupancy account operation information, without wait authentication result, reduce user expend
While time, it can also ensure the accuracy of the identity authentication result of the account to be verified.
Specifically, first being investigated to taking account, it is necessary first to determined according to the information to be verified to be verified
Identity and authentication information to be verified.Wherein, the identity to be verified can be identity to be verified
Card number, the authentication information to be verified can be bank's card numbers to be verified.
Secondly, further according to the identity corresponding to the identity information preserved in each account in the server and
Whether authentication information, judgement preserves the identity consistent with the identity to be verified in the server,
And/or, if the authentication information consistent with the authentication information to be verified is preserved (that is, it is judged that in the server
Whether with the to be verified identification card number consistent identification card number is preserved, and/or, if preserve to be tested with this
Demonstrate,prove the consistent bank's card number of bank's card number).
If so, in then illustrating whole accounts for preserving in the server, there is the account letter of at least one account
The account comprising the identity to be verified or authentication information to be verified, as takes account in breath.Also,
Because multiple accounts can include identical identification card number or bank's card number simultaneously, so the occupancy account determined
Family can also be multiple.
If otherwise, it determines account is not taken, subsequently without sending operation inquiry letter to the account to be verified
Breath, can judge whether the authentication of the account to be verified succeeds directly according to the identity information to be verified.
Continue to use the example above, it is assumed that identity (that is, the identification card number that account ii in the server is included
For 11010119XXXXXXXXXX), (that is, bank's card number is the authentication informations that include of account iii
622576XXXXXXXXXX), respectively with the identification card number to be verified and bank's card number one to be verified
Cause, it is occupancy account that can then determine account ii and account iii.
S203:The operation inquiry message of the mark comprising each occupancy account is sent to the account to be verified.
In the embodiment of the present application, after each occupancy account is being determined, server is needed to the account to be verified
Family send comprising it is each occupancy account mark operation inquiry message, with allow the account to be verified according to
The operation inquiry message returns to the operation information to each occupancy account, when the identity of the follow-up account to be verified is recognized
(that is, determine after the account real-name authentication success to be verified), each occupancy account can be performed after demonstrate,proving successfully
Corresponding operation, makes user without repeatedly entering in flow for authenticating ID (that is, without when it is determined that identity is recognized
After demonstrate,proving successfully, then to the account to be verified send operation inquiry message).
Specifically, according to each occupancy account determined in step S202, by the account identification of each occupancy account,
Each accounts information for taking account, each corresponding option of operation of account that takes are carried in operation inquiry message,
It is sent to the account to be verified.
Wherein, the option of operation includes:By the account to be verified with take the associated option of operation of account with
And deprive the option of operation for the identity authentication result for taking account.Also, each accounts information for taking account can
To be that the accounts information consistent with the identity to be verified and/or the authentication verification information (is hereinafter referred to as accounted for
With information), so that the holder for making the account to be verified further appreciates that occupied information in each occupancy account
Details, make the holder can determine that the option of operation to each occupancy account.
Continue to use the example above, server is inquired to the account i operations for sending the mark comprising each occupancy account to be believed
Breath.Wherein, the operation inquiry message can be as shown in table 1.
Table 1
It is visible by table 1, mark (account ii and account iii) of the operation inquiry message including occupancy account,
The occupied information for taking account (that is, takes identity to be verified or certification to be verified letter that account is included
Breath), and have corresponding option of operation to each occupancy account, user A can be made to each occupancy account
The operation that family selection needs.
S204:Receive the account to be verified according to the operation inquiry message return to each occupancy account
Operation information.
In the embodiment of the present application, after operation inquiry message is sent to the account to be verified, in addition it is also necessary to receive
After option of operation of the account to be verified in the operation inquiry message is selected, the operation letter of return
Breath.
Wherein, the operation information includes the operation information to each occupancy account, i.e. for each occupancy account
Family, be carry out with account to be verified associate or progress deprive take account authentication operation letter
Breath.Also, server is received after the operation information, because the identity for having not determined the account to be certified is recognized
Whether card succeeds, so not performing the corresponding operation of the operation information, but records the operation information, enters
One step waits the identity authentication result of the account to be certified.
Further, after the operation information is received, also imply that the holder of the account to be verified exists
Operation in authentication procedures has had been completely finished complete, and the holder only needs to wait for authentication result,
And the flow for authenticating ID need not be again introduced into.
Continue to use the example above, receive the operation information of account i returns, the operation information can be as shown in table 2.
Take the mark of account |
Option of operation |
Account ii |
Association |
Account iii |
Deprive |
Table 2
After understanding user A according to the operation inquiry message as shown in table 1 received by table 2, grasped
Make after the selection of option, account i return operation information be to account ii carry out account association operation with
And deprive the operation of account iii authentication.And, the server is it is determined that account i authentication knot
Before fruit, the operation information is only recorded.
S205:According to the identity information to be verified, judge the account to be verified authentication whether into
Work(, if success, performs step S206, if failure, performs step S207.
In the embodiment of the present application, when the operation to each occupancy account for receiving account return to be verified is believed
Breath, rear server can start to verify the identity information to be verified of account according to the band, judge the account to be verified
Whether the authentication at family succeeds.
Specifically, by third-party server judge the identity to be verified whether by when, due to this
Identity can be identification card number, so can be by the clothes for identification card number certification of the offer of public security system
Business device, it is determined that identity information corresponding with the identification card number, wherein, the identity information may include:Name,
Sex, birthdate, registered permanent residence location, identification card number etc..After the identity information is determined, so that it may
With the other information that will be included in the identity information to be verified, contrasted with the identity information, if homogeneous
Cause, then it is assumed that the identity certification to be verified passes through.
In addition, by third-party server judge the authentication information to be verified whether by when, because this is recognized
Packet card number containing bank is demonstrate,proved, so can be by the service for bank authentication of the offer of banking system
Device, it is determined that bank card account information corresponding with bank's card number, wherein, the bank card account information can be wrapped
Include:Telephone number, bank's card number that the ID card information of account holder, account holder reserve etc..Then when determining
After the bank card account information, it is possible to which the authentication information to be verified is corresponding with the bank card account information
Information contrasted, if consistent, then it is assumed that the certification of the authentication information to be verified passes through.
Again, by the identity to be verified passed through by certification with the authentication information progress pair of certification should be passed through
Than, will the ID card information contrasted with bank card information, determine the identity of the holder of the bank card
Information is consistent with the identity information of the identity card.That is, the bank card account is opened by the holder of the identity card
Family.
Finally, further according to the identification card number, the identification card number is obtained from the server of public security system corresponding
Identity card picture, as normal pictures, judges whether the identity card picture to be verified matches with the normal pictures,
Wherein this judges whether that matching can also carry out image procossing by manually carrying out naked eyes identification by server,
Compare the identity card picture to be verified and whether the similarity of the normal pictures is higher than default threshold value, if high
In, then judge that the identity card picture to be verified is matched with the normal pictures, if not higher than if judge that this is to be verified
Identity card picture is mismatched with the normal pictures.
When judging that the identity card picture to be verified is matched with the normal pictures, it is determined that the account to be verified
Authentication success.
When judging that the identity card picture to be verified is mismatched with the normal pictures, it is determined that the account to be verified
Authentication failure.
Continue to use the example above, it is assumed that user A very entitled Mr. Wang, registered permanent residence location is Dongcheng District, Beijing during March
XXXXX, then by identity to be verified, i.e. identification card number 11010119XXXXXXXXXX,
Identification card number 11010119XXXXXXXXXX citizen's name is inquired in the server of public security system
For Mr. Wang, registered permanent residence location is also Dongcheng District, Beijing during March XXXXX, it is determined that the identity to be verified is led to
Cross certification.
Continue to assume the server by the bank corresponding to bank card number 622576XXXXXXXXXX
Device, determines the artificial Mr. Wang that opens an account of bank's card number, and corresponding identification card number is
11010119XXXXXXXXXX, reserved telephone number is 136XXXXXXXX, it is determined that this is treated
Authentication verification information is by certification, and identity information therein identity information corresponding with identity to be verified
Unanimously.
If continuing to assume to determine that identification card number is by the server of public security system
11010119XXXXXXXXXX identity card picture (that is, normal pictures) and picture match to be verified
Unanimously.The authentication success of the account to be verified, i.e. account i authentications success are then determined, and is performed
Step S206.
S206:According to the operation information, each occupancy account is operated.
In the embodiment of the present application, after it is determined that the authentication of the account to be verified is successful, server can
According to the operation information to each account received in step S204, to be operated to each occupancy account.
Specifically, due to after the authentication of the account to be verified succeeds, so that it may determine the account to be verified
Identity information to be verified be legal, real, the operation information that then account to be verified is returned is also
Believable, the server just can be operated according to the operation information to each occupancy account.
Continue to use the example above, such as the operation information according to table 2, then server is needed account ii and account
Family i is associated operation, account ii is obtained the identity authentication result as account i, and deprive
Account iii authentication, makes account iii lose authentication.
S207:Refusal is operated according to the operation information to each occupancy account.
In the embodiment of the present application, after it is determined that the authentication of the account to be verified fails, then it is assumed that this is treated
Verify that the identity information to be verified that account is provided is incredible, and refuse according to the operation information to respectively accounting for
Operated with account.
By the identity identifying method shown in Fig. 2, after the ID authentication request of account to be verified is received,
First without the authentication to the account to be verified, but first occupancy account of the investigation with common identity information
Family, the operation inquiry message of the mark comprising each occupancy account is sent to the account to be verified, and receives user
The operation information returned after being selected according to operation inquiry message, and now, user is in authentication procedures
In operation just have finished on so that user need not be again introduced into flow for authenticating ID, and the behaviour of user
Concentrate in one shorter time, without waiting as long for so that the operation of user becomes simpler
Clean facility, reduces the complexity of user's operation.Relative to existing method, this method user only needs once
All operationss can be completed into flow for authenticating ID, identity authentication result is only needed to wait for afterwards, it is a large amount of to save
The operation of user, makes the operation of user more facilitate.
Further, since to the identity to be verified and the certification of authentication information to be verified in step S205
Time-consuming very short, server can determine authentication result in real time, so in this application can be in step 202
Before, identity to be verified and the certification of authentication information to be verified are first carried out.Specifically can be such as in step S205
Described in, by third-party server to the identification card number and bank's card number certification, and it ought only recognize
Card just carries out follow-up step S203 when passing through, and if there is any certification not pass through, can directly terminate
Authentication procedures, determine the authentication failure of the account to be verified, that is, perform step S207.
By the above method, the row that other people information carry out authentication is usurped in prevention that on the one hand can be roughly
For, the step of investigation takes account is reduced, mitigates the operating pressure of server, save the resource consumption of service,
On the other hand, because aforementioned server can determine the identity to be verified and certification to be verified letter in real time
The authentication result of breath, so can also can equally be reduced the time that user expends in flow for authenticating ID.
Further, if determining that the identity to be verified and certification to be verified letter before step S202
The certification of breath passes through, then checking picture can be only treated in step S205 and is matched with normal pictures.
Further, due to the identity information to be verified, except identity to be verified, certification to be verified
Outside information and picture to be verified, other information to be verified can also be included, so step in this application
Before rapid S202, server can also classify to each information included in identity information to be verified, will
The verification process that verification process takes the information to be verified below threshold value is completed before step S202, will
The verification process of the time-consuming information to be verified not below threshold value of verification process is carried out in step S205.That is,
The authentication result of time-consuming less information to be verified in the identity information to be verified is determined before step S202,
The authentication result of time-consuming longer information to be verified in the identity information to be verified is determined in step S205.
It should be noted that other described information to be verified can be text information, picture, audio or video etc.
(e.g., biological information).
Based on the authentication procedures shown in Fig. 2, the embodiment of the present application additionally provides a kind of identification authentication system,
As shown in Figure 3.
Fig. 3 is that the embodiment of the present application provides a kind of structural representation of identification authentication system, specifically include with:
First receiving module 301, the ID authentication request for receiving account to be verified, wherein, the body
Part certification request includes:Identity information to be verified;
Determining module 302, for determining each account corresponding with the identity information to be verified, as respectively accounting for
Use account;
Sending module 303, the operation for sending the mark comprising each occupancy account to the account to be verified
Inquiry message;
Second receiving module 304, is returned for receiving the account to be verified according to the operation inquiry message
To it is each occupancy account operation information;
Authentication operation module 305, for according to the identity information to be verified, judging the account to be verified
Authentication whether succeed, if success, according to the operation information, each occupancy account is operated,
If failure, refuse to operate each occupancy account according to the operation information.
The identity information to be verified includes:Identity to be verified, authentication information to be verified and to be verified
At least one of picture.
The identity to be verified includes identification card number, and the authentication information to be verified includes bank's card number.
The determining module 302 is additionally operable to, it is determined that each account corresponding with the identity information to be verified
Before, the identification card number and bank's card number certification are passed through by third-party server.
The determining module 302 is specifically for determining to comprise at least the identity mark to be verified in accounts information
Knowledge and/or the account of authentication information to be verified, are used as and take account.
The sending module 303 is specifically for the account for identifying, respectively taking account of each occupancy account is believed
Breath, each corresponding option of operation of account that takes are carried in operation inquiry message, and are sent to described to be verified
Account.
The option of operation includes:By the account to be verified with take the associated option of operation of account and
Deprive the option of operation for the identity authentication result for taking account.
If the picture to be verified is identity card picture to be verified.
The authentication operation module 305 is specifically for according to the identification card number, from third-party server
The corresponding identity card picture of the identification card number is obtained, as normal pictures, the identity card to be verified is judged
Whether picture matches with the normal pictures, if, it is determined that the authentication success of the account to be verified,
Otherwise, it determines the authentication failure of the account to be verified.
Specifically, above-mentioned identification authentication system as shown in Figure 3 can be located in server, wherein, the clothes
It can also be multiple that business device, which can be one,., specifically can also be using interior when the server is multiple
Content distributing network, the contact set up between multiple servers, specific implementation the application is not originally limited.
In a typical configuration, computing device includes one or more processors (CPU), input/defeated
Outgoing interface, network interface and internal memory.
Internal memory potentially includes the volatile memory in computer-readable medium, random access memory
And/or the form, such as read-only storage (ROM) or flash memory (flash RAM) such as Nonvolatile memory (RAM).
Internal memory is the example of computer-readable medium.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by appointing
What method or technique realizes that information is stored.Information can be computer-readable instruction, data structure, program
Module or other data.The example of the storage medium of computer includes, but are not limited to phase transition internal memory
(PRAM), static RAM (SRAM), dynamic random access memory (DRAM), its
Random access memory (RAM), read-only storage (ROM), the electrically erasable of his type are read-only
Memory (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc read-only storage
(CD-ROM), digital versatile disc (DVD) or other optical storages, magnetic cassette tape, tape magnetic
Disk storage or other magnetic storage apparatus or any other non-transmission medium, can be calculated available for storage
The information that equipment is accessed.Defined according to herein, computer-readable medium does not include temporary computer-readable matchmaker
The data-signal and carrier wave of body (transitory media), such as modulation.
It should also be noted that, term " comprising ", "comprising" or its any other variant are intended to non-row
His property is included, so that process, method, commodity or equipment including a series of key elements not only include
Those key elements, but also other key elements including being not expressly set out, or also include for this process,
Method, commodity or the intrinsic key element of equipment.In the absence of more restrictions, by sentence " including
One ... " key element that limits, it is not excluded that in the process including the key element, method, commodity or set
Also there is other identical element in standby.
It will be understood by those skilled in the art that embodiments herein can be provided as method, system or computer journey
Sequence product.Therefore, the application can using complete hardware embodiment, complete software embodiment or combine software and
The form of the embodiment of hardware aspect.Moreover, the application can be used wherein includes calculating one or more
Machine usable program code computer-usable storage medium (include but is not limited to magnetic disk storage, CD-ROM,
Optical memory etc.) on the form of computer program product implemented.
Embodiments herein is the foregoing is only, the application is not limited to.For this area skill
For art personnel, the application can have various modifications and variations.All institutes within spirit herein and principle
Any modification, equivalent substitution and improvements of work etc., should be included within the scope of claims hereof.