CN107146086A - The method and mobile terminal of authentication - Google Patents
The method and mobile terminal of authentication Download PDFInfo
- Publication number
- CN107146086A CN107146086A CN201710436026.4A CN201710436026A CN107146086A CN 107146086 A CN107146086 A CN 107146086A CN 201710436026 A CN201710436026 A CN 201710436026A CN 107146086 A CN107146086 A CN 107146086A
- Authority
- CN
- China
- Prior art keywords
- risk
- authentication
- trading activity
- hardware
- scheme
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention is applied to communication technical field there is provided a kind of method of authentication and mobile terminal, and methods described includes:Read the authentication Scheme Choice strategy pre-set;It is preferential that authentication is carried out using the hardware SE authentications scheme based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy;If the authentication Scheme Choice strategy is for convenience of quick preference strategy, preferential to carry out authentication using the authentication scheme based on non-hardware medium.Pass through the present invention, authentication can be carried out using the safest hardware SE authentications scheme based on hardware medium with prioritizing selection, can also prioritizing selection authentication is carried out using the authentication scheme based on non-hardware medium, therefore can be with compromise between security and Consumer's Experience.The method for overcoming the authentication of prior art offer can not compromise between security and the problem of Consumer's Experience.
Description
Technical field
The invention belongs to the method and mobile terminal of communication technical field, more particularly to a kind of authentication.
Background technology
At present, during mobile payment, to ensure that security has diversified safety guarantee scheme to ensure user
The legitimacy of identity.These safety guarantee schemes have different modes of operation, possess different safe classes, go for
Different application scenarios.
Wherein, hardware security module (Secure Element, SE) authentication scheme based on hardware medium, due to having
Special hardware medium, more safe and reliable, but need extra hardware spending, operating experience may also can be worse.
Authentication scheme based on non-hardware medium, such as soft TOKEN schemes and other schemes, such as mobile phone identifying code
Scheme, can be more convenient compared to hardware SE schemes, but security may be worse, especially under the scene of block trade,
Safety guarantee may be not enough.
However, in process of the present invention is realized, inventor has found that the method for the authentication that prior art is provided at least is deposited
In following problem:
During mobile payment, the method for the authentication that prior art is provided is merely using based on the hard of hardware medium
Part SE authentications scheme or based on non-hardware medium authentication scheme, it is impossible to compromise between security and Consumer's Experience.
The content of the invention
In view of this, the embodiment of the present invention provides a kind of method, device and mobile terminal of authentication, existing to solve
The method for the authentication that technology is provided can not compromise between security and the problem of Consumer's Experience.
First aspect includes there is provided a kind of method of authentication, methods described:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
SE authentications scheme carries out authentication;
It is preferential using based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Authentication scheme carry out authentication.
Further, it is described preferential using the hardware SE authentications scheme progress authentication bag based on hardware medium
Include:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, after the authentication scheme progress authentication used based on non-hardware medium, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding
Transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, the preferential authentication scheme progress authentication used based on non-hardware medium includes:
If the trading activity carried out is low-risk trading activity, using the authentication scheme based on non-hardware medium
Carry out authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using based on hardware medium
Hardware SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Second aspect includes there is provided a kind of mobile terminal, the mobile terminal:
Tactful read module, for reading the authentication Scheme Choice strategy pre-set;
First authentication module, if being safe preference strategy for the authentication Scheme Choice strategy, preferentially
Authentication is carried out using the hardware SE authentications scheme based on hardware medium;
Second authentication module, if for the authentication Scheme Choice strategy for convenience of quick preference strategy,
It is preferential that authentication is carried out using the authentication scheme based on non-hardware medium.
Further, first authentication module includes:
First authentication unit, if for there is hardware SE, using the hardware SE authentication schemes based on hardware medium
Carry out authentication;
Second authentication unit, if in the absence of hardware SE, being entered using the authentication scheme based on non-hardware medium
Row authentication.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, first authentication module also includes:
Unit is forbidden in first transaction, for before confirming to pay, judging whether carried out trading activity is excessive risk
Trading activity, if it is, forbidding transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, second authentication module includes:
3rd authentication unit, if the trading activity for being carried out is low-risk trading activity, using based on non-hardware
The authentication scheme of medium carries out authentication;
, if being high-risk transactions behavior for the trading activity carried out, and there is hardware SE, then adopt in the 4th authentication unit
Authentication is carried out with the hardware SE authentications scheme based on hardware medium;
Unit is forbidden in second transaction, if the trading activity for being carried out is high-risk transactions behavior, but in the absence of hardware
SE, then forbid transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
The third aspect is there is provided a kind of mobile terminal, including memory, processor and is stored in the memory and can
The computer program run on the processor, it is characterised in that realized described in the computing device during computer program
Following steps:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
SE authentications scheme carries out authentication;
It is preferential using based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Authentication scheme carry out authentication.
Further, it is described preferential using the hardware SE authentications scheme progress authentication bag based on hardware medium
Include:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, after the authentication scheme progress authentication used based on non-hardware medium, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding
Transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, the preferential authentication scheme progress authentication used based on non-hardware medium includes:
If the trading activity carried out is low-risk trading activity, using the authentication scheme based on non-hardware medium
Carry out authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using based on hardware medium
Hardware SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Fourth aspect has calculating there is provided a kind of computer-readable recording medium, the computer-readable recording medium storage
Machine program, the computer program realizes following steps when being executed by processor:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
SE authentications scheme carries out authentication;
It is preferential using based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Authentication scheme carry out authentication.
Further, it is described preferential using the hardware SE authentications scheme progress authentication bag based on hardware medium
Include:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
Trading activity is divided into low-risk trading activity and excessive risk according further to the risk class of trading activity
Trading activity, after the authentication scheme progress authentication used based on non-hardware medium, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding
Transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, the preferential authentication scheme progress authentication used based on non-hardware medium includes:
If the trading activity carried out is low-risk trading activity, using the authentication scheme based on non-hardware medium
Carry out authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using based on hardware medium
Hardware SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
The beneficial effect that the embodiment of the present invention exists compared with prior art is:The embodiment of the present invention is according to the identity of reading
Proof scheme selection strategy, can carry out identity with the safest hardware SE authentications scheme based on hardware medium of prioritizing selection
Checking, can also authentication scheme of the prioritizing selection based on non-hardware medium carry out authentication, therefore safety can be taken into account
Property and Consumer's Experience.Overcome prior art offer authentication method can not compromise between security and Consumer's Experience ask
Topic.
Furthermore it is possible to be tested with reference to the hardware SE authentications scheme based on hardware medium and the identity based on non-hardware medium
The advantage of card scheme.High-risk transactions behavior must be verified by the hardware SE authentication schemes based on hardware medium;It is low
Risk trade behavior can select the authentication scheme based on non-hardware medium to carry out authentication.
Brief description of the drawings
Technical scheme in order to illustrate the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
In required for the accompanying drawing that uses be briefly described, it should be apparent that, drawings in the following description are only some of the present invention
Embodiment, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these
Accompanying drawing obtains other accompanying drawings.
Fig. 1 is the schematic flow diagram of the method for the authentication that first embodiment of the invention is provided;
Fig. 2 is the schematic block diagram for the mobile terminal that second embodiment of the invention is provided.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
It should be noted that the mobile terminal of the embodiment of the present invention can be mobile phone, PDA, mobile PC etc..
The realization of the present invention is described in detail below in conjunction with specific embodiment:
Embodiment one
Fig. 1 shows the exemplary flow of the method for the authentication that the embodiment of the present invention one is provided, and this method is applied to move
Dynamic terminal, details are as follows:
In step S101, the authentication Scheme Choice strategy pre-set is read.
In embodiments of the present invention, an authentication Scheme Choice strategy, the authentication side can be pre-set
Case selection strategy includes safe preference policies and convenient and swift preference strategy.Before authentication is carried out, mobile terminal can
To read the authentication Scheme Choice strategy, different authentications is used according to the authentication Scheme Choice strategy
Scheme carries out authentication.
In step s 102, if the authentication Scheme Choice strategy is safe preference strategy, preferential use is based on
The hardware SE authentications scheme of hardware medium carries out authentication.
In embodiments of the present invention, mobile terminal reads the authentication Scheme Choice strategy pre-set, if described
Authentication selection strategy is safe preference policies, then detects whether there is hardware SE, if there is hardware SE, then can be with
Authentication is directly carried out using the hardware SE authentications scheme based on hardware medium, to ensure the security of transaction.
If detected in the absence of hardware SE, using the authentication scheme based on non-hardware medium.Wherein, based on non-
The authentication scheme of hardware medium includes soft TOKEN authentications scheme, identifying code authentication scheme etc., does not limit herein
System.
Wherein it is possible to which trading activity is divided into low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity.
Preferably, after authentication is carried out using the authentication scheme based on non-hardware medium, before confirming to pay,
Need to judge whether used authentication scheme matches with the risk class of the trading activity carried out, if using being based on
The authentication scheme of non-hardware medium carries out authentication, but the trading activity carried out is high-risk transactions behavior, then prohibits
Only merchandise, to ensure the security of transaction.
Wherein, high-risk transactions behavior is the trading activity that value-at-risk is more than default risk threshold value.
Wherein, the assessment of transaction risk typically integrates various information to complete.For example:The small amount of money is general compared to the big amount of money
Risk is relatively low, and the size amount of money can be set as the case may be, for example, can be great Jin more than 500 yuan with 500 yuan for boundary line
Volume, is otherwise the small amount of money, and the present invention is not limited the specific amount of money;Merchandised in permanent residence relatively low compared to strange land risk;It is fixed
Customer action it is relatively low compared to abnormal user's movement risk, fixed customer action can often be transferred accounts fixation to someone
Amount of money etc., the present invention is not limited the type of specifically fixed customer action.Obtained specifically, how to carry out risk assessment
The value-at-risk of each trading activity, and determine that trading activity is high-risk transactions behavior or low according to value-at-risk and risk threshold value
Risk trade behavior, is not limited in embodiments of the present invention, and only its result need to be utilized in the present invention.
In step s 103, it is preferential to use if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Authentication scheme based on non-hardware medium carries out authentication.
In embodiments of the present invention, mobile terminal reads the authentication Scheme Choice strategy pre-set, if described
Authentication selection strategy is convenient and swift selection strategy, then can preferentially use the authentication scheme based on non-hardware medium
Carry out authentication.Specifically, the risk class of carried out trading activity can first be read, according to the trading activity carried out
Risk class determine that carried out trading activity is low-risk trading activity or high-risk transactions behavior, if carried out
Trading activity is low-risk trading activity, then directly carries out authentication using the authentication scheme based on non-hardware medium,
To ensure the convenient, fast property of transaction.
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using based on hardware medium
Hardware SE authentications scheme carries out authentication;If the trading activity carried out is high-risk transactions behavior, but in the absence of hard
Part SE, then forbid transaction, to ensure the security of transaction.
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Wherein, for low-risk trading activity, directly select and carried out using the authentication scheme based on non-hardware medium
Authentication, it is ensured that transaction it is convenient and swift.Only high-risk transactions behavior is just selected using based on the hard of hardware medium
Part SE authentications scheme carries out authentication, is increased without hardware spending unnecessary, and ensure that the security of transaction.
By the embodiment of the present invention, according to the authentication Scheme Choice strategy of reading, it can be used and most pacified with prioritizing selection
The full hardware SE authentications scheme based on hardware medium carries out authentication, to ensure the security of authentication, also may be used
With prioritizing selection, using most convenient, efficiently the authentication scheme based on non-hardware medium carries out authentication, therefore can be simultaneous
Security and Consumer's Experience are turned round and look at, the method for overcoming the authentication of prior art offer can not compromise between security and Consumer's Experience
The problem of.
In addition, when authentication Scheme Choice strategy is safe and efficient preferential, bank or other Facultys of Finance can be combined
The security risk assessment united to trading activity, the verification mode paid according to the risk class of trading activity, dynamic select.Low wind
Dangerous trading activity can be increased without the hardware spending being not necessarily to, and ensure that friendship without using hardware SE authentication schemes
Easy is safe and efficient;High-risk transactions behavior must use hardware SE authentication schemes, it is ensured that the security of transaction.
It should be understood that in embodiments of the present invention, the size of the sequence number of above-mentioned each process is not meant to the elder generation of execution sequence
Afterwards, the execution sequence of each process should be determined with its function and internal logic, the implementation process structure without tackling the embodiment of the present invention
Limited into any.
Can one of ordinary skill in the art will appreciate that realizing that all or part of step in the various embodiments described above method is
To instruct the hardware of correlation to complete by program, corresponding program can be stored in a computer read/write memory medium
In, described storage medium, such as ROM/RAM, disk or CD.
Embodiment two
Fig. 2 shows the schematic block diagram for the mobile terminal 2 that the embodiment of the present invention two is provided, and for convenience of description, only shows
The part related to the embodiment of the present invention is gone out.The mobile terminal 2 includes:Tactful read module 21, the first authentication mould
The authentication module 23 of block 22 and second.
Wherein, tactful read module 21, for reading the authentication Scheme Choice strategy pre-set;
First authentication module 22, it is excellent if being safe preference strategy for the authentication Scheme Choice strategy
Authentication is first carried out using the hardware SE authentications scheme based on hardware medium;
Second authentication module 23, if for the authentication Scheme Choice strategy for convenience of quick preference strategy,
It is then preferential that authentication is carried out using the authentication scheme based on non-hardware medium.
Specifically, first authentication module 22 includes:
First authentication unit, if for there is hardware SE, using the hardware SE authentication schemes based on hardware medium
Carry out authentication;
Second authentication unit, if in the absence of hardware SE, being entered using the authentication scheme based on non-hardware medium
Row authentication.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, first authentication module 22 also includes:
Unit is forbidden in first transaction, for before confirming to pay, judging whether carried out trading activity is excessive risk
Trading activity, if it is, forbidding transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Specifically, trading activity is divided into low-risk trading activity and excessive risk friendship according to the risk class of trading activity
Easy to be, second authentication module 23 includes:
3rd authentication unit, if the trading activity for being carried out is low-risk trading activity, using based on non-hardware
The authentication scheme of medium carries out authentication;
, if being high-risk transactions behavior for the trading activity carried out, and there is hardware SE, then adopt in the 4th authentication unit
Authentication is carried out with the hardware SE authentications scheme based on hardware medium;
Unit is forbidden in second transaction, if the trading activity for being carried out is high-risk transactions behavior, but in the absence of hardware
SE, then forbid transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Yet another embodiment of the invention additionally provides another mobile terminal, and the mobile terminal includes:Memory, processor
And it is stored in the computer program that can be run in the memory and on the processor, meter described in the computing device
Following steps are realized during calculation machine program:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
SE authentications scheme carries out authentication;
It is preferential using based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Authentication scheme carry out authentication.
Specifically, the preferential hardware SE authentications scheme progress authentication used based on hardware medium includes:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, after the authentication scheme progress authentication used based on non-hardware medium, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding
Transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Specifically, trading activity is divided into low-risk trading activity and excessive risk friendship according to the risk class of trading activity
Easy to be, the preferential authentication scheme progress authentication used based on non-hardware medium includes:
If the trading activity carried out is low-risk trading activity, using the authentication scheme based on non-hardware medium
Carry out authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using based on hardware medium
Hardware SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Mobile terminal provided in an embodiment of the present invention can be applied in foregoing corresponding embodiment of the method one, details referring to
The description of above-described embodiment one, will not be repeated here.
Yet another embodiment of the invention additionally provides a kind of computer-readable recording medium, and the computer-readable recording medium can
To be the computer-readable recording medium included in the memory in above-described embodiment;Can also be individualism, it is unassembled
Enter the computer-readable recording medium in terminal.The computer-readable recording medium storage has one or more than one journey
Sequence, one or more than one program is used for performing an information processing side by one or more than one processor
Method, the described method comprises the following steps:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
SE authentications scheme carries out authentication;
It is preferential using based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Authentication scheme carry out authentication.
Specifically, the preferential hardware SE authentications scheme progress authentication used based on hardware medium includes:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
Further, trading activity is divided into by low-risk trading activity and excessive risk according to the risk class of trading activity
Trading activity, after the authentication scheme progress authentication used based on non-hardware medium, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding
Transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Specifically, trading activity is divided into low-risk trading activity and excessive risk friendship according to the risk class of trading activity
Easy to be, the preferential authentication scheme progress authentication used based on non-hardware medium includes:
If the trading activity carried out is low-risk trading activity, using the authentication scheme based on non-hardware medium
Carry out authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using based on hardware medium
Hardware SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, high-risk transactions row
For be value-at-risk be more than default risk threshold value trading activity.
Those of ordinary skill in the art are it is to be appreciated that the list of each example described with reference to the embodiments described herein
Member and algorithm steps, can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
Performed with hardware or software mode, depending on the application-specific and design constraint of technical scheme.Professional and technical personnel
Described function can be realized using distinct methods to each specific application, but this realization is it is not considered that exceed
The scope of the present invention.
It is apparent to those skilled in the art that, for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
, can be with several embodiments provided herein, it should be understood that disclosed systems, devices and methods
Realize by another way.For example, device embodiment described above is only schematical, for example, the unit
Divide, only a kind of division of logic function there can be other dividing mode when actually realizing, such as multiple units or component
Another system can be combined or be desirably integrated into, or some features can be ignored, or do not perform.It is another, it is shown or
The coupling each other discussed or direct-coupling or communication connection can be the indirect couplings of device or unit by some interfaces
Close or communicate to connect, can be electrical, machinery or other forms.
The unit illustrated as separating component can be or may not be it is physically separate, it is aobvious as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.
If the function is realized using in the form of SFU software functional unit and is used as independent production marketing or in use, can be with
It is stored in a computer read/write memory medium.Understood based on such, technical scheme is substantially in other words
The part contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter
Calculation machine software product is stored in a storage medium, including some instructions are to cause a computer equipment (can be individual
People's computer, server, or network equipment etc.) perform all or part of step of each of the invention embodiment methods described.
And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited
Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained
Cover within protection scope of the present invention.Therefore, protection scope of the present invention described should be defined by scope of the claims.
Claims (16)
1. a kind of method of authentication, it is characterised in that methods described includes:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware security based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
Module SE authentications scheme carries out authentication;
It is preferential to use the body based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Part proof scheme carries out authentication.
2. the method as described in claim 1, it is characterised in that the preferential hardware SE identity of the use based on hardware medium is tested
Card scheme, which carries out authentication, to be included:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
3. method as claimed in claim 2, it is characterised in that be divided into trading activity according to the risk class of trading activity
Low-risk trading activity and high-risk transactions behavior, described using the authentication scheme progress identity based on non-hardware medium
After checking, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding handing over
Easily;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
4. the method as described in claim 1, it is characterised in that be divided into trading activity according to the risk class of trading activity
Low-risk trading activity and high-risk transactions behavior, it is described preferential using the authentication scheme progress body based on non-hardware medium
Part checking includes:
If the trading activity carried out is low-risk trading activity, carried out using the authentication scheme based on non-hardware medium
Authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using the hardware based on hardware medium
SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
5. a kind of mobile terminal, it is characterised in that the mobile terminal includes:
Tactful read module, for reading the authentication Scheme Choice strategy pre-set;
First authentication module, it is preferential to use if being safe preference strategy for the authentication Scheme Choice strategy
Hardware security module SE authentications scheme based on hardware medium carries out authentication;
Second authentication module, if for the authentication Scheme Choice strategy for convenience of quick preference strategy, preferentially
Authentication is carried out using the authentication scheme based on non-hardware medium.
6. mobile terminal as claimed in claim 5, it is characterised in that first authentication module includes:
First authentication unit, if for there is hardware SE, being carried out using the hardware SE authentications scheme based on hardware medium
Authentication;
Second authentication unit, if in the absence of hardware SE, body to be carried out using the authentication scheme based on non-hardware medium
Part checking.
7. mobile terminal as claimed in claim 6, it is characterised in that drawn trading activity according to the risk class of trading activity
It is divided into low-risk trading activity and high-risk transactions behavior, first authentication module also includes:
Unit is forbidden in first transaction, for before confirming to pay, judging whether carried out trading activity is high-risk transactions
Behavior, if it is, forbidding transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
8. mobile terminal as claimed in claim 5, it is characterised in that drawn trading activity according to the risk class of trading activity
It is divided into low-risk trading activity and high-risk transactions behavior, second authentication module includes:
3rd authentication unit, if the trading activity for being carried out is low-risk trading activity, using based on non-hardware medium
Authentication scheme carry out authentication;
, if being high-risk transactions behavior for the trading activity carried out, and there is hardware SE, then using base in the 4th authentication unit
Authentication is carried out in the hardware SE authentications scheme of hardware medium;
Unit is forbidden in second transaction, if the trading activity for being carried out is high-risk transactions behavior, but hardware SE is not present, then
Forbid transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
9. a kind of mobile terminal, including memory, processor and it is stored in the memory and can be on the processor
The computer program of operation, it is characterised in that realize following steps during computer program described in the computing device:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware security based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
Module SE authentications scheme carries out authentication;
It is preferential to use the body based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Part proof scheme carries out authentication.
10. mobile terminal as claimed in claim 9, it is characterised in that described preferential using the hardware SE based on hardware medium
Authentication scheme, which carries out authentication, to be included:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
11. mobile terminal as claimed in claim 10, it is characterised in that according to the risk class of trading activity by trading activity
Low-risk trading activity and high-risk transactions behavior are divided into, is entered described using the authentication scheme based on non-hardware medium
After row authentication, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding handing over
Easily;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
12. mobile terminal as claimed in claim 9, it is characterised in that according to the risk class of trading activity by trading activity
Low-risk trading activity and high-risk transactions behavior are divided into, it is described preferential using the authentication scheme based on non-hardware medium
Carrying out authentication includes:
If the trading activity carried out is low-risk trading activity, carried out using the authentication scheme based on non-hardware medium
Authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using the hardware based on hardware medium
SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
13. a kind of computer-readable recording medium, the computer-readable recording medium storage has computer program, its feature exists
In the computer program realizes following steps when being executed by processor:
Read the authentication Scheme Choice strategy pre-set;
It is preferential to use the hardware security based on hardware medium if the authentication Scheme Choice strategy is safe preference strategy
Module SE authentications scheme carries out authentication;
It is preferential to use the body based on non-hardware medium if the authentication Scheme Choice strategy is for convenience of quick preference strategy
Part proof scheme carries out authentication.
14. computer-readable recording medium as claimed in claim 13, it is characterised in that described preferential using based on hardware Jie
The hardware SE authentications scheme of matter, which carries out authentication, to be included:
If there is hardware SE, authentication is carried out using the hardware SE authentications scheme based on hardware medium;
If in the absence of hardware SE, authentication is carried out using the authentication scheme based on non-hardware medium.
15. computer-readable recording medium as claimed in claim 14, it is characterised in that
Trading activity is divided into by low-risk trading activity and high-risk transactions behavior according to the risk class of trading activity, in institute
State using based on non-hardware medium authentication scheme carry out authentication after, in addition to:
Before confirming to pay, judge whether carried out trading activity is high-risk transactions behavior, if it is, forbidding handing over
Easily;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
16. computer-readable recording medium as claimed in claim 13, it is characterised in that according to the risk class of trading activity
Trading activity is divided into low-risk trading activity and high-risk transactions behavior, it is described preferential using the body based on non-hardware medium
Part proof scheme, which carries out authentication, to be included:
If the trading activity carried out is low-risk trading activity, carried out using the authentication scheme based on non-hardware medium
Authentication;
If the trading activity carried out is high-risk transactions behavior, and there is hardware SE, then using the hardware based on hardware medium
SE authentications scheme carries out authentication;
If the trading activity carried out is high-risk transactions behavior, but in the absence of hardware SE, then forbids transaction;
Wherein, low-risk trading activity is the trading activity that value-at-risk is less than default risk threshold value, and high-risk transactions behavior is
Value-at-risk is more than the trading activity of default risk threshold value.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710436026.4A CN107146086A (en) | 2017-06-09 | 2017-06-09 | The method and mobile terminal of authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710436026.4A CN107146086A (en) | 2017-06-09 | 2017-06-09 | The method and mobile terminal of authentication |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107146086A true CN107146086A (en) | 2017-09-08 |
Family
ID=59782701
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710436026.4A Pending CN107146086A (en) | 2017-06-09 | 2017-06-09 | The method and mobile terminal of authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107146086A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112000956A (en) * | 2020-08-27 | 2020-11-27 | 山东超越数控电子股份有限公司 | Identity verification method and system based on trusted computer |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2667807Y (en) * | 2004-01-08 | 2004-12-29 | 中国工商银行 | Network bank with device for encrypting and idetificating utilizing USB key |
| CN104113418A (en) * | 2014-07-15 | 2014-10-22 | 浪潮通用软件有限公司 | Rule-configuration-based compound identity authentication method in ERP (enterprise resource planning) system |
| US20160277396A1 (en) * | 2015-01-14 | 2016-09-22 | Tactilis Sdn Bhd | System and method for selectively initiating biometric authentication for enhanced security of access control transactions |
| CN106529961A (en) * | 2016-11-07 | 2017-03-22 | 郑州游爱网络技术有限公司 | Bank fingerprint payment processing method |
-
2017
- 2017-06-09 CN CN201710436026.4A patent/CN107146086A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2667807Y (en) * | 2004-01-08 | 2004-12-29 | 中国工商银行 | Network bank with device for encrypting and idetificating utilizing USB key |
| CN104113418A (en) * | 2014-07-15 | 2014-10-22 | 浪潮通用软件有限公司 | Rule-configuration-based compound identity authentication method in ERP (enterprise resource planning) system |
| US20160277396A1 (en) * | 2015-01-14 | 2016-09-22 | Tactilis Sdn Bhd | System and method for selectively initiating biometric authentication for enhanced security of access control transactions |
| CN106529961A (en) * | 2016-11-07 | 2017-03-22 | 郑州游爱网络技术有限公司 | Bank fingerprint payment processing method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112000956A (en) * | 2020-08-27 | 2020-11-27 | 山东超越数控电子股份有限公司 | Identity verification method and system based on trusted computer |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3780541B1 (en) | Identity information identification method and device | |
| CN110020786A (en) | Business processing, air control recognition methods, device and equipment | |
| US20070133768A1 (en) | Fraud detection for use in payment processing | |
| CN105959317A (en) | Security authentication method and terminal | |
| CN108985569A (en) | A kind of vehicle risk appraisal procedure, server | |
| CN107705130A (en) | A kind of on-line payment method | |
| CN108564459A (en) | Judgment method, device, equipment and the readable storage medium storing program for executing of abnormal type of transaction | |
| CN110738473A (en) | Wind control method, system, device and equipment | |
| CN105847292B (en) | A kind of cloud method for authenticating, apparatus and system based on NFC-HCE | |
| CN107707527A (en) | A kind of detection method, read-write terminal and the system of smart card relay attack | |
| EP3547243A1 (en) | Methods and apparatuses for fraud handling | |
| CN104012122A (en) | Method for communicating with an application on a portable data storage medium, and such a portable data storage medium | |
| CN107146086A (en) | The method and mobile terminal of authentication | |
| Gold | The evolution of payment card fraud | |
| CN109191096A (en) | A kind of signing risk quantification method withholds risk quantification method, device and equipment | |
| CN108550043A (en) | The method for anti-counterfeit of commodity sign, the verification method of device and commodity true and false, device | |
| CN106157034A (en) | The monitoring method and apparatus of data network transfer and communication system | |
| US11403639B2 (en) | Method of auto-detection of an attempted piracy of an electronic payment card, corresponding card, terminal and program | |
| CN107292194A (en) | A kind of data guard method, mobile terminal and storage medium | |
| CN110956544B (en) | Digital asset transaction risk control method and device | |
| Reed | Mobilizing payments: behind the screen of the latest payment trend | |
| Souvignet et al. | Payment card forensic analysis: From concepts to desktop and mobile analysis tools | |
| CN110009386B (en) | User classification method, device, computer equipment and storage medium | |
| CN106204024A (en) | Method of mobile payment under a kind of line | |
| CN111708994A (en) | Risk management method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170908 |
|
| RJ01 | Rejection of invention patent application after publication |