CN107689936B - Security verification system, method and device for login account - Google Patents
Security verification system, method and device for login account Download PDFInfo
- Publication number
- CN107689936B CN107689936B CN201610630377.4A CN201610630377A CN107689936B CN 107689936 B CN107689936 B CN 107689936B CN 201610630377 A CN201610630377 A CN 201610630377A CN 107689936 B CN107689936 B CN 107689936B
- Authority
- CN
- China
- Prior art keywords
- login
- server
- account
- devices
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Abstract
The invention discloses a system, a method and a device for verifying the security of a login account. Wherein, the method comprises the following steps: the method comprises the steps that a first server obtains a log file corresponding to a current login account, wherein the log file is used for monitoring the login conditions of the current login account on one or more login devices; the first server analyzes the log file to obtain a log analysis result, wherein the log analysis result is used for providing a judgment basis for authorization verification of one or more login devices; and the first server sends the log analysis result to the terminal. The invention solves the technical problem that the protection mode of the login account provided by the related technology is lack of the technology for confirming whether the user equipment of the login account has legal authorization.
Description
Technical Field
The invention relates to the field of internet, in particular to a system, a method and a device for verifying the security of a login account.
Background
At present, the technical scheme of security authentication provided in the related art is mainly to present a login page on a display screen of a terminal, and then a user inputs a user name and a password corresponding to a login process to be authenticated and authorized, and optionally, an additional verification code may be input to complete the login.
However, the key drawback of the above conventional login method is that the login method using "username + password" has low security, which is difficult to prevent a hacker from frequently using a method such as bumping a library to maliciously acquire the username and password of the login account, thereby causing the leakage of personal privacy information associated with the login account, the theft of personal funds associated with the login account, and the economic and mental losses of the user, and once the loss is caused, the login method is difficult to recover. For lost funds, subsequent claims can only be made to the application provider or bank through complex reimbursement procedures. Not only does it take a long time to identify account theft, but the amount of claims that the user can actually obtain is also very limited.
Moreover, with the continuous development of science and technology, there are a number of applications developed according to different user requirements, including: instant messenger applications, such as: WeChat, QQ, non-instant messenger applications, such as: internet mailbox, search mailbox, payment applications, such as: internet banking, payment treasures, WeChat, secure storage class applications, such as: 360 cloud disk, entertainment applications, such as: a network game client and a microblog. The wide variety of applications typically require a user to perform security authentication using a username + password login. If a user owns the application programs of the multiple types at the same time and sets different user names and passwords based on security considerations, not only memory confusion or forgetting is caused, but also login needs to be recovered often through a channel of forgetting the password, and operation complexity is increased, namely, the user needs to perform security authentication in a login mode of 'user name + password' in the process of switching between the application programs of the different types.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides a system, a method and a device for verifying the security of a login account, which at least solve the technical problem that the login account protection mode provided in the related technology lacks the technical problem of confirming whether the user equipment of the login account has legal authorization.
According to an aspect of an embodiment of the present invention, there is provided a security verification system for a login account, including: the system comprises a first server, a second server and a terminal, wherein the first server is used for acquiring a log file corresponding to a current login account, analyzing the log file and sending a log analysis result obtained by analysis to the terminal, the log file is used for monitoring the login condition of the current login account on one or more login devices, and the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices; the terminal is used for receiving log analysis results from the first server and returning authorization verification results of one or more login devices to the first server, wherein the log analysis results are obtained by analyzing log files by the first server, the log files correspond to a current login account on the terminal, the log files are used for monitoring login conditions of the current login account on the one or more login devices, and the log analysis results are used for providing judgment basis for authorization verification of the one or more login devices.
Optionally, the first server is configured to extract and analyze login location information, login time information, and login device information corresponding to the current login account from the log file, and establish a mapping relationship between the current login account and the extracted login location information, login time information, and login device information to obtain a log analysis result.
Optionally, the system further includes: a second server; the first server is used for sending a first notification message to the second server when determining that part or all of one or more login devices belong to unauthorized login devices according to an authorization check result; and the second server is used for forbidding the current login account to log in on the unauthorized login device or limiting the operation authority of the current login account on the unauthorized login device according to the first notification message.
Optionally, the system further includes: a third server; the first server is used for sending a second notification message to the third server when determining that part or all of one or more login devices belong to authorized login devices according to an authorization verification result; and the third server is used for eliminating the authority verification process when the current login account is operated on the authorized login equipment according to the triggering of the second notification message.
According to another aspect of the embodiments of the present invention, there is also provided a method for verifying security of a login account, including: the method comprises the steps that a first server obtains a log file corresponding to a current login account, wherein the log file is used for monitoring the login conditions of the current login account on one or more login devices; the first server analyzes the log file to obtain a log analysis result, wherein the log analysis result is used for providing a judgment basis for authorization verification of one or more login devices; and the first server sends the log analysis result to the terminal.
Optionally, the parsing, by the first server, the log file, and obtaining a log analysis result includes: the first server analyzes login position information, login time information and login equipment information corresponding to the current login account from the log file; and the first server establishes a mapping relation between the current login account and the resolved login position information, login time information and login equipment information to obtain a log analysis result.
Optionally, after the first server sends the log analysis result to the terminal, the method further includes: the first server receives an authorization verification result from one or more login devices of the terminal; and if the first server determines that part or all of one or more login devices belong to unauthorized login devices according to the authorization check result, sending a first notification message to a second server, wherein the first notification message is used for notifying the second server to prohibit the current login account from logging in the unauthorized login device or limit the operation authority of the current login account on the unauthorized login device.
Optionally, after the first server sends the log analysis result to the terminal, the method further includes: the first server receives an authorization verification result from one or more login devices of the terminal; and if the first server determines that part or all of one or more login devices belong to the authorized login device according to the authorization verification result, sending a second notification message to a third server, wherein the second notification message is used for triggering the process of eliminating the authority verification when the current login account is operated on the authorized login device.
Optionally, the one or more login devices comprise at least one of: one or more mobile terminals, one or more personal computers.
According to another aspect of the embodiment of the present invention, there is provided another method for verifying security of a login account, including: the terminal receives a log analysis result from the first server, wherein the log analysis result is obtained by analyzing a log file by the first server, the log file corresponds to a current login account on the terminal, the log file is used for monitoring the login condition of the current login account on one or more login devices, and the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices; and the terminal returns the authorization verification result of one or more login devices to the first server.
Optionally, before the terminal receives the log analysis result from the first server, the method further includes: the terminal runs an application program and triggers real-name authentication and real-person authentication on the current login account; and the terminal determines that the current login account passes real-name authentication and real-person authentication, and starts an application program to perform a safety protection function on the current login account.
Optionally, the triggering, by the terminal, real-name authentication on the current login account includes: a terminal acquires a user name and a password corresponding to a current login account; the terminal sends the user name and the password to a fourth server, wherein the fourth server is used for acquiring real-name authentication information associated with the current login account after the current login account is successfully verified according to the user name and the password; and the terminal receives a first confirmation message from the fourth server, wherein the first confirmation message is used for indicating that the real-name authentication information exists.
Optionally, the triggering, by the terminal, the real-person authentication on the current login account includes: the terminal collects image information of an operator who logs in an account currently, wherein the image information comprises: the image of the operator in a static state and the image of the operator in a moving state; the terminal sends the acquired image information to a fifth server, wherein the fifth server is used for performing real person authentication on the current login account according to the acquired image information; and the terminal receives a second confirmation message from the fifth server, wherein the second confirmation message is used for indicating that the real-name authentication verification result is consistent with the real-name authentication verification result.
Optionally, after the terminal returns the authorization check result of the one or more login devices to the first server, the method further includes: and the terminal seamlessly switches from the current login account to the operation page of the associated account to be operated.
According to another aspect of the embodiments of the present invention, there is also provided a device for verifying security of a login account, including: the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a log file corresponding to a current login account, and the log file is used for monitoring the login condition of the current login account on one or more login devices; the analysis module is used for analyzing the log file to obtain a log analysis result, wherein the log analysis result is used for providing a judgment basis for authorization verification of one or more login devices; and the sending module is used for sending the log analysis result to the terminal.
According to another aspect of the embodiments of the present invention, there is provided another security verification apparatus for logging in an account, including: the receiving module is used for receiving a log analysis result from the first server, wherein the log analysis result is obtained by analyzing a log file by the first server, the log file corresponds to a current login account on the terminal, the log file is used for monitoring the login condition of the current login account on one or more login devices, and the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices; and the feedback module is used for returning the authorization verification result of one or more login devices to the first server.
In the embodiment of the invention, a first server is adopted to obtain a log file corresponding to a current login account and used for monitoring the login condition of the current login account on one or more login devices, the log file is analyzed, and a log analysis result obtained through analysis is sent to a terminal, so that the purpose of providing a judgment basis for authorization verification of one or more login devices is achieved, and therefore, all login devices logged in the current login account are respectively authorized and verified from the dimension of user equipment, so that the security level of account operation is improved, the technical effects of effectively preventing personal information from being leaked and preventing funds in the account from being stolen are achieved, and the technical problem that whether the login account protection mode provided in the related technology is lack of the technology for confirming whether the user equipment logged in the login account has legal authorization is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a schematic diagram of a scenario of a security verification system for a login account according to an embodiment of the present invention;
FIG. 2 is a flow diagram of a method for security verification of a login account according to an embodiment of the invention;
FIG. 3 is a flow diagram of another method for security verification of a login account according to an embodiment of the invention;
fig. 4 is a block diagram of a security verification apparatus for logging into an account according to an embodiment of the present invention;
fig. 5 is a block diagram of a security verification apparatus for logging into an account according to a preferred embodiment of the present invention;
FIG. 6 is a block diagram of another security verification apparatus for logging into an account according to an embodiment of the present invention;
fig. 7 is a block diagram of another security verification apparatus for logging into an account according to a preferred embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
First, some terms or terms appearing in the description of the embodiments of the present application are applicable to the following explanations:
(1) the current login account refers to a security protection type application program which is subjected to security authentication and needs to be added to a terminal currently operated by a user, and the application program provides protection for the current login account, so as to prevent personal information leakage and fund theft, wherein the type of the current login account can include but is not limited to: a shopping website personal account, a game client personal account, a bank card personal account, and an application software personal account with payment function.
(2) A log file refers to a file or collection of files that record the history and/or current records of a current login account logged in on one or more login devices.
(3) The log analysis result refers to analyzing each log record in the log file, and extracting login position information, login time information and login equipment information corresponding to the current login account recorded in the log record.
(4) Authorization checking refers to a technical means of distinguishing a device authorized to be legally logged in by a user from a device not authorized to be illegally logged in by the user from one or more login devices logged in by a current login account.
Example 1
According to an embodiment of the present invention, an embodiment of a security verification system for a login account is provided. Fig. 1 is a schematic view of a scenario of a security verification system for a login account according to an embodiment of the present invention. As shown in fig. 1, the system includes: the first server 10 is configured to obtain a log file corresponding to a current login account, parse the log file, and send a log analysis result obtained through parsing to the terminal, where the log file is used to monitor a login status of the current login account on one or more login devices, and the log analysis result is used to provide a judgment basis for authorization verification of the one or more login devices; the terminal 20 is configured to receive a log analysis result from the first server, and return an authorization check result of one or more login devices to the first server, where the log analysis result is obtained by analyzing a log file by the first server, the log file corresponds to a current login account on the terminal, the log file is used to monitor a login status of the current login account on the one or more login devices, and the log analysis result is used to provide a judgment basis for authorization check of the one or more login devices.
It should be noted that the terminal and the one or more login devices shown in fig. 1 may be computer devices (e.g., a personal computer) or mobile devices (e.g., a mobile phone or a tablet computer). The above-mentioned terminals have a touch display (also referred to as a "touch screen" or "touch display screen"). In some embodiments, the computer device (or mobile device) shown in fig. 1 above has a Graphical User Interface (GUI) with which a user can interact by touching finger contacts and/or gestures on a touch-sensitive surface, where the human interaction functionality optionally includes the following interactions: executable instructions for logging into an account, adding an account, authorizing authentication, etc., for performing the above-described human-machine interaction functions are configured/stored in one or more processor-executable computer program products or readable storage media.
The terminal and the server and the servers of different types can be connected via a data network, wherein the data network connection can be a local area network connection, a wide area network connection, an internet connection, or other types of data network connections. The server may provide network-based user services such as login account authorization authentication, online shopping, online payment, or other online applications.
Optionally, the first server 10 is configured to extract and analyze login location information, login time information, and login device information corresponding to the current login account from the log file, and establish a mapping relationship between the current login account and the extracted login location information, login time information, and login device information to obtain a log analysis result.
By analyzing the log file, a log analysis result is obtained, and the time, the place and the application programs (App) logged in by the current login account can be obtained from the dimension of the login equipment, so that the user can obtain the most comprehensive and complete login data information, and great convenience is provided for the user to distinguish equipment which is legally logged in through user authorization and equipment which is illegally logged in without user authorization.
Optionally, as shown in fig. 1, the system may further include: a second server 30; the first server 10 is used for sending a first notification message to the second server when determining that part or all of one or more login devices belong to unauthorized login devices according to an authorization check result; and the second server 30 is configured to prohibit the current login account from logging in the unauthorized login device or limit the operation right of the current login account on the unauthorized login device according to the first notification message.
The log analysis result is confirmed by the user, a security fence can be set for equipment logged in by the current login account in the security protection application program, the equipment authorized and legally logged in by the user is divided into the security fence, and the equipment is added to a legal white list and marked as white equipment; and for the devices which are not authorized by the user to illegally log in, the devices are classified outside the security fence, and the devices are added to an illegal blacklist to be marked as black devices. If the marked black device is confirmed by the user, the current login account needs to be prohibited from performing login operations again on the marked black device, that is, login fails, or even if the current login account can be successfully logged in again on the marked black device, the execution of account related operations on the marked black device may be limited, for example: checking the personal information of the user, transferring account number related funds and the like.
Optionally, as shown in fig. 1, the system may further include: a third server 40; the first server 10 is used for sending a second notification message to the third server when determining that part or all of one or more login devices belong to authorized login devices according to an authorization check result; and the third server 40 is used for triggering the permission verification process when the current login account is operated on the authorized login device according to the second notification message.
If the white device is marked by user confirmation, the security level of logging in the current login account on the white device can be improved according to specific settings, for example: the security score is set for the white device, the higher the score is, the more the verification-free operations are executed on the white device, and finally, the verification-free operations can be executed on the white device which is completely trusted, so that the operation complexity of the user is reduced, and the user experience is improved.
By the technical scheme provided by the embodiment of the invention, under the condition that the current login account is not known by a malicious attacker (such as a network hacker), the security protection application program can monitor the behavior that the malicious attacker tries to break the password in an exhaustive mode such as a database collision mode, and further can send risk prompt information to the user when abnormal login is found, so that the current login account is effectively prevented from being used by the malicious attacker.
In the above operating environment, the present application provides an embodiment of a security verification method for logging into an account as shown in fig. 2. It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowcharts, in some cases, the steps illustrated or described may be performed in an order different than presented herein. FIG. 2 is a flow diagram of a method for security verification of a login account according to an embodiment of the present invention. As shown in fig. 2, the method may include the following process steps:
step S20, the first server obtains a log file corresponding to the current login account, wherein the log file is used for monitoring the login status of the current login account on one or more login devices;
step S22, the first server analyzes the log file to obtain a log analysis result, wherein the log analysis result is used for providing a judgment basis for authorization verification of one or more login devices;
in step S24, the first server sends the log analysis result to the terminal.
The terminal runs a security protection application program, and the first server may be a background server associated with the security protection application program.
Optionally, in step S22, the parsing, by the first server, the log file to obtain the log analysis result may include the following steps:
step S221, the first server analyzes login position information, login time information and login equipment information corresponding to the current login account from the log file;
step S222, the first server establishes a mapping relationship between the current login account and the resolved login location information, login time information, and login device information, and obtains a log analysis result.
After a user registers a personal account in a shopping website, the user can complete account login operation in interactive login pages provided by a plurality of devices such as a mobile phone, a tablet personal computer and a personal computer, so that a background server corresponding to the shopping website can record each login operation of the user's personal account. The first server can acquire a log file from a background server corresponding to the shopping website, analyze login position information, login time information and login equipment information corresponding to each login operation from the log file, establish a mapping relation between a current login account and the analyzed login position information, login time information and login equipment information, and further generate a log analysis result convenient for a user to identify.
Optionally, in step S24, after the first server sends the log analysis result to the terminal, the method may further include the following steps:
step S25, the first server receives the authorization verification result from one or more login devices of the terminal;
and step S26, if the first server determines that part or all of the one or more login devices belong to the unauthorized login device according to the authorization check result, the first server sends a first notification message to the second server, wherein the first notification message is used for notifying the second server to prohibit the current login account from logging in the unauthorized login device or limit the operation authority of the current login account on the unauthorized login device.
After the first server analyzes the log analysis result, the log analysis result is sent to the terminal and is presented on an application program display interface in a form such as a list, and a user can confirm which login equipment belongs to legally authorized white equipment and which login equipment belongs to illegally logged black equipment based on the log analysis result. For the black device which is confirmed to be marked by the user, the first server may mark the black device which is illegally logged in to the second server (i.e. a backend server corresponding to the shopping website, which performs a member account management function), and prohibit the current login account from performing login operations again on the marked black device, i.e. login fails, or may restrict the execution of account related operations on the marked black device even if the current login account can be successfully logged in again on the marked black device, for example: checking the personal information of the user, transferring account number related funds and the like.
Optionally, in step S24, after the first server sends the log analysis result to the terminal, the method may further include the following steps:
step S27, the first server receives the authorization verification result from one or more login devices of the terminal;
and step S28, if the first server determines that part or all of one or more login devices belong to authorized login devices according to the authorization check result, the first server sends a second notification message to a third server, wherein the second notification message is used for triggering the process of eliminating the authority verification when the current login account is operated on the authorized login devices.
For the white device marked by the user confirmation, the first server may send a notification message to a third server (having a computing function of scoring the credibility of the white device), so that the third server raises the security level of logging in the current login account on the white device, specifically, the higher the security score is set for the white device, the more authentication-free operations are performed on the white device, and finally, it may be achieved that any operation performed on the fully trusted white device is authentication-free. And then, the third server also sends a notification message to the second server, and informs the second server of the result of improving the security score of the white device, so that the second server controls the white device to avoid a corresponding verification process when the user executes the account related operation.
Under the operating environment, the application also provides another embodiment of the security verification method for logging in the account as shown in fig. 3. It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowcharts, in some cases, the steps illustrated or described may be performed in an order different than presented herein. FIG. 3 is a flow diagram of another method for security verification of a logged-in account according to an embodiment of the invention. As shown in fig. 3, the method may include the following process steps:
step S30, the terminal receives a log analysis result from the first server, wherein the log analysis result is obtained by analyzing a log file by the first server, the log file corresponds to a current login account on the terminal, the log file is used for monitoring the login status of the current login account on one or more login devices, and the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices;
in step S32, the terminal returns the authorization check result of the one or more login devices to the first server.
Optionally, before the terminal receives the log analysis result from the first server in step S30, the method may further include the following steps:
step S33, the terminal runs an application program and triggers real-name authentication and real-person authentication of the current login account;
and step S34, the terminal determines that the current login account passes real-name authentication and real-person authentication, and starts the function of security protection of the current login account by the application program.
Different from the existing third-party security protection software (such as a QQ security center), on the basis of collecting user images and uploading identity document information, the current login account number needs to be confirmed to really belong to the user, namely, the function of performing security protection on the current login account by an application program can be started only under the condition that the user is confirmed to belong to a real existing dynamic object and the current login account belongs to the user.
Optionally, in step S33, the terminal triggering real-name authentication on the current login account may include the following steps:
step S331, the terminal acquires a user name and a password corresponding to the current login account;
step S332, the terminal sends the user name and the password to a fourth server, wherein the fourth server is used for acquiring real-name authentication information associated with the current login account after the current login account is successfully verified according to the user name and the password;
in step S333, the terminal receives a first confirmation message from the fourth server, where the first confirmation message is used to indicate that the real-name authentication information exists.
The fourth server may be a backend server associated with the shopping website. After the user successfully logs in the shopping website by inputting the registered user name and password in the security protection application program, the fourth server may obtain real-name authentication information from a background server corresponding to the application with payment function associated with the shopping website, where the real-name authentication information at least includes: the name of the user, the gender of the user, and the identification document number of the user. And only under the condition that the real-name authentication information is really stored in the background server corresponding to the application with the payment function, the subsequent real-person authentication process is allowed to be executed, otherwise, the whole authentication process is automatically terminated, and error prompt information which does not conform to the information or does not exist is returned.
Optionally, in step S33, the terminal triggering real person authentication on the current login account may include the following steps:
step S334, the terminal acquires image information of an operator currently logging in the account, where the image information includes: the image of the operator in a static state and the image of the operator in a moving state;
step S335, the terminal sends the collected image information to a fifth server, wherein the fifth server is used for performing real person authentication on the current login account according to the collected image information;
in step S336, the terminal receives a second confirmation message from the fifth server, where the second confirmation message is used to indicate that the real-name authentication verification result is consistent with the real-name authentication verification result.
The third-party security protection application provided in the related art generally adopts the following procedures: scanning the face image of the user in a preset area → prompting the user to manually upload the front and back image information of the identity document → comparing the scanned face image of the user with the photo data of the identity document, and most of the images need manual verification, so that the authentication result cannot be obtained in real time, and if a malicious attacker is familiar with the operation rules, the verification process can be forged.
In contrast, in the preferred embodiment provided by the present application, the fifth server is responsible for completing the real person authentication process. The real person authentication process not only needs to shoot front images of a plurality of users in a static state at the same time, but also automatically selects one of the head images with the highest definition through a preset algorithm to be used as an image to be verified for storage; but also guides the user to complete various combinations of actions of the living body to ensure that the user currently operating the terminal is in an active state rather than a stationary state.
The above-mentioned various combinations of in vivo actions may include, but are not limited to: nodding head, shaking head left and right, opening mouth, randomly selecting combination, and prompting user to execute. And the random action combination in each authentication process is different from the action combination of the last authentication, so that a malicious attacker is prevented from mastering the verification rule, recording related action combinations in advance and attempting to realize malicious authentication.
After the personal image information uploaded by the user is acquired, the user does not need to be prompted to manually upload the front and back image information of the identity document, the corresponding identity document head portrait information is acquired from a third-party server authorized and checked by an official party according to the user identity document information (such as an identity document number) acquired from the real-name authentication information, and the obtained identity document head portrait information is automatically compared with the personal image information uploaded by the user, so that the real-person authentication process is completed.
Optionally, in step S32, after the terminal returns the authorization check result of the one or more login devices to the first server, the method may further include the following steps:
and step S35, the terminal seamlessly switches from the current login account to the operation page of the associated account to be operated.
The safety protection application program running on the terminal provided by the embodiment of the invention can support the addition of multiple types of account numbers, and supposing that a user respectively registers a shopping website personal account, a game client personal account, a bank card personal account and an application software personal account with a payment function, the personal accounts can be confirmed to belong to the same user really through the real-name authentication and real-person authentication processes, so that the safety protection application program can associate and simultaneously manage multiple accounts. On the white device marked by the user confirmation, the operation interface of directly jumping from the current login account to the associated account can be realized, and the verification process of the login interface is avoided.
The switching operation is mainly aimed at a user level, and a user clicks different accounts to complete verification-free switching operation; however, from the system level, a plurality of accounts managed simultaneously are currently in a running state, and no matter which account the user performs the relevant operation on, risk prompt information from other accounts can be received. In addition, the security protection application program is always in a running state on one device, and a plurality of accounts can be managed simultaneously. If the security class application is run instead on another device, the device on which the application was previously running needs to be taken off-line, for example: the application running on the previous device may be automatically culled when running on the other device. In the process of managing a plurality of accounts, different white devices and black devices may be set for each account. For example: the device A corresponding to the shopping website account is a white device, and the device B corresponding to the bank card account is a white device. The security protection application program does not run on the white devices marked by the confirmation marks, and only when the account related operation is executed, the authority verification operation can be avoided to different degrees according to the security score level of the white devices.
It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention.
Through the above description of the embodiments, those skilled in the art can clearly understand that the security verification method for logging in an account according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
Example 2
According to an embodiment of the present invention, an embodiment of an apparatus for implementing the security verification method for a login account is further provided, and fig. 4 is a block diagram of a security verification apparatus for a login account according to an embodiment of the present invention. As shown in fig. 4, the apparatus includes: the acquiring module 100 is configured to acquire a log file corresponding to a current login account, where the log file is used to monitor login conditions of the current login account on one or more login devices; the analysis module 102 is configured to analyze the log file to obtain a log analysis result, where the log analysis result is used to provide a judgment basis for authorization verification of one or more login devices; and a sending module 104, configured to send the log analysis result to the terminal.
Optionally, the parsing module 102 may include: an analyzing unit (not shown in the figure) for analyzing the login position information, the login time information and the login equipment information corresponding to the current login account from the log file; and a building unit (not shown in the figure) for building a mapping relationship between the current login account and the resolved login position information, login time information and login equipment information to obtain a log analysis result.
Alternatively, fig. 5 is a block diagram of a security verification apparatus for logging into an account according to a preferred embodiment of the present invention. As shown in fig. 5, the above apparatus further includes: a receiving module 106, configured to receive an authorization verification result from one or more login devices of the terminal; and a sending module 108, configured to send a first notification message to the second server if it is determined, according to the authorization check result, that part or all of the one or more login devices belong to a device which is not authorized to log in, where the first notification message is used to notify the second server that the current login account is prohibited from logging in on the device which is not authorized to log in or operation permission of the current login account on the device which is not authorized to log in is limited.
Optionally, the receiving module 106 is configured to receive an authorization verification result from one or more login devices of the terminal; the sending module 108 is further configured to send a second notification message to the third server if it is determined that some or all of the one or more login devices belong to a device authorized to log in according to the authorization check result, where the second notification message is used to trigger a process of eliminating the authorization verification when the current login account is operated on the device authorized to log in.
According to an embodiment of the present invention, another embodiment of an apparatus for implementing the above security verification method for a login account is further provided, and fig. 6 is a block diagram of another security verification apparatus for a login account according to an embodiment of the present invention. As shown in fig. 6, the apparatus includes: the receiving module 200 is configured to receive a log analysis result from the first server, where the log analysis result is obtained by analyzing a log file by the first server, the log file corresponds to a current login account on the terminal, the log file is used to monitor a login status of the current login account on one or more login devices, and the log analysis result is used to provide a judgment basis for authorization verification of the one or more login devices; a feedback module 202, configured to return an authorization check result of the one or more login devices to the first server.
Alternatively, fig. 7 is a block diagram of another security verification apparatus for logging into an account according to a preferred embodiment of the present invention. As shown in fig. 7, the above apparatus further includes: the triggering module 204 is used for running an application program and triggering real-name authentication and real-person authentication on the current login account; and the starting module 206 is configured to determine that the current login account passes real-name authentication and real-person authentication, and start a function of performing security protection on the current login account by the application program.
Optionally, the triggering module 204 includes: an acquisition unit (not shown in the figure) for acquiring a user name and a password corresponding to the current login account; a first sending unit (not shown in the figure) configured to send the user name and the password to a fourth server, where the fourth server is configured to obtain real-name authentication information associated with the current login account after the current login account is successfully verified according to the user name and the password; a first receiving unit (not shown in the figure) for receiving a first confirmation message from the fourth server, wherein the first confirmation message is used for indicating that the real-name authentication information exists.
Optionally, the triggering module 204 further includes: the system comprises a collecting unit (not shown in the figure) and a control unit, wherein the collecting unit is used for collecting image information of an operator who logs in an account currently, and the image information comprises: the image of the operator in a static state and the image of the operator in a moving state; a second sending unit (not shown in the figure) for sending the collected image information to a fifth server, wherein the fifth server is used for performing real person authentication on the current login account according to the collected image information; a second receiving unit (not shown in the figure) for receiving a second confirmation message from the fifth server, wherein the second confirmation message is used for indicating that the real-name authentication verification result is consistent with the real-name authentication verification result.
Optionally, as shown in fig. 7, the apparatus further includes: and the switching module 208 is configured to seamlessly switch from the current login account to the operation page of the associated account to be operated.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one type of division of logical functions, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (16)
1. A system for security verification of a login account, comprising:
the system comprises a first server, a second server and a third server, wherein the first server is used for acquiring a log file corresponding to a current login account, analyzing the log file and sending a log analysis result obtained by analysis to a terminal, the log file is used for monitoring the login condition of the current login account on one or more login devices, and the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices;
the terminal is configured to receive the log analysis result from the first server, and return an authorization check result of the one or more login devices to the first server, where the log analysis result is obtained by parsing a log file by the first server, the log file corresponds to a current login account on the terminal, the log file is used to monitor a login status of the current login account on the one or more login devices, the log analysis result is used to provide a judgment basis for authorization check of the one or more login devices, and the authorization check result includes information that the login device belongs to an unauthorized login device or an authorized login device.
2. The system according to claim 1, wherein the first server is configured to extract and analyze login location information, login time information, and login device information corresponding to the current login account from the log file, and establish a mapping relationship between the current login account and the extracted login location information, login time information, and login device information to obtain the log analysis result.
3. The system of claim 1, further comprising: a second server;
the first server is used for sending a first notification message to the second server when determining that part or all of the one or more login devices belong to unauthorized login devices according to the authorization check result;
the second server is configured to prohibit the current login account from logging in the unauthorized login device or limit an operation right of the current login account on the unauthorized login device according to the first notification message.
4. The system of claim 1, further comprising: a third server;
the first server is used for sending a second notification message to the third server when determining that part or all of the one or more login devices belong to authorized login devices according to the authorization check result;
and the third server is used for triggering the permission verification process when the current login account is operated on the authorized login equipment according to the second notification message.
5. A method for verifying the safety of a login account is characterized by comprising the following steps:
the method comprises the steps that a first server obtains a log file corresponding to a current login account, wherein the log file is used for monitoring the login condition of the current login account on one or more login devices;
the first server analyzes the log file to obtain a log analysis result, wherein the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices;
and the first server sends the log analysis result to a terminal and receives an authorization verification result of the one or more login devices from the terminal, wherein the authorization verification result comprises information that the login device belongs to an unauthorized login device or an authorized login device.
6. The method of claim 5, wherein the parsing the log file by the first server to obtain the log analysis result comprises:
the first server analyzes login position information, login time information and login equipment information corresponding to the current login account from the log file;
and the first server establishes a mapping relation between the current login account and the resolved login position information, login time information and login equipment information to obtain the log analysis result.
7. The method of claim 5, wherein after the first server sends the log analysis result to the terminal, the method further comprises:
the first server receives an authorization verification result of the one or more login devices from the terminal;
and if the first server determines that part or all of the one or more login devices belong to unauthorized login devices according to the authorization check result, sending a first notification message to a second server, wherein the first notification message is used for notifying the second server to prohibit the current login account from logging in the unauthorized login device or limit the operation authority of the current login account on the unauthorized login device.
8. The method of claim 5, wherein after the first server sends the log analysis result to the terminal, the method further comprises:
the first server receives an authorization verification result of the one or more login devices from the terminal;
and if the first server determines that part or all of the one or more login devices belong to authorized login devices according to the authorization verification result, sending a second notification message to a third server, wherein the second notification message is used for triggering the process of eliminating the authority verification when the current login account is operated on the authorized login devices.
9. The method of any of claims 5 to 8, wherein the one or more login devices comprise at least one of: one or more mobile terminals, one or more personal computers.
10. A method for verifying the safety of a login account is characterized by comprising the following steps:
the method comprises the steps that a terminal receives a log analysis result from a first server, wherein the log analysis result is obtained by analyzing a log file by the first server, the log file corresponds to a current login account on the terminal, the log file is used for monitoring the login condition of the current login account on one or more login devices, and the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices;
and the terminal returns an authorization check result of the one or more login devices to the first server, wherein the authorization check result comprises information that the login device belongs to unauthorized login devices or authorized login devices.
11. The method according to claim 10, before the terminal receives the log analysis result from the first server, further comprising:
the terminal runs an application program and triggers real-name authentication and real-person authentication on the current login account;
and the terminal determines that the current login account passes the real-name authentication and the real-person authentication, and starts a function of performing security protection on the current login account by the application program.
12. The method of claim 11, wherein the terminal triggering the real-name authentication of the current login account comprises:
the terminal acquires a user name and a password corresponding to the current login account;
the terminal sends the user name and the password to a fourth server, wherein the fourth server is used for acquiring real-name authentication information associated with the current login account after the current login account is successfully verified according to the user name and the password;
and the terminal receives a first confirmation message from the fourth server, wherein the first confirmation message is used for indicating that the real-name authentication information exists.
13. The method of claim 12, wherein the terminal triggering the real person authentication of the current login account comprises:
the terminal collects image information of the operator logging in the account currently, wherein the image information comprises: an image of the operator in a stationary state, an image of the operator in a moving state;
the terminal sends the acquired image information to a fifth server, wherein the fifth server is used for carrying out the real person authentication on the current login account according to the acquired image information;
and the terminal receives a second confirmation message from the fifth server, wherein the second confirmation message is used for indicating that the real-name authentication verification result is consistent with the real-name authentication verification result.
14. The method according to claim 10, further comprising, after the terminal returns the authorization check result of the one or more login devices to the first server:
and the terminal seamlessly switches from the current login account to the operation page of the associated account to be operated.
15. A security verification apparatus for logging into an account, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring a log file corresponding to a current login account, and the log file is used for monitoring the login condition of the current login account on one or more login devices;
the analysis module is used for analyzing the log file to obtain a log analysis result, wherein the log analysis result is used for providing a judgment basis for authorization verification of the one or more login devices;
and the sending module is used for sending the log analysis result to a terminal.
16. A security verification apparatus for logging into an account, comprising:
the system comprises a receiving module, a log analyzing module and a log analyzing module, wherein the log analyzing module is used for receiving a log analyzing result from a first server, the log analyzing result is obtained by analyzing a log file by the first server, the log file corresponds to a current login account on a terminal, the log file is used for monitoring the login condition of the current login account on one or more login devices, and the log analyzing result is used for providing a judgment basis for authorization verification of the one or more login devices;
and the feedback module is used for returning an authorization check result of the one or more login devices to the first server, wherein the authorization check result comprises information that the login device belongs to an unauthorized login device or an authorized login device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610630377.4A CN107689936B (en) | 2016-08-03 | 2016-08-03 | Security verification system, method and device for login account |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610630377.4A CN107689936B (en) | 2016-08-03 | 2016-08-03 | Security verification system, method and device for login account |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107689936A CN107689936A (en) | 2018-02-13 |
| CN107689936B true CN107689936B (en) | 2021-07-06 |
Family
ID=61151582
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610630377.4A Active CN107689936B (en) | 2016-08-03 | 2016-08-03 | Security verification system, method and device for login account |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107689936B (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108600172B (en) * | 2018-03-23 | 2020-11-24 | 广州广电研究院有限公司 | Method, device and equipment for detecting database collision attack and computer readable storage medium |
| CN108989150B (en) * | 2018-07-19 | 2021-03-26 | 新华三信息安全技术有限公司 | Login abnormity detection method and device |
| CN111327572B (en) * | 2018-12-14 | 2022-08-09 | 阿里巴巴集团控股有限公司 | Account behavior identification method, device and storage medium |
| CN109784031B (en) * | 2018-12-14 | 2021-08-17 | 奇安信科技集团股份有限公司 | Account identity verification processing method and device |
| CN109617901A (en) * | 2018-12-29 | 2019-04-12 | 上海点融信息科技有限责任公司 | Determine the method and device thereof of white list |
| CN109687955B (en) * | 2019-01-14 | 2022-03-11 | 合肥联宝信息技术有限公司 | Method and device for protecting data |
| CN109981611A (en) * | 2019-03-08 | 2019-07-05 | 北京顺丰同城科技有限公司 | A kind of safety defense method and device of multi-platform account |
| CN110335144B (en) * | 2019-07-10 | 2023-04-07 | 中国工商银行股份有限公司 | Personal electronic bank account security detection method and device |
| CN110505271B (en) * | 2019-07-11 | 2021-09-17 | 数字广东网络建设有限公司 | Method and device for acquiring electronic certificate, computer equipment and storage medium |
| WO2021026937A1 (en) * | 2019-08-15 | 2021-02-18 | 奇安信安全技术(珠海)有限公司 | Method and apparatus for checking login behavior, and system, storage medium and electronic apparatus |
| CN113660254A (en) * | 2021-08-12 | 2021-11-16 | 上海酷栈科技有限公司 | Cloud desktop distributed network terminal security access strategy, device and system |
| CN114389871A (en) * | 2021-12-31 | 2022-04-22 | 新浪网技术(中国)有限公司 | Automatic analysis method and device for abnormal login of account |
| CN115022349A (en) * | 2022-06-07 | 2022-09-06 | 杭州爱软测信息技术有限公司 | Cloud storage file access control system based on address service |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103457644A (en) * | 2012-05-29 | 2013-12-18 | 三星电子(中国)研发中心 | Method and portable terminals for backup of contact information |
| CN103546419A (en) * | 2012-07-09 | 2014-01-29 | 上海博路信息技术有限公司 | Login method |
| CN104468249A (en) * | 2013-09-17 | 2015-03-25 | 深圳市腾讯计算机系统有限公司 | Method and device for detecting abnormal account number |
| CN105553947A (en) * | 2015-12-08 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Methods and devices for finding account back, protecting account security and preventing account theft |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1835438B (en) * | 2006-03-22 | 2011-07-27 | 阿里巴巴集团控股有限公司 | Method of realizing single time accession between websites and website thereof |
| CN102325062A (en) * | 2011-09-20 | 2012-01-18 | 北京神州绿盟信息安全科技股份有限公司 | Abnormal login detecting method and device |
| CN104125062B (en) * | 2013-04-26 | 2016-04-27 | 腾讯科技(深圳)有限公司 | Login method and device, login authentication device, server, terminal and system |
| CN103532797B (en) * | 2013-11-06 | 2017-07-04 | 网之易信息技术(北京)有限公司 | A kind of User logs in method for monitoring abnormality and device |
| CN104980400A (en) * | 2014-04-08 | 2015-10-14 | 深圳市腾讯计算机系统有限公司 | Login access control method and login access control server |
| US9734313B2 (en) * | 2014-06-16 | 2017-08-15 | Huawei Technologies Co., Ltd. | Security mode prompt method and apparatus |
| CN105592014B (en) * | 2014-10-24 | 2019-02-15 | 阿里巴巴集团控股有限公司 | A kind of trusted terminal verification method, device |
| JP6476760B2 (en) * | 2014-10-31 | 2019-03-06 | 株式会社リコー | Information processing system, information processing apparatus, login method, and program |
| CN105227321B (en) * | 2015-10-28 | 2021-05-11 | 腾讯科技(深圳)有限公司 | Information processing method, server and client |
| CN105516138B (en) * | 2015-12-09 | 2019-02-15 | 广州密码科技有限公司 | A kind of verification method and device based on login log analysis |
-
2016
- 2016-08-03 CN CN201610630377.4A patent/CN107689936B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103457644A (en) * | 2012-05-29 | 2013-12-18 | 三星电子(中国)研发中心 | Method and portable terminals for backup of contact information |
| CN103546419A (en) * | 2012-07-09 | 2014-01-29 | 上海博路信息技术有限公司 | Login method |
| CN104468249A (en) * | 2013-09-17 | 2015-03-25 | 深圳市腾讯计算机系统有限公司 | Method and device for detecting abnormal account number |
| CN105553947A (en) * | 2015-12-08 | 2016-05-04 | 腾讯科技(深圳)有限公司 | Methods and devices for finding account back, protecting account security and preventing account theft |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107689936A (en) | 2018-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107689936B (en) | Security verification system, method and device for login account | |
| US11341475B2 (en) | System and method of notifying mobile devices to complete transactions after additional agent verification | |
| CN106797371B (en) | Method and system for user authentication | |
| CN106487511B (en) | Identity authentication method and device | |
| US8370899B2 (en) | Disposable browser for commercial banking | |
| KR101589192B1 (en) | Identity authentication and management device and method thereof | |
| Lee et al. | An empirical study of wireless carrier authentication for {SIM} swaps | |
| US10547624B2 (en) | Identity authentication method, apparatus, and system | |
| CN106453205B (en) | identity verification method and device | |
| CN107347049B (en) | Account authentication method and server | |
| CN107979467A (en) | Verification method and device | |
| CN105429943B (en) | Information processing method and terminal thereof | |
| US20150047019A1 (en) | Information processing method and electronic device | |
| TWI668586B (en) | Data communication method and system, client and server | |
| CN105721425B (en) | information processing method and electronic equipment | |
| CN110598383A (en) | Method and device for removing account permission limitation | |
| CN106921655B (en) | Service authorization method and device | |
| CN109413004B (en) | Verification method, device and equipment | |
| CN106033518B (en) | Information processing method and device | |
| CN106878018B (en) | Operation verification method and device | |
| SHAKIR | User authentication in public cloud computing through adoption of electronic personal synthesis behavior | |
| CN112041840A (en) | Authentication device | |
| CN113094671B (en) | Authorization method and device of personal cloud storage device and personal cloud storage device | |
| Krishnamoorthy et al. | A novel method to authenticate in website using CAPTCHA‐based validation | |
| Mohan et al. | Jeev Time: Secure Authentication Using Integrated Face Recognition in Social Media Applications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |