CN107979467B - Verification method and device - Google Patents

Verification method and device Download PDF

Info

Publication number
CN107979467B
CN107979467B CN201610922162.XA CN201610922162A CN107979467B CN 107979467 B CN107979467 B CN 107979467B CN 201610922162 A CN201610922162 A CN 201610922162A CN 107979467 B CN107979467 B CN 107979467B
Authority
CN
China
Prior art keywords
verification
information
signature
service request
signature information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610922162.XA
Other languages
Chinese (zh)
Other versions
CN107979467A (en
Inventor
费会
彭华熹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Communications Ltd Research Institute filed Critical China Mobile Communications Group Co Ltd
Priority to CN201610922162.XA priority Critical patent/CN107979467B/en
Publication of CN107979467A publication Critical patent/CN107979467A/en
Application granted granted Critical
Publication of CN107979467B publication Critical patent/CN107979467B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The embodiment of the invention discloses a verification method and a device, wherein the method is used for verifying a plug-in or a client and comprises the following steps: generating a verification code by self; displaying the verification code; acquiring user input formed based on the verification code display; generating a verification result based on the user input; and sending a service request to a service server based on the verification result. By adopting the scheme provided by the embodiment, the verification code can be automatically generated for off-line verification under the condition that the verification server does not participate, so that the phenomenon that the verification time delay is large or the verification cannot be carried out due to large load or faults of the verification server is avoided.

Description

Verification method and device
Technical Field
The invention relates to the technical field of information, in particular to an offline verification method and device.
Background
To ensure information security and property security, a device may need to be authenticated while performing some operation. Authentication is typically server dependent. However, if the authentication server fails, for example, the problems of hacking and overload operation, the problems of long authentication delay, insecure authentication or failure of authentication are easily caused, and further the problem that the service operation or application operation based on authentication cannot be performed is caused.
Disclosure of Invention
In view of this, the verification method and apparatus provided in the embodiments of the present invention are expected to at least partially solve the problem of long verification delay or failure in verification due to abnormal or excessive compliance of the verification server.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
a first aspect of an embodiment of the present invention provides a verification method for verifying a plug-in or a client, including:
generating a verification code by self;
displaying the verification code;
acquiring user input formed based on the verification code display;
generating a verification result based on the user input;
and sending a service request to a service server based on the verification result.
Based on the above scheme, the method further comprises:
requesting a verification code from a verification server;
the self-generated verification code comprises:
and when the verification server returns abnormal information or does not receive the verification code returned by the verification server within preset time, the verification server generates the verification code by itself.
Based on the above scheme, the sending a service request to a service server based on the verification result includes:
carrying out signature processing on the verification result to generate verification signature information;
sending a service request including the verification signature information to a service server; and the verification signature information is used for triggering the service server to respond to the service request when a first preset condition is met.
Based on the above scheme, the signing the verification result to generate verification signature information includes:
and when the verification result shows that the verification passes, performing signature processing on the verification result to obtain verification signature information.
Based on the above scheme, the signing the verification result to generate verification signature information includes:
acquiring first time information of current time;
performing signature processing on the verification result and the first time information to obtain verification signature information; wherein the first time information is used for the traffic server to determine whether to respond to the service request based on the first time information.
Based on the above scheme, the signing the verification result to generate verification signature information includes:
acquiring first application signature information of an application generating the service request;
performing signature processing on the verification result and the application signature information to obtain the verification signature information; the application signature information is used for preventing the service server from calling the application illegally.
Based on the above scheme, the signing the verification result to generate verification signature information includes:
acquiring equipment identification information;
performing signature processing on the verification result and the equipment identification information to obtain verification signature information; the device identification information is used for determining whether the current service request of the service server comes from legal equipment or not.
A second aspect of the embodiments of the present invention provides a verification method, including:
receiving a service request sent based on a verification plug-in or a client based on a verification result; the verification result is formed based on a verification code generated by the verification plug-in or the client;
and when the service request meets a second preset condition, responding to the service request.
Based on the above scheme, the receiving a service request sent based on an authentication plug-in or a client based on an authentication result includes:
receiving a service request including verification signature information; the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information;
the method further comprises the following steps:
processing the verification signature information by using a verification public key to obtain a first verification abstract;
processing the verification signature information by using a verification private key to obtain original information for generating the verification signature information; wherein the original information comprises at least the verification result;
carrying out signature processing on the original information to obtain a second verification abstract;
comparing the first verification digest with the second verification digest;
when the service request meets a second preset condition, responding to the service request comprises:
responding to the service request when the first verification digest and the second verification digest are consistent.
Based on the scheme, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and first time information;
the original information comprises the first time information;
the method further comprises the following steps:
acquiring second time information of the current time;
comparing the first time information with the second time information;
the responding to the service request when the first verification digest and the second verification digest are consistent includes:
and responding the service request when the time difference corresponding to the first time information and the second time information is within a preset range and the first verification abstract is consistent with the second verification abstract.
Based on the scheme, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first application signature information;
the signing the original information to obtain a second verification digest includes:
and performing signature processing on the verification result in the original information and the second application signature information of the legal application to obtain the second verification abstract.
Based on the scheme, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and equipment identification information;
the original information further comprises equipment identification information;
the method further comprises the following steps:
verifying the equipment validity according to the equipment identification information;
the responding to the service request when the first verification digest and the second verification digest are consistent includes:
and responding to the service request when the equipment is legal and the first verification abstract is consistent with the second verification abstract.
A third aspect of the embodiments of the present invention provides an authentication apparatus, located in an authentication plug-in or a client, including:
the generating unit is used for generating the verification code by self;
the display unit is used for displaying the verification code;
an acquisition unit configured to acquire a user input formed based on the verification code display;
an authentication unit for generating an authentication result based on the user input;
and the sending unit is used for sending the service request to the service server based on the verification result.
Based on the above scheme, the sending unit is further configured to request the verification code from the verification server;
the generating unit is specifically configured to generate the verification code by itself when the verification server returns the abnormal information or does not receive the verification code returned by the verification server within a predetermined time.
Based on the above scheme, the apparatus further comprises:
the signature unit is used for carrying out signature processing on the verification result to generate verification signature information;
the sending unit is specifically configured to send a service request including the verification signature information to a service server; and the verification signature information is used for triggering the service server to respond to the service request when a first preset condition is met.
Based on the above scheme, the signature unit is specifically configured to perform signature processing on the verification result to obtain the verification signature information when the verification result indicates that the verification passes.
Based on the scheme, the signature unit is specifically configured to obtain first time information of the current time; performing signature processing on the verification result and the first time information to obtain verification signature information; wherein the first time information is used for the traffic server to determine whether to respond to the service request based on the first time information.
Based on the above scheme, the signature unit is specifically configured to obtain first application signature information of an application that generates the service request; performing signature processing on the verification result and the application signature information to obtain the verification signature information; the application signature information is used for preventing the service server from calling the application illegally.
Based on the scheme, the signature unit is further configured to obtain device identification information; performing signature processing on the verification result and the equipment identification information to obtain verification signature information; the device identification information is used for determining whether the current service request of the service server comes from legal equipment or not.
A fourth aspect of the embodiments of the present invention provides a verification apparatus, including:
a receiving unit configured to receive a service request including verification signature information; the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information;
and the response unit is used for responding to the service request when the service request meets a second preset condition.
Based on the above scheme, the receiving unit is specifically configured to receive a service request including verification signature information; the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information;
the device further comprises:
the first obtaining unit is used for processing the verification signature information by using a verification public key to obtain a first verification abstract;
the second obtaining unit is used for processing the verification signature information by using a verification private key to obtain original information for generating the verification signature information; wherein the original information comprises at least the verification result;
a third obtaining unit, configured to perform signature processing on the original information to obtain a second verification digest;
a comparison unit, configured to compare the first verification digest with the second verification digest;
the response unit is used for responding to the service request when the first verification abstract is consistent with the second verification abstract.
Based on the scheme, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and first time information;
the original information comprises the first time information;
the comparison unit is further used for acquiring second time information of the current time;
comparing the first time information with the second time information;
the response unit is specifically configured to respond to the service request when a time difference between the first time information and the second time information is within a preset range and the first verification digest and the second verification digest are consistent.
Based on the scheme, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first application signature information;
the third obtaining unit is configured to perform signature processing on the verification information in the original information and the second signature information of the legal application to obtain a second verification digest.
Based on the scheme, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and equipment identification information;
the original information further comprises equipment identification information;
the device further comprises:
the verification unit is used for verifying the equipment validity according to the equipment identification information;
the response unit is further configured to respond to the service request when the device is legal and the first verification digest and the second verification digest are consistent.
The verification method and the device provided by the embodiment of the invention can generate verification by self to obtain a verification result; and sending a service request to the server based on the verification result, so that the verification can be performed as usual even if the verification server is abnormal, the problem that the verification time delay is long or the verification cannot be performed due to the fact that the verification server cannot return verification information such as verification codes in time can be solved, the verification efficiency is improved, and the probability of incapability of verification is reduced.
Drawings
Fig. 1 is a schematic flowchart of a first verification method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a second verification method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a first verification apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a second verification apparatus according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of an authentication plug-in according to an embodiment of the present invention;
fig. 6 is a flowchart illustrating a third verification method according to an embodiment of the present invention.
Detailed Description
The technical solution of the present invention is further described in detail with reference to the drawings and the specific embodiments of the specification.
As shown in fig. 1, the present embodiment provides an authentication method for authenticating a plug-in or a client, including:
step S110: generating a verification code by self;
step S120: displaying the verification code;
step S130: acquiring user input formed based on the verification code display;
step S140: generating a verification result based on the user input;
step S150: and sending a service request to a service server based on the verification result.
The execution subject of the authentication method in this embodiment may be an authentication plug-in running in the client or an operating system of the client itself.
In the embodiment, the verification plug-in or the client generates the verification code by itself and displays the verification code; and after the user sees the verification code, inputting verification information according to a verification prompt displayed at the same time or different time with the verification code to form the user input. The verification plug-in or the client compares the user input with the verification code, thereby obtaining the verification result. The verification result is true, that is, the user input is consistent with the generated verification code, and the verification result can be considered to represent that the verification is passed, otherwise, the verification is not passed. Based on the verification result, a service request is sent to the service server in step S150. For example, when the authentication is passed, the service request is sent to the business server, and when the authentication is not passed, the service request is not sent to the business server. The step S150 may further include carrying the verification result in the service request and sending the service request to a service server, so that the service server can respond to the service request according to the verification result. The verification result can be carried in the service request in a plaintext form or a ciphertext form and sent to the service server. For example, the verification result is carried in the service request and sent to the service server after signature processing.
The service request may include various service requests such as a login request for logging in an application, a website, or an account, a payment request for requesting payment, and a request for granting a view for viewing. After receiving the service request, the service server can determine whether the service request passes the verification through processing the verification signature information, and if the service request passes the verification, the service server can respond to the service request.
Therefore, the client does not need to interact with the authentication server to perform authentication, and the service server does not need to acquire the information whether the authentication passes or not from the authentication server. In this way, the problems that the verification server cannot be verified and the verification delay is large due to abnormal conditions such as downtime and overload operation and further the problem that the response time of the service request is large are not generated.
In this embodiment, the method further includes:
requesting a verification code from a verification server;
the step S110 may include:
and when the verification server returns abnormal information or does not receive the verification code returned by the verification server within preset time, the verification server generates the verification code by itself.
In this embodiment, before performing authentication, the authentication plug-in or the client first sends a request to the authentication server to request an authentication code. If the current verification server is abnormal, abnormal information can be recovered to the verification plug-in or the client, if the current load of the verification server is large, the verification plug-in or the client cannot respond to the verification plug-in or the client for a long time, the verification plug-in or the client generates a verification code by self, and the verification server does not continuously wait for the verification code to return, so that the verification failure is improved, the verification time delay is reduced, and the verification is ensured to be carried out smoothly.
In some embodiments, the step S150 may include:
step S151: carrying out signature processing on the verification result to generate verification signature information;
step S152: sending a service request including the verification signature information to a service server; and the verification signature information is used for triggering the service server to respond to the service request when a first preset condition is met.
In this embodiment, the verification is signed to generate verification signature information. The verification signature information is sent to the service server along with the service request. Therefore, the client does not need to interact with the authentication server to perform authentication, and the service server does not need to acquire the information whether the authentication passes or not from the authentication server. In this way, the problems that the verification server cannot be verified and the verification delay is large due to abnormal conditions such as downtime and overload operation and further the problem that the response time of the service request is large are not generated.
In some embodiments of the present invention, the,
the step S151 may include:
and when the verification result shows that the verification passes, performing signature processing on the verification result to obtain verification signature information.
The verification result indicates that the verification is passed, that is, the verification result is true, and if the verification result is false, it is obvious that the verification result is not passed. In this embodiment, in order to reduce the load of the service server, only when the verification result is true, the verification result is signed to obtain verification signature information. And when the verification result shows that the verification is not passed, namely the verification result is false, generating the verification code again by self for the next verification.
When generating the verification signature information in step S151, it is not limited to performing signature processing on the verification result, and other information may be also performed with the verification result, and several alternatives are provided below.
The first alternative is as follows:
the step S151 may include:
acquiring first time information of current time;
performing signature processing on the verification result and the first time information to obtain verification signature information; wherein the first time information is used for the traffic server to determine whether to respond to the service request based on the first time information.
The first time information may be information indicating a current time, such as a timestamp or a time point. In this way, after receiving the service request, the service server may obtain the first time information through information processing; and the service server finds that the verification signature information is formed very early according to the first time information, and if an attacker acquires the service request sent by the previous verification plug-in or client, the attacker does not respond to the service request, so that the aim of defending against attacks or repeatedly responding to the service request due to network confusion is achieved.
In a specific implementation, the step S151 may be to, when the verification result indicates that the verification is passed, obtain first time information of the current time, and avoid an invalid processing operation when the verification is not passed.
The second option is:
the step S151 may include:
acquiring first application signature information of an application generating the service request;
performing signature processing on the verification result and the application signature information to obtain the verification signature information; the application signature information is used for preventing illegal application from calling illegal service requests formed by corresponding functions of the verification plug-in or the client by the service server.
Therefore, the problems caused by that some applications which do not authorize to obtain the function of the verification plug-in or the client or some illegal applications maliciously call the function of the verification plug-in or the client are prevented, and the verification safety is improved.
Of course, in step S151, when the verification result is true, the first application signature information is acquired, and meanwhile, the verification result and the application signature information are signed to obtain verification signature information.
The optional mode three:
the step S151 may include:
when the verification result shows that the verification passes, acquiring equipment identification information;
performing signature processing on the verification result and the equipment identification information to obtain verification signature information; the device identification information is used for determining whether the current service request of the service server comes from legal equipment or not.
For example, the legitimate device may include a real device, and sometimes the verification plug-in may be installed on a virtual machine, or a device authorized for use, for example, when some services are only available to a paying user, the paying user may be identified by the device identification information. The user identification information can be identification information such as international equipment identification and the like so as to prevent illegal persons from stealing services by using illegal equipment such as a virtual machine and the like.
Of course, step S151 in this embodiment may also be a step of obtaining the device identification information when the verification result is determined to be true.
In a specific application process, the step S151 may include: when the verification result passes, acquiring first time information, application signature information and equipment identification information; the information is signed to obtain the verification signature information, so that the service server can conveniently perform the processing according to the verification signature information respectively, and the safety and the reliability of verification are ensured.
In order to improve the security of the verification, the verification result is also encrypted, and when one or more of the first time information, the application signature information and the device identification information are signed together with the verification result, the information can also be encrypted, so that the probability of stealing the information in the transmission process is reduced, and the information security is improved.
As shown in fig. 2, the present embodiment provides a verification method, including:
step S210: receiving a service request sent based on a verification plug-in or a client based on a verification result; the verification result is formed based on a verification code generated by the verification plug-in or the client;
step S220: and when the service request meets a second preset condition, responding to the service request.
The verification method described in this embodiment may be a method applied to a service server, and the service server will directly receive a service request including verification signature information from a client or a verification plug-in.
In this embodiment, the service request is sent based on the verification result, and the verification result is formed based on the verification code generated by the verification plug-in or the client, so that the method has the characteristics of short verification time delay and timely response of the service request.
The second preset condition may include responding to the service request when the verification result is true. For example, the verification result may be carried in the service request in a plaintext or a plaintext, so that the service server may check the verification result and determine whether to respond to the service according to the verification result.
In some embodiments, the step S210: receiving a service request including verification signature information; the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information;
the step S220 includes:
step S221: processing the verification signature information by using a verification public key to obtain a first verification abstract;
step S222: processing the verification signature information by using a verification private key to obtain original information for generating the verification signature information;
step S223: carrying out signature processing on the original information to obtain a second verification abstract;
step S224: comparing the first verification digest with the second verification digest;
step S225: responding to the service request when the first verification digest and the second verification digest are consistent.
And after receiving the verification signature information, processing the verification signature information by using the verification public key so as to obtain a first verification abstract corresponding to a verification result.
Meanwhile, the service server processes the verification information by using a verification private key to obtain original information, wherein the original information at least comprises the verification result of the boacka. And performing information processing on the original information by using a hash function and the like to obtain a second verification abstract.
The service server compares the first verification abstract with the second verification abstract, and when the two abstracts are consistent, the verification result can be considered to be not tampered, so that the safety and the reliability are ensured. In a specific implementation process, the verification signature information is generated based on a verification result indicating that the verification is passed, or the service server responds to the service request only when the verification result is determined to be true after obtaining the verification result.
In some embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first time information;
the original information comprises the first time information;
the method further comprises the following steps:
acquiring second time information of the current time;
comparing the first time information with the second time information;
the step S225 may include:
and responding the service request when the time difference corresponding to the first time information and the second time information is within a preset range and the first verification abstract is consistent with the second verification abstract.
Usually, once the generation of the signature information is verified, the signature information is immediately sent to the service server, and after the service server receives the service request, a time message is obtained. The time difference between the two time information should be small, otherwise if the currently obtained verification signature information is formed long before, the verification service information is stolen by an illegal person and then reused, which may cause the problems of insecurity of the service or repeated response of the service. Therefore, in this embodiment, the first time information and the second time information may be time stamps, and the two time differences are compared to find that the time points corresponding to the two time stamps are within a preset range, for example, when the time difference may be within a time range of 1 minute, 120 seconds, and the like, it may be considered that there is no security problem, and it is determined whether to respond to the service request by combining whether the two verification digests are consistent.
In some embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first application signature information; the step S225 may include: and performing signature processing on the verification result in the original information and the second application signature information of the legal application to obtain the second verification abstract. Because the first verification abstract is formed based on the first application signature information, and the second verification abstract is generated by utilizing the second verification signature information to replace the first application signature information, if the verification signature information is not subjected to illegal processing such as tampering, the first application signature information and the second application signature information are always required, the comparison of the two verification abstracts is not influenced, and the malicious attack of illegal application can be prevented.
In other embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first application signature information; the original information further comprises first application signature information; the method further comprises the following steps: comparing the first application signature information with second signature information of a legal application; the step S225 may include: and responding to the service request when the first application signature information and the second application signature information are compared and consistent and the first verification abstract and the second verification abstract are consistent.
In this embodiment, it is further determined that the first application signature information is provided by a verification plug-in or a client, and the second application signature information is stored in the service server. The service server stores application signature information of a legal application which can provide service, and the application signature information is called as second application signature information. If the first application signature information can be one of the second application signature information, the service request initiated by the legal application is confirmed, so that the safety and the reliability of verification are improved again.
In some embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the device identification information; the original information further comprises equipment identification information;
the method further comprises the following steps:
verifying the equipment validity according to the equipment identification information;
the step S225 may include:
and responding to the service request when the equipment is legal and the first verification abstract is consistent with the second verification abstract.
In this embodiment, the validity of the device can be known by obtaining the device identification information, for example, through verification of whether the device is legal, it can be determined whether the device or the client currently running the verification plug-in is a real device rather than a virtual machine, whether the device is an authorized device, and the like, so that the security and reliability of the verification are ensured again.
As shown in fig. 3, the present embodiment provides an authentication apparatus, located in an authentication plug-in or a client, including:
the generating unit 110 is used for generating the verification code by itself;
a display unit 120 for displaying the verification code;
an acquisition unit 130 for acquiring a user input formed based on the verification code display;
a sending unit 140, configured to send a service request to the service server based on the verification result.
The verification device of the present embodiment may correspond to the verification plug-in, or may correspond to the client having an offline verification function processing module. The verification plug-in can be installed in various devices, such as various electronic devices like mobile phones, tablet computers, notebook computers or wearable devices.
The generation unit 110 will generate the verification code itself. The verification code can be a text verification code or a picture verification code. Meanwhile, the generating unit 110 may also generate an authentication prompt message to prompt the user to perform authentication.
The display unit 120 may correspond to various structures capable of controlling a display screen to display, and the display screen may include a liquid crystal display, an electronic ink display, a projection display, or an organic light emitting diode O L ED, etc., and controls the display of the verification code, thereby facilitating the comparison and input of the user.
The obtaining unit 130 may obtain various user inputs corresponding to various human-computer interaction interfaces. The human-computer interaction interface can comprise a keyboard, a touch screen or a voice input interface and the like.
The transmitting unit 140 corresponds to a communication interface, which may be a wireless interface or a wired interface, and can facilitate communication.
In short, the embodiment provides a device, which can not perform verification under the condition of not interacting with the verification server, so that the verification efficiency is improved, and the phenomenon that the response of the service server to the service request is delayed is reduced.
In some embodiments, the sending unit 140 is further configured to request an authentication code from an authentication server;
the generating unit 110 is specifically configured to generate the verification code by itself when the verification server returns the abnormal information or does not receive the verification code returned by the verification server within a predetermined time.
In the device in this embodiment, only when it is determined that the verification server cannot provide the verification code in time, the verification code is generated by itself, and the verification result is generated by itself.
The device further comprises:
an authentication unit for generating an authentication result based on the user input;
the signature unit is used for carrying out signature processing on the verification result to generate verification signature information;
the sending unit 140 is configured to send a service request including the verification signature information to a service server; and the verification signature information is used for triggering the service server to respond to the service request when a first preset condition is met.
The verification unit and the signature unit may correspond to a processor or a processing circuit. The processor may include a central processing unit, microprocessor, digital signal processor, programmable array or application processor, or the like. The processing circuitry may comprise an application specific integrated circuit or the like. The processor or processing circuit may implement the above-described operations through execution of predetermined code.
In some embodiments, the signature unit is specifically configured to, when the verification result indicates that the verification passes, perform signature processing on the verification result to obtain the verification signature information. In the present embodiment, in order to reduce the processing load of the service server, the process of verifying the signature information is performed only when the verification result is true. In some embodiments, the generating unit 110 is configured to generate the verification code by itself again for the next verification when the verification result is false.
In some embodiments, the signature unit is specifically configured to obtain first time information of a current time; performing signature processing on the verification result and the first time information to obtain verification signature information; wherein the first time information is used for the traffic server to determine whether to respond to the service request based on the first time information. By the signature processing of the first time information, the service server can obtain the first time information, so that an attacker can be prevented from stealing data used by a verification plug-in or a client side and carrying out re-service request, the safety is improved again, and the problem of repeated request caused by network delay can be reduced.
In some embodiments, the signature unit is specifically configured to obtain first application signature information of an application that generates the service request; performing signature processing on the verification result and the application signature information to obtain the verification signature information; the application signature information is used for preventing the service server from calling the application illegally. In this embodiment, the signature unit further generates verification signature information by acquiring the first application signature information and combining the first application signature information, so that malicious operations of illegal applications can be prevented, and the security is improved again.
In some embodiments, the signature unit is further configured to obtain device identification information; performing signature processing on the verification result and the equipment identification information to obtain verification signature information; the device identification information is used for determining whether the current service request of the service server comes from legal equipment or not. In this embodiment, the verification signature information is obtained at least based on the verification result and the device identification information, so that the service server can determine whether the service request is sent by a legal device, and the security is improved again.
As shown in fig. 4, the present embodiment further provides another verification apparatus, including:
a receiving unit 210 for receiving a service request including verification signature information; the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information;
a responding unit 220, configured to respond to the service request when the service request satisfies a second preset condition.
The verification device described in this embodiment may be a device applied to a service server. The receiving unit 210 may comprise a receiving interface capable of receiving the service request, where the service request carries the verification signature information.
The response unit 220 may correspond to a processor or a processing circuit. The structure of the processor and the processing circuit can be referred to the corresponding parts of the foregoing embodiments, and will not be repeated here.
In some embodiments, the receiving unit is specifically configured to receive a service request including verification signature information; the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information; the device further comprises: the first obtaining unit is used for processing the verification signature information by using a verification public key to obtain a first verification abstract; the second obtaining unit is used for processing the verification signature information by using a verification private key to obtain original information for generating the verification signature information; wherein the original information comprises at least the verification result; a third obtaining unit, configured to perform signature processing on the original information to obtain a second verification digest; a comparison unit, configured to compare the first verification digest with the second verification digest; the responding unit 220 is configured to respond to the service request when the first verification digest and the second verification digest are consistent.
The first obtaining unit, the second obtaining unit, the third obtaining unit, the comparing unit and the responding unit 220 may correspond to a processor or a processing circuit. The structure of the processor and the processing circuit can be referred to the corresponding parts of the foregoing embodiments, and will not be repeated here.
In some embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first time information; the original information comprises the first time information; the comparison unit is further used for acquiring second time information of the current time; comparing the first time information with the second time information; the responding unit 220 is specifically configured to respond to the service request when the time difference between the first time information and the second time information is within a preset range and the first verification digest and the second verification digest are consistent.
In some embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first application signature information; the third obtaining unit is configured to perform signature processing on the verification information in the original information and the second signature information of the legal application to obtain a second verification digest. The second verification digest generated in this way can verify whether the service request is sent by a legitimate application.
In some embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the first application signature information; the original information further comprises first application signature information; the comparison unit is also used for comparing the first application signature information with second signature information of legal application; the responding unit 220 is specifically configured to respond to the service request when the first application signature information and the second application signature information are consistent in pair and the first verification digest and the second verification digest are consistent.
In some embodiments, the verification signature information is generated based on a verification result of verification performed by a verification code generated by the verification signature information and the device identification information; the original information further comprises equipment identification information; the device further comprises: the verification unit is used for verifying the equipment validity according to the equipment identification information; the responding unit 220 is further configured to respond to the service request when the device is legal and the first verification digest and the second verification digest are consistent. The authentication unit here may equally correspond to the aforementioned processor or processing circuit.
Several specific examples are provided below in connection with any of the embodiments described above:
example one:
the present example provides a verification plug-in. The verification plug-in can be installed for use in the client. The verification plug-in locally generates a verification code, provides verification code display, collects user input and verifies the user input, if the verification is passed, the verification result is subjected to digital signature processing, and then a login request is sent to the service server; and the service server verifies the digital signature of the verification result, confirms that the verification result is not tampered, and obtains the verification result from a reliable client request. By the scheme, the local generation and verification of the verification code are realized, the problem that the service cannot normally run under the condition that the verification server is down due to hacker attack or machine failure in the prior art is solved, and meanwhile, the service server verifies the digital signature of the data transmitted by the mobile client, including the verification result, the timestamp, the equipment information and the application signature information, so that the reliability and the integrity of the data transmitted by the client are guaranteed, and the possibility of external tampering is prevented.
The client-side verification plug-in is embedded in the application in the form of a Software Development Kit (SDK). The client provided in this embodiment may be a mobile client or a fixed client.
As shown in fig. 5, the verification plug-in includes:
the verification server abnormity identification module is used for verifying the verification abnormity identification of the server, and specifically can be used for requesting a verification code from the verification server and detecting the return information of the verification server, and if the abnormal information is returned or the verification code is not obtained within preset time, the verification abnormity is considered to occur;
the verification code generation module is used for locally and automatically generating a verification code; the verification generation module corresponds to the generation unit 110 in the foregoing embodiment;
the verification code display module is used for controlling the display of the locally generated verification code; the verification code display module is equivalent to the display unit 120;
the user input answer collecting module is used for collecting user input of the display of the user based on the verification code; the user input answer collecting module is equivalent to the structure of the obtaining unit 120;
the user input answer verification module is used for verifying the user input to form a verification result; the user input answer verification module is equivalent to the verification unit;
the verification result digital signature module is used for carrying out signature processing on a verification result which shows that the verification passes to form verification signature information; the verification result digital signature module is equivalent to the signature unit;
and the verification result encryption module is used for encrypting the verification result.
The modules are implemented in code provided by a predetermined file, for example, a so file, and have been obfuscated to prevent malicious hacking.
Example two:
as shown in fig. 6, the present example provides a verification method including:
step 1: the client or the verification plug-in requests the verification code from the verification code service.
Step 2: the verification server is down or the request quantity is too much to respond in time due to the reasons of hacker attack, machine failure and the like.
And step 3: the authentication server returns exception information, which may include a network connection error code, such as a connection timeout, network request unreachable, and the like. The exception code may include 404, etc.
And 4, step 4: the verification plug-in locally generates the verification code by itself and displays the verification code on the client.
And 5: and acquiring a verification answer input by the user.
Step 6: and the verification plug-in verifies the verification answer input by the user to obtain a verification result.
And 7: and if the verification result is true, the verification plug-in carries out digital signature on the verification result, the timestamp, the equipment fingerprint information and the application signature information, and sends a verification request to the service server. The device fingerprint information is one of the aforementioned device identification information. The steps may specifically include: the verification result digital signature module firstly acquires the current time stamp, the equipment fingerprint information and the application signature information. The verification result digital signature module generates a verification result, a timestamp, equipment fingerprint information and an abstract of application signature information by using a Hash function, and then encrypts the abstract by using a safety private key stored in the SDK to generate a digital signature containing the verification result. If the verification result is false, the verification plug-in continues to generate a new verification code.
And 8: and the service server verifies the requested data and confirms the reliability and integrity of the requested data.
And step 9: and the service server returns a final verification result.
And under the condition that the verification result is true, the verification plug-in sends a login request to the service server, and the specific flow is as follows: the verification plug-in carries out encryption processing on the verification result and sends the digital signature containing the verification result, the encrypted verification result, the timestamp, the equipment fingerprint information and the like to the service server. The method comprises the following steps that a service server processes data requested by a client, wherein the service server safely stores a public key for digital signature verification, a private key for decryption of a verification result and application signature information, and the method specifically comprises the following steps:
and the service server analyzes the data requested by the client to obtain a digital signature containing a verification result, a timestamp, equipment fingerprint information, an encrypted verification result and the like.
And the service server decrypts the requested digital signature containing the verification result through the locally stored public key to obtain the abstract containing the verification result.
The service server decrypts the encrypted verification result through a locally stored private key, and then generates the verification result, a timestamp, device fingerprint information and a digest of locally stored application signature information through a hash function.
And comparing the two abstracts respectively obtained in the steps to determine whether the two abstracts are consistent, wherein if the two abstracts are consistent, the data requested by the client is not tampered, and the input answer of the user verification code is correct. And under the condition of consistency in comparison, comparing whether the difference value between the timestamp and the local timestamp acquired by the service server exceeds 120 seconds, and if yes, failing to pass the verification. Through comparison of the time stamps, an attacker can be effectively prevented from forging the data of the client and repeatedly sending login requests. On the other hand, the comparison is consistent, which shows that the signature information of the client sending the login request is consistent with the local application signature information of the service server, thereby effectively preventing the verification plug-in from being called by malicious applications.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, all the functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may be separately used as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: a mobile storage device, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (22)

1. An authentication method for authenticating a plug-in or a client, comprising:
requesting a verification code from a verification server;
generating a verification code by self; wherein the self-generated verification code comprises: when the verification server returns abnormal information or does not receive the verification code returned by the verification server within preset time, the verification server generates the verification code by itself;
displaying the verification code;
acquiring user input formed based on the verification code display; wherein the user input formed based on the verification code display comprises: inputting verification information based on a verification prompt displayed by the verification code; forming the user input based on the verification information;
generating a verification result based on the user input;
based on the verification result, sending a service request to a service server; wherein the sending a service request to a service server based on the verification result comprises: carrying out signature processing on the verification result to generate verification signature information; and sending a service request comprising the verification signature information to a business server.
2. The method of claim 1,
and the verification signature information is used for triggering the service server to respond to the service request when a first preset condition is met.
3. The method of claim 2,
the signing the verification result to generate verification signature information includes:
and when the verification result shows that the verification passes, performing signature processing on the verification result to obtain verification signature information.
4. The method of claim 2,
the signing the verification result to generate verification signature information includes:
acquiring first time information of current time;
performing signature processing on the verification result and the first time information to obtain verification signature information; wherein the first time information is used for the traffic server to determine whether to respond to the service request based on the first time information.
5. The method of claim 2,
the signing the verification result to generate verification signature information includes:
acquiring first application signature information of an application generating the service request;
performing signature processing on the verification result and the first application signature information to obtain the verification signature information; the first application signature information is used for preventing illegal application from calling illegal service requests formed by corresponding functions of the verification plug-in or the client side by the service server.
6. The method of claim 2,
the signing the verification result to generate verification signature information includes:
acquiring equipment identification information;
performing signature processing on the verification result and the equipment identification information to obtain verification signature information; wherein the device identification information is used for the service server to determine whether the current service request is from a legal device.
7. A method of authentication, comprising:
receiving a service request sent by an authentication plug-in or a client based on an authentication result;
the verification result is formed by user input formed by verification code display generated by the verification plug-in or the client; wherein, the user input formed based on the verification code display generated by the verification plug-in or the client comprises: inputting verification information based on a verification prompt displayed by the verification code; forming the user input based on the verification information; wherein, the verification plug-in or the client generates the verification code by itself, including: when the verification server returns abnormal information or does not receive the verification code returned by the verification server within preset time, the verification plug-in or the client generates the verification code by self;
when the service request meets a second preset condition, responding to the service request;
wherein, the receiving of the service request sent by the verification plug-in or the client based on the verification result includes: receiving a service request including verification signature information; the verification signature information is generated based on a verification result of verification performed by a self-generated verification code.
8. The method of claim 7,
the method further comprises the following steps:
processing the verification signature information by using a verification public key to obtain a first verification abstract;
processing the verification signature information by using a verification private key to obtain original information for generating the verification signature information; wherein the original information comprises at least the verification result;
carrying out signature processing on the original information to obtain a second verification abstract;
comparing the first verification digest with the second verification digest;
when the service request meets a second preset condition, responding to the service request comprises:
responding to the service request when the first verification digest and the second verification digest are consistent.
9. The method of claim 8,
the verification signature information is generated based on a verification result of verification performed by a self-generated verification code and first time information;
the original information comprises the first time information;
the method further comprises the following steps:
acquiring second time information of the current time;
comparing the first time information with the second time information;
the responding to the service request when the first verification digest and the second verification digest are consistent includes:
and responding the service request when the time difference corresponding to the first time information and the second time information is within a preset range and the first verification abstract is consistent with the second verification abstract.
10. The method of claim 8,
the verification signature information is generated based on a verification result of verification performed by a self-generated verification code and the first application signature information;
the signing the original information to obtain a second verification digest includes:
and performing signature processing on the verification result in the original information and the second application signature information of the legal application to obtain the second verification abstract.
11. The method of claim 8,
the verification signature information is generated based on a verification result of verification performed by a self-generated verification code and equipment identification information;
the original information further comprises equipment identification information;
the method further comprises the following steps:
verifying the equipment validity according to the equipment identification information;
the responding to the service request when the first verification digest and the second verification digest are consistent includes:
and responding to the service request when the equipment is legal and the first verification abstract is consistent with the second verification abstract.
12. An authentication apparatus, located in an authentication plug-in or a client, comprising:
the generating unit is used for generating the verification code by self; the generation unit is specifically used for generating a verification code by itself when the verification server returns abnormal information or the verification code returned by the verification server is not received within a preset time; the display unit is used for displaying the verification code;
an acquisition unit configured to acquire a user input formed based on the verification code display; wherein the user input formed based on the verification code display comprises: inputting verification information based on a verification prompt displayed by the verification code; forming the user input based on the verification information;
an authentication unit for generating an authentication result based on the user input;
the signature unit is used for carrying out signature processing on the verification result to generate verification signature information;
a sending unit, configured to send a service request to a service server based on the verification result; wherein the sending the service request to the service server includes: sending a service request including the verification signature information to a service server;
the sending unit is further configured to request the verification code from the verification server.
13. The apparatus of claim 12,
and the verification signature information is used for triggering the service server to respond to the service request when a first preset condition is met.
14. The apparatus of claim 13,
the signature unit is specifically configured to, when the verification result indicates that verification passes, perform signature processing on the verification result to obtain the verification signature information.
15. The apparatus of claim 13,
the signature unit is specifically used for acquiring first time information of the current time; performing signature processing on the verification result and the first time information to obtain verification signature information; wherein the first time information is used for the traffic server to determine whether to respond to the service request based on the first time information.
16. The apparatus of claim 13,
the signature unit is specifically configured to acquire first application signature information of an application that generates the service request; performing signature processing on the verification result and the first application signature information to obtain the verification signature information; the first application signature information is used for preventing illegal application from calling illegal service requests formed by corresponding functions of the verification plug-in or the client side by the service server.
17. The apparatus of claim 13,
the signature unit is further used for acquiring equipment identification information; performing signature processing on the verification result and the equipment identification information to obtain verification signature information; wherein the device identification information is used for the service server to determine whether the current service request is from a legal device.
18. An authentication apparatus, comprising:
a receiving unit configured to receive a service request including verification signature information; wherein the verification signature information is formed based on a user input formed from a self-generated verification code display; wherein the displaying of the formed user input based on the self-generated passcode comprises: inputting verification information based on a verification prompt displayed by the verification code; forming the user input based on the verification information; wherein the self-generated verification code comprises: when the verification server returns abnormal information or does not receive the verification code returned by the verification server within preset time, the verification plug-in or the client generates the verification code by self;
the response unit is used for responding to the service request when the service request meets a second preset condition;
the receiving unit is specifically configured to receive a service request including verification signature information; and the verification signature information is generated based on a verification result of verification performed by the self-generated verification code.
19. The apparatus of claim 18, further comprising:
the first obtaining unit is used for processing the verification signature information by using a verification public key to obtain a first verification abstract;
the second obtaining unit is used for processing the verification signature information by using a verification private key to obtain original information for generating the verification signature information; wherein the original information comprises at least the verification result;
a third obtaining unit, configured to perform signature processing on the original information to obtain a second verification digest;
a comparison unit, configured to compare the first verification digest with the second verification digest;
the response unit is used for responding to the service request when the first verification abstract is consistent with the second verification abstract.
20. The apparatus of claim 19,
the verification signature information is generated based on a verification result of verification performed by a self-generated verification code and first time information;
the original information comprises the first time information;
the comparison unit is further used for acquiring second time information of the current time;
comparing the first time information with the second time information;
the response unit is specifically configured to respond to the service request when a time difference between the first time information and the second time information is within a preset range and the first verification digest and the second verification digest are consistent.
21. The apparatus of claim 19,
the verification signature information is generated based on a verification result of verification performed by a self-generated verification code and the first application signature information;
and the third obtaining unit is used for performing signature processing on the verification result in the original information and the second application signature information of the legal application to obtain a second verification abstract.
22. The apparatus of claim 19,
the verification signature information is generated based on a verification result of verification performed by a self-generated verification code and equipment identification information;
the original information further comprises equipment identification information;
the device further comprises:
the verification unit is used for verifying the equipment validity according to the equipment identification information;
the response unit is further configured to respond to the service request when the device is legal and the first verification digest and the second verification digest are consistent.
CN201610922162.XA 2016-10-21 2016-10-21 Verification method and device Active CN107979467B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610922162.XA CN107979467B (en) 2016-10-21 2016-10-21 Verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610922162.XA CN107979467B (en) 2016-10-21 2016-10-21 Verification method and device

Publications (2)

Publication Number Publication Date
CN107979467A CN107979467A (en) 2018-05-01
CN107979467B true CN107979467B (en) 2020-07-21

Family

ID=62004010

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610922162.XA Active CN107979467B (en) 2016-10-21 2016-10-21 Verification method and device

Country Status (1)

Country Link
CN (1) CN107979467B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110798436B (en) * 2018-08-03 2021-10-12 广州小鹏汽车科技有限公司 Verification code verification method and device
CN110808943B (en) * 2018-08-06 2022-04-29 中兴通讯股份有限公司 Client connection emergency management method, client and computer readable storage medium
CN109214425B (en) * 2018-08-07 2022-04-12 歌尔股份有限公司 Picture verification method, picture processing method, equipment and system
CN109190332A (en) * 2018-08-15 2019-01-11 杭州安恒信息技术股份有限公司 A kind of License Authentication method, system and the relevant device of product
CN112214751A (en) * 2019-07-11 2021-01-12 上海游昆信息技术有限公司 Verification code generation method and device
US11798342B2 (en) * 2019-11-25 2023-10-24 International Business Machines Corporation Managing physical objects using crypto-anchors
US11397760B2 (en) 2019-11-25 2022-07-26 International Business Machines Corporation Managing relationships between persons and physical objects based on physical fingerprints of the physical objects
CN113259319B (en) * 2021-04-12 2023-05-12 杭州顶象科技有限公司 Verification processing method and system
CN115296828A (en) * 2022-03-28 2022-11-04 广东白云学院 Verification method, verification device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102231746A (en) * 2011-07-11 2011-11-02 华为技术有限公司 Method for validating identification information and terminal thereof
CN102263792A (en) * 2011-08-05 2011-11-30 常钧 Wireless security key equipment, electronic commerce service system and method
CN105933315A (en) * 2016-04-21 2016-09-07 浪潮集团有限公司 Network service security communication method, device and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102238193A (en) * 2011-08-09 2011-11-09 深圳市德卡科技有限公司 Data authentication method and system using same
US9392456B2 (en) * 2013-09-24 2016-07-12 Telesign Corporation Call center SMS verification system and method
CN105095705B (en) * 2015-05-19 2018-04-10 努比亚技术有限公司 A kind of information processing method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102231746A (en) * 2011-07-11 2011-11-02 华为技术有限公司 Method for validating identification information and terminal thereof
CN102263792A (en) * 2011-08-05 2011-11-30 常钧 Wireless security key equipment, electronic commerce service system and method
CN105933315A (en) * 2016-04-21 2016-09-07 浪潮集团有限公司 Network service security communication method, device and system

Also Published As

Publication number Publication date
CN107979467A (en) 2018-05-01

Similar Documents

Publication Publication Date Title
CN107979467B (en) Verification method and device
KR101759193B1 (en) Network authentication method for secure electronic transactions
US9838205B2 (en) Network authentication method for secure electronic transactions
US10742626B2 (en) Method for key rotation
CN100447763C (en) Safety chip and information safety processor and processing method
CN107645381B (en) Security verification implementation method and device
JP2008269610A (en) Protecting sensitive data intended for remote application
CN112765684B (en) Block chain node terminal management method, device, equipment and storage medium
US20160261582A1 (en) System for secure login, and method and apparatus for same
CN108335105B (en) Data processing method and related equipment
CN111539720B (en) Credible transaction method and system based on digital currency
CN102609656A (en) USB (universal serial bus) key safety enhancing method and USB key safety enhancing system based on image identification
CN107566413B (en) Smart card security authentication method and system based on data short message technology
CN114444134A (en) Data use authorization method, system and device
CN114244522A (en) Information protection method and device, electronic equipment and computer readable storage medium
CN106712959B (en) method and system for realizing communication security
CN103686712A (en) Network connecting method and electronic device
CN107548542B (en) User authentication method with enhanced integrity and security
CN113032753A (en) Identity verification method and device
US20150170150A1 (en) Data verification
CN114510688A (en) Equipment unlocking method and device, computer readable storage medium and electronic equipment
CN111245616B (en) Authentication method, device, equipment and storage medium for network communication
CN105323287B (en) Third-party application program login method and system
JP6497841B2 (en) Network connection method and electronic device
CN112449143B (en) Implementation method and implementation system of secure video

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant