CN108023865A - A kind of verification method - Google Patents
A kind of verification method Download PDFInfo
- Publication number
- CN108023865A CN108023865A CN201610969894.4A CN201610969894A CN108023865A CN 108023865 A CN108023865 A CN 108023865A CN 201610969894 A CN201610969894 A CN 201610969894A CN 108023865 A CN108023865 A CN 108023865A
- Authority
- CN
- China
- Prior art keywords
- fingerprint
- information
- verification
- feature information
- external equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The present invention provides a kind of verification method based on device-fingerprint collection.Including:Selected in the checking request slave device fingerprint database inputted according to external equipment with the matched fingerprint feature information of the external equipment to generate the first fingerprint identifier, the selection includes being made according at least one fisrt feature information of the external equipment, and first fingerprint identifier includes transferring the solicited message of at least one second feature information from the external equipment;First fingerprint identifier is sent, and receives the information of the first fingerprint identifier described in the external-device response and the second feature information transferred, is matched again with first fingerprint identifier to pass through verification based on the second feature information.The present invention can be solved in the prior art, because note data, which is revealed, causes secondary short-message verification to fail the problem of by device-fingerprint acquisition technique.
Description
Technical field
The invention belongs to information security field, especially terminal identity identification technology, and in particular, to one kind is based on equipment
The verification method of fingerprint collecting, a kind of verification method of user terminal.
Background technology
With the popularization of Internet technology, people carry out work by the service that the major Internet firm of exclusive account provides
Make, entertain, learning etc., but these service the problems such as often involving money and privacy again.User account secure context is being protected,
The major Internet firm's common practice for providing terminal service is to need user to bind a cell-phone number in register account number, and
Determine that the cell-phone number belongs under the control of user by way of short-message verification.Terminal server can pass through binding
Cell-phone number carries out user identification confirmation, i.e., terminal server received a certain request from user account when, such as pass through the account
Family payment etc., terminal server may require that user inputs short message verification code, and send a short message to binding cell-phone number.User's
It will be subject to a short message containing verification on mobile phone, by inputting the identifying code, can be known by the identity of terminal server
Not, subsequent operation is carried out.
Although clear and definite active user's account can be effectively verified by way of binding cell-phone number and sending short message verification code
The identity of number user, still, sends in plain text, is intercepted and forwards in the way that communicate and loses security, also all kinds of use
Human Engineering deception victim leak identifying code fraud, for be all this weakness.With mobile terminal function increasingly
Abundant, attacker can be read out information, intercept, change or reset by being implanted into wooden horse in mobile terminal.
For how to solve to cause the technical problem of secondary short-message verification failure because note data is revealed.The prior art carries
Some solutions have been supplied, such as Application No. 201410003145.7, short-message verification system and verification method, its short message provided
Verification system includes short-message verification module and encrypting module, and short-message verification module is arranged in mobile electronic device and generates movement
Electronic equipment identity coding, what encrypting module was arranged in background server and need to be sent background server according to identity coding
Generation encrypted authentication code is encrypted in short message verification code, and encrypted authentication code is encoded and carried out by short-message verification module according to machine identity
Decrypt to obtain short message verification code and need to submit according to user.The identifying code that the short-message verification system sends needs utilizes machine
Device identity coding is encrypted, and user is decrypted using short-message verification module can obtain real short message verification code, so that
Avoid the attacker after SIM card is stolen or is replicated from obtaining the identifying code that background server is sent, ensure the property peace of user
Entirely.The core of the technical solution is to need to be encrypted and decrypted using machine identity coding, and machine identity coding is once lost
Lose, equally exist the risk that identifying code is stolen.
At this stage, the extraordinary side's technical solution of neither one solves the problems, such as mentioned above.
The content of the invention
Technical solution of the present invention solve technical problem be:Cause secondary short-message verification failure because note data is revealed
Technical problem.
In order to solve the above-mentioned technical problem, technical solution of the present invention provides a kind of authentication based on device-fingerprint collection
Method, including:
Selection is matched with the external equipment in the checking request slave device fingerprint database inputted according to external equipment
For fingerprint feature information to generate the first fingerprint identifier, the selection includes at least one first according to the external equipment
Characteristic information is made, and first fingerprint identifier includes transferring at least one second feature information from the external equipment
Solicited message;
First fingerprint identifier is sent, and receives the first fingerprint identifier described in the external-device response
Information and the second feature information transferred, are matched again based on the second feature information with first fingerprint identifier
To pass through verification.
Optionally, further include:
The checking request inputted according to external equipment generates verification code information;
The verification code information is sent while the fingerprint identifier is sent;
Identifying code matching is carried out according to external equipment input validation code;
If first fingerprint identifier matches again and identifying code successful match, pass through verification.
Optionally, selection and the outside in the checking request slave device fingerprint database inputted according to external equipment
The matched fingerprint feature information of equipment further includes:If the fingerprint feature information of first fingerprint identifier is special with described first
Reference breath unanimously then exports first fingerprint identifier.
Optionally, selection and the outside in the checking request slave device fingerprint database inputted according to external equipment
The matched fingerprint feature information of equipment further includes:The fisrt feature information of the external equipment is gathered according to the checking request.
Optionally, it is described based on the second feature information and first fingerprint identifier match again including:Base
Selected in the second feature information from the device-fingerprint database and the fingerprint characteristic of the second feature information matches
Information is to generate the second fingerprint identifier;Judge second fingerprint identifier and the first fingerprint identifier whether one
Cause.
Optionally, it is described based on the second feature information and first fingerprint identifier match again including:Sentence
Whether the second feature information of breaking is consistent with the fingerprint feature information of first fingerprint identifier.
Optionally, the characteristic information includes:In the hardware attributes of the external equipment, software attributes, behavior property
At least one information.
Optionally, the characteristic information includes:The equipment operation system extracted from the agreement of the external device data bag
System, protocol stack and the relevant feature of network state.
Optionally, the characteristic information includes:In the unique identification of the external equipment, MAC Address, screen message extremely
A kind of few information.
Optionally, the first/second characteristic information includes:The hardware attributes of the external equipment, software attributes, behavior
At least one of attribute information, the fingerprint feature information include:The unique identification of the external equipment, MAC Address, screen
At least one of information information;
Judge that the fingerprint feature information step consistent with the first/second characteristic information includes:
Identify the unique identification of the external equipment in the first/second characteristic information, MAC Address, screen message
At least one of information;
It is compared according to the information identified with the fingerprint feature information.
Optionally, the fingerprint identifier and the verification code information are sent with the communication pattern of short message.
Optionally, the identifying code URL, the URL that the short message includes generating at random are suitable for according to the click of user behaviour
Make to be directed toward the verification page and send transferred second feature information and input validation code to server.
In order to solve the above-mentioned technical problem, technical solution of the present invention additionally provides a kind of verification method of user terminal, bag
Include:
User terminal submits checking request according to the prompting of the verification page to server, and please according to the collection of the verification page
Seek at least one fisrt feature information of transmission;
At least receive the first fingerprint identifier transmitted by the verification method based on device-fingerprint collection;
Respond first fingerprint identifier and send at least one second feature information.
Optionally, including:
User terminal submits checking request according to the prompting of the verification page to server, and please according to the collection of the verification page
Seek at least one fisrt feature information of transmission;
Receive the first fingerprint identifier and identifying code letter transmitted by the verification method based on device-fingerprint collection
Breath;
Respond first fingerprint identifier and verification code information and send at least one second feature information and input
Identifying code.
Optionally, the first fingerprint identifier and verification code information received is sent out with the identifying code URL generated at random
Send, first fingerprint identifier and verification code information of responding includes:
Click on the URL and open the verification page;
The second feature information and input validation code are collected based on the verification page.
Optionally, the user terminal submits checking request to include according to the prompting of the verification page to server:The use
Verify the Quick Response Code that show of the page with to the server submission checking request described in the terminal scanning of family.
The beneficial effect of technical solution of the present invention includes at least:
Selection is matched with the external equipment in the checking request slave device fingerprint database inputted according to external equipment
Fingerprint feature information transfers second feature information to generate the first fingerprint identifier, based on the second feature information
Matched again with first fingerprint identifier to pass through verification.By device-fingerprint acquisition technique, existing skill can be solved
In art, because note data, which is revealed, causes secondary short-message verification to fail the problem of.
Technical solution of the present invention additionally provides a kind of verification mode being combined based on device-fingerprint and identifying code, further
Improve the security of authentication.
Technical solution of the present invention also by the hardware attributes, software attributes, behavior property of the external equipment at least
A kind of information, and at least one of the unique identification of the external equipment, MAC Address, screen message information.It can carry significantly
Rise the accuracy that equipment identities are verified by device-fingerprint.
Brief description of the drawings
Upon reading the detailed description of non-limiting embodiments with reference to the following drawings, other features of the invention,
Objects and advantages will become more apparent upon:
Fig. 1 shows the first specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection
Flow chart;
Fig. 2 shows a change case of the first specific embodiment according to the present invention, and one kind is gathered based on device-fingerprint
Verification method flow chart;
Fig. 3 shows the second specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection
Flow chart;
Fig. 4 shows the 3rd specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested
The flow chart of card method;
Fig. 5 shows the 4th specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested
The flow chart of card method;
Fig. 6 shows according to the present invention, a kind of short-message verification interface schematic diagram.
Embodiment
In order to preferably make technical scheme clearly show, the present invention is made below in conjunction with the accompanying drawings into one
Walk explanation.
Fig. 1 shows the first specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection
Flow chart.It is applicable in it is to be appreciated that the present invention is main but is not limited to such a scene, skilled artisan understands that so
Control process have great importance, for example, the online service that user is provided by an acquisition for mobile terminal server,
Server would generally provide account and password for the user.Account is the identity of the user in the server, be may be used as
Other users are distinguished, password can then ensure account number safety, not used arbitrarily.But the mode of password login account may be because
Hit storehouse or other modes and reduce security, thus, the way of most of servers is all by association user cell-phone number, is carried out
Short-message verification.It will be appreciated by those skilled in the art that due to the separation of user account and user, cause the verification of account+password
The safety index of mode is relatively low, and short message easily leakage again.In order to solve the above-mentioned technical problem, the present invention will by technological means
The device-fingerprint information is linked up with user account, and in order to solve the above-mentioned technical problem, the first of technical solution of the present invention is specific
Embodiment provides a kind of verification method based on device-fingerprint collection, further enhances associating for account and user.Specifically
Step is as follows:
First, enter step S101, according to external equipment input checking request slave device fingerprint database in selection with
The matched fingerprint feature information of external equipment is to generate the first fingerprint identifier.Specifically, the external equipment can be with
It is a mobile terminal, the browser in such as computer, mobile phone, what the page of user terminal was accessed typically by browser
A page in portal management service, server beam back response message according to operation of the user on the page accessed;Institute
State checking solicited message and server is transferred to by outside, server identifies the information of present terminal identity according to this;Described first
Fingerprint identifier be by server transport to the external equipment and require its submit relevant device information solicited message;Institute
Stating selection includes being made according at least one fisrt feature information of the external equipment, and first fingerprint identifier includes
The solicited message of at least one second feature information is transferred from the external equipment.More specifically, the fisrt feature information
Part/whole characteristic information of the external equipment, in addition to being distinguish between in statement, two are belonged to second feature information
Characteristic information content is also different contained by person's reality.The preliminary identity card of external equipment described in the fisrt feature information acute pyogenic infection of finger tip
Bright information, included in the checking request of external equipment input, for example, it may be first request, which receives server, provides clothes
During business, filling registration information and server is sent on the external equipment, then by server feedback, and be supplied to described outer
The exclusive service account of portion's equipment and password, it will be appreciated by those skilled in the art that this exclusive account can be logged in by different equipment
Server simultaneously receives service, in practice, when server detects that current account logs in address or different beaching accommodation, it will usually
The authenticity of current user identities is verified, the solution that the first specific embodiment of the invention is provided is by institute
The device-fingerprint information gathered when stating the second feature information of external equipment with registering first is matched, thus fisrt feature
Information is the preliminary proof information of the external equipment identity, and second feature information, which is only, verifies the external equipment true identity
Key message.
Then, step S102 is performed, sends the first fingerprint identifier, and receive first described in the external-device response
The information of fingerprint identifier and the second feature information transferred.Specifically, described send is that server passes through digital signal
First fingerprint identifier is transferred on the external equipment;The information of the first fingerprint identifier of the response refers to
The external equipment allows first fingerprint inspection to the feedback information of first fingerprint identifier, i.e., described external equipment
Card information transfers the request of the second feature information;The second feature information transferred refers to according to first fingerprint authentication
The checking request included in information, the corresponding device characteristic information transferred in the external equipment, namely the second feature
These information, are then transferred on server by information by cellular mobile network;More specifically, those skilled in the art manage
Solution, the mode that acquisitions of the second feature information can be in this way, i.e., be embedded in and set in the application page of the external equipment
The SDK application programs of standby fingerprint collecting, after obtaining device-fingerprint, when the external equipment asks short-message verification, are transported to network
Battalion, which consults and request, seeks the second feature information for transferring the external equipment.
Next, perform step S103, judge the second feature information and first fingerprint identifier whether
Match somebody with somebody.Specifically, the matching again will be referred to by the second feature information transferred on the external equipment with described first
The characteristic information included in line information is matched.More specifically, a threshold value can be preset by the server,
Threshold value is to judge a normative reference of the second feature information and the first fingerprint identifier matching degree.Specific service
Device needs the two how many parameter of statistics identical, for example, the threshold value of systemic presupposition is n, the server is special to described second
Reference breath is matched (x >=n) with the x items in first fingerprint identifier, and judging result has y matchings.If y >=n,
Pass through verification;It is not verified if y < n.
Finally, S104 is entered step, if the judging result of step S103 is yes, passes through verification.
In order to be better understood from the present embodiment, illustrated below with one embodiment, the external equipment is needed by service
Whether device verifies its identity consistent with currently used account, could continue receiving service, thus sends checking request to server.
Server is after the checking request is received, by the fisrt feature information of the external equipment included in checking request,
Search for and matched in the fingerprint database, transfer setting for the external equipment that is pre-stored in the fingerprint database
Standby fingerprint feature information, the device-fingerprint characteristic information are probably the information of a certain/several classification, then generate described the
One fingerprint identifier, first fingerprint identifier provide data needed for verification for a request external equipment actually
Solicited message, then the first fingerprint identifier is transferred on the external input device by digital signal channel.Institute
State after external equipment receives first fingerprint identifier, if checking request is agreed to, by the external equipment
On operation the second feature information is provided, and the second feature information is transferred on server.Server receives
After the second feature information, the matching of the second feature information and first fingerprint identifier is carried out, according to matching
As a result Yes/No meets the default matched requirement of server, and output Yes/No is by verification, if by verifying, described in permission
External equipment receives the further service of server offer.
Further, the fisrt feature information of the external equipment is gathered according to the checking request.Specifically, it is described to adopt
Collection, the i.e. identity information of the external equipment of the server in checking request are searched in the device-fingerprint storehouse, are found
The fisrt feature information of the external equipment to match with the checking request.The characteristic information includes:The outside is set
At least one of standby hardware attributes, software attributes, behavior property information.And the characteristic information further includes:The outside
At least one of the unique identification of equipment, MAC Address, screen message information.
Judge that the fingerprint feature information step consistent with the first/second characteristic information includes:Identify described the first/the
At least one of the unique identification of the external equipment in two characteristic informations, MAC Address, screen message information;Then, root
It is compared according to the information identified with the fingerprint feature information.
Fig. 2 shows a change case of the first specific embodiment according to the present invention, and one kind is gathered based on device-fingerprint
Verification method flow chart.Fig. 2 is based on Fig. 1.
First, enter step S201, according to external equipment input checking request slave device fingerprint database in selection with
The matched fingerprint feature information of external equipment is to generate the first fingerprint identifier.Specifically, in the first specific implementation
Described in example, it will not go into details herein.
Then, step S202 is performed, sends the first fingerprint identifier, and receive the first fingerprint authentication of external-device response
The information of information and the second feature information transferred.Specifically, it is not superfluous herein described in the first specific embodiment
State.
Next, enter step S203, selected based on the second feature information from the device-fingerprint database with
The fingerprint feature information of the second feature information matches is to generate the second fingerprint identifier.Specifically, in this step, institute
State second feature information and offer is fed back by the external equipment, and believed with least one of second feature information feature
Breath, scans the device-fingerprint database, carries out finger print data matching, and matching way may be referred to the first embodiment institute
The given threshold of offer is matched, and it will not go into details herein.Then second with the second feature information match is picked out
Fingerprint identifier.First fingerprint identifier of generation is different from the first finger checking information in statement, they are probably phase
Same/different finger print information.Preferably, it is matched it will be appreciated by those skilled in the art that the second feature information of reference is more
As a result it is more accurate.
Next, step S204 is performed, judges whether the second fingerprint identifier is consistent with the first fingerprint identifier.
Specifically, the step S103 being different from the first specific embodiment, in step S204, it will be appreciated by those skilled in the art that due to
Finger print information is all provided by the device-fingerprint storehouse, thus the first/bis- fingerprint identifier generated can only be it is consistent/differ
Cause, and cannot be assessed by way of threshold value.
Finally, it is consistent with the first fingerprint identifier if entering step the second fingerprint identifiers of S205, pass through verification.
It should be noted that embodiment illustrated in fig. 2 is advantageous in that, since the external equipment is in normal use process
Error caused by the change of the apparatus characteristic information of middle generation, by the second feature information from the device-fingerprint data
Selection is ensureing necessarily with the fingerprint feature information of the second feature information matches to generate the second fingerprint identifier in storehouse
Reference quantity on the premise of, the foregoing accuracy for changing the error brought, ensureing judging result can be reduced.
Further, if server, by verification, can be believed after each verification by the second feature of acquisition
Breath updates the device-fingerprint database.Specifically, the apparatus characteristic information can include operating system, the protocol stack of equipment
With the relevant feature of network state.More specifically, based on the apparatus characteristic information generation device-fingerprint basic principle be
The feature of new information and System History are stored into the characteristic information global alignment using machine learning algorithm, based on comparison result by
There is device-fingerprint to assign new information or new device-fingerprint is generated for new information.It will be appreciated by those skilled in the art that groundwork walks
It is rapid as follows successively:New information enters system of fingerprints server, extracts protocol stack feature, is using machine learning algorithm that new information is special
Sign compares one by one with old message, if comparing successfully, assigns the device-fingerprint for comparing success message;If comparison is unsuccessful,
Generate new device-fingerprint.Eventually enter into the fingerprint database.
Fig. 3 shows the second specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection
Flow chart.
First, S301 is entered step, the checking request inputted according to external equipment generates the first fingerprint identifier and tests
Demonstrate,prove code information.Specifically, the first fingerprint identifier generating mode is not gone to live in the household of one's in-laws on getting married herein described in the first specific embodiment
State;It will be appreciated by those skilled in the art that the verification code information is i.e. according to the present invention as shown in Figure 6, a kind of short-message verification interface
Schematic diagram.For example, when user is paid by mobile phone terminal payment software, usual payment interface can eject as shown in Figure 6
The operation interface of input handset identifying code, at that time, payment terminal system can send to the phone number in region 1 and verify short breath,
Its content generally comprises that " distinguished customer, for your privacy of guarantee, identifying code is:123456, use in 5 minutes, please don't
Leak.[xx companies] ", user need that above-mentioned identifying code " 123456 " is input in region 3 by the keyboard in region 2, so
Click on and submit afterwards.Payment terminal system can be matched the identifying code that user terminal is submitted with the verification that system is sent, if
With success, then pass through verification, it is allowed to pay.It is emphasized that the mode that the verification code information produces refers to described first
The mode that line checking information produces is different, first fingerprint identifier according to the checking request that the external equipment inputs from
Selection obtains in fingerprint equipment database, and the checking information is to be tested by server according to what the checking request generated at random
Code, or the verification content that other, needs input are demonstrate,proved, and the identifying code is not related to the equipment letter of the external equipment
Breath.
Then, step S302 is performed, the verification code information is sent while the fingerprint identifier is sent.Specifically
Ground, after server generates the corresponding fingerprint identifier and the verification code information, will be arrived by digital data transmission
On the external equipment.For the external equipment after the information that server sends over is received, user can be to server feedback
Response message.
Next, entering step S303 judges whether second feature information matches with the first fingerprint identifier.Specifically,
Describe in the first embodiment, it will not go into details herein.
Next, step S304 is performed, judges whether identifying code matches.Specifically, server is to second feature information
It is that after being, next will enter step whether S304 judges the identifying code with the output of the first fingerprint identifier matching result
Matching, that is, inputting the identifying code at the interface shown in similar Fig. 2 in user, is then sent to server, server can be right
Identifying code input by user with whether the identifying code that server is sent identical is judged, it is emphasized that, this step judges
It is different from S303, it is desirable to which that being compared both sides must be consistent, and output result could be yes.
Finally, S305 is entered step, if the output result of step S304 is yes, server passes through the external equipment
Checking request.
Further, with the communication pattern of short message send the fingerprint identifier and it is described test information, it is described short to disappear
Breath includes the identifying code URL generated at random, and the URL is suitable for being directed toward the verification page and to server according to the clicking operation of user
Send transferred second feature information and input validation code.Specifically, it will be appreciated by those skilled in the art that the URL refers to system
One Resource Locator, is the position of resource to that can be obtained from internet and a kind of succinct expression of access method, is
The address of standard resource on internet.Each file on internet has a unique URL, and the information that it is included points out text
How the position of part and browser should handle it.And the identifying code URL link in technical solution of the present invention is verified to one
The page, user can be by the verification pages to server sending device second feature information and verification code information.For example, ability
Field technique personnel understand, are given birth to when the external equipment asks short-message verification, while according to the information of SDK collections in server end
Into fingerprint ID, and by numeric string of the automatic mesh generation in relation to finger print information, and sent to the external equipment and include the numeral
The short message of string;Server automatically generates the URL containing one section of random verification code, and passes through short message channel to the external equipment
Send the short message for including the URL.The external equipment receives and clicks on the URL in short message, opens the verification page, is sent out to server
Send the second feature information and verification code information.After second feature information described in received server-side and verification code information.Test
Demonstrate,prove the uniformity of the second feature information and verification code information.If both successful match, this is proved to be successful, the two has one
Item is not met, then authentication failed.
Fig. 4 shows the 3rd specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested
Card method.Comprise the following steps that:
First, S401 is entered step, user terminal submits checking request according to the prompting of the verification page to server.Specifically
Ground, it is described to verify pop-up on the page, that is, user terminal/turn interface jumped out, specifically retouched in the first specific embodiment
State, herein not with repeating.
Then, step S402 is performed, at least one fisrt feature information is sent according to the collection request of the verification page.Specifically
Ground, described in the first specific embodiment, it will not go into details herein.
Next, entering step S403, first finger based on transmitted by the verification method of fingerprint collecting is at least received
Line checking information.Specifically, described in the first specific embodiment, it will not go into details herein.
Finally, step S404 is performed, first fingerprint identifier is responded and sends at least one second feature information.
Specifically, described in the first specific embodiment, it will not go into details herein.
In order to be better understood from the present embodiment, it is exemplified below, in such a scene, in the user terminal to institute
When stating the request of the required a certain service of acquisition of server, the server can veritify the identity of the user terminal,
And the verification page is pushed in the user terminal, the user terminal is by the confirmation operation in the verification page, to described
Server submits checking request, and sends at least one fisrt feature information according to verification page capture request.The server
Scanned in the device-fingerprint database, matched according at least one fisrt feature information, generation the first fingerprint authentication letter
Breath.The user terminal at least receives hair described in the verification method based on the fingerprint collecting stated in the first specific embodiment
Send the first fingerprint identifier.Then, the user terminal according to first fingerprint identifier request, and by request
Content provides at least one second feature information.
Fig. 5 shows the 4th specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested
Card method.Comprise the following steps that:
First, S501 is entered step, user terminal submits checking request, and root according to the prompting of the verification page to server
At least one fisrt feature information is sent according to the collection request of the verification page.Specifically, described in the second specific embodiment,
It will not go into details herein.
Then, S502 is entered step, the verification method based on device-fingerprint collection is received and sends the first fingerprint authentication
Information and verification code information.Specifically, described in the second specific embodiment, it will not go into details herein.
Finally, step S503 is performed, first fingerprint identifier and verification code information is responded and sends at least one
Second feature information and the identifying code of input.Specifically, described in the second specific embodiment, it will not go into details herein.
Further, the identifying code URL of the first fingerprint identifier of the reception and verification code information to generate at random
Sent.First fingerprint identifier and verification code information of responding includes:Click on the URL and open the verification
The page;Based on second feature information and input validation code described in the verification page mobile phone.
The user terminal submits checking request to include according to the prompting of the verification page to server:The user terminal is swept
The Quick Response Code that show of the verification page is retouched with to the server submission checking request.For example, when being verified for PC ends, by
Apply for that terminal initiates verification, and produce Quick Response Code, the external equipment, which scans the two-dimensional code, opens the short-message verification page, to server
Short-message verification request is submitted at end, while generates the first fingerprint identifier in server end according to the information of SDK collections.Server
The URL containing one section of random short message verification code is automatically generated, and sends to include by short message channel to the external equipment and is somebody's turn to do
The short message of URL.The external equipment receives and clicks on the URL in short message, opens the verification page, and described second is sent to server
Characteristic information and identifying code.After second feature information described in received server-side and verification code information.Verify the second feature
The uniformity of information and verification code information.If both successful match, this is proved to be successful, the two has one not meet, then tests
Card failure.
The specific embodiment of the present invention is described above.It is to be appreciated that the invention is not limited in above-mentioned
Particular implementation, those skilled in the art can make various deformations or amendments within the scope of the claims, this not shadow
Ring the substantive content of the present invention.
Claims (16)
- A kind of 1. verification method based on device-fingerprint collection, it is characterised in that including:Selection and the matched fingerprint of the external equipment in the checking request slave device fingerprint database inputted according to external equipment For characteristic information to generate the first fingerprint identifier, the selection includes at least one fisrt feature according to the external equipment Information is made, and first fingerprint identifier includes transferring the request of at least one second feature information from the external equipment Information;First fingerprint identifier is sent, and receives the information of the first fingerprint identifier described in the external-device response And the second feature information transferred, matched again with logical with first fingerprint identifier based on the second feature information Cross verification.
- 2. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that further include:The checking request inputted according to external equipment generates verification code information;The verification code information is sent while the fingerprint identifier is sent;Identifying code matching is carried out according to external equipment input validation code;If first fingerprint identifier matches again and identifying code successful match, pass through verification.
- 3. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described according to external equipment Selection is further included with the matched fingerprint feature information of the external equipment in the checking request slave device fingerprint database of input:If The fingerprint feature information of first fingerprint identifier is consistent with the fisrt feature information, exports first fingerprint inspection Demonstrate,prove information.
- 4. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described according to external equipment Selection is further included with the matched fingerprint feature information of the external equipment in the checking request slave device fingerprint database of input:Root The fisrt feature information of the external equipment is gathered according to the checking request.
- 5. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described to be based on described second Characteristic information and first fingerprint identifier match again including:Based on the second feature information from the device-fingerprint Selected in database with the fingerprint feature information of the second feature information matches to generate the second fingerprint identifier;Judge institute It is whether consistent with the first fingerprint identifier to state the second fingerprint identifier.
- 6. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described to be based on described second Characteristic information and first fingerprint identifier match again including:Judge the second feature information and first fingerprint Whether the fingerprint feature information of checking information is consistent.
- 7. the verification method gathered such as claim 1 to 6 any one of them based on device-fingerprint, it is characterised in that the spy Reference breath includes:At least one of the hardware attributes of the external equipment, software attributes, behavior property information.
- 8. the verification method gathered such as claim 1 to 6 any one of them based on device-fingerprint, it is characterised in that the spy Reference breath includes:Device operating system, protocol stack and the network state phase extracted from the agreement of the external device data bag The feature of pass.
- 9. the verification method gathered such as claim 1 to 6 any one of them based on device-fingerprint, it is characterised in that the spy Reference breath includes:At least one of the unique identification of the external equipment, MAC Address, screen message information.
- 10. the verification method gathered based on device-fingerprint such as claim 1 to 6 any one of them, it is characterised in that described the One/second feature information includes:At least one of the hardware attributes of the external equipment, software attributes, behavior property information, The fingerprint feature information includes:At least one of the unique identification of the external equipment, MAC Address, screen message information;Judge that the fingerprint feature information step consistent with the first/second characteristic information includes:Identify in the unique identification of the external equipment in the first/second characteristic information, MAC Address, screen message At least one information;It is compared according to the information identified with the fingerprint feature information.
- 11. the verification method as claimed in claim 2 based on device-fingerprint collection, it is characterised in that with the communication of short message Pattern sends the fingerprint identifier and the verification code information.
- 12. the verification method as claimed in claim 11 based on device-fingerprint collection, it is characterised in that the short message includes The identifying code URL generated at random, the URL, which is suitable for being directed toward according to the clicking operation of user, to be verified the page and sends institute to server The second feature information and input validation code transferred.
- A kind of 13. verification method of user terminal, it is characterised in that including:User terminal submits checking request according to the prompting of the verification page to server, and asks hair according to the collection of the verification page Send at least one fisrt feature information;At least receive based on the first fingerprint authentication letter transmitted by the verification method based on device-fingerprint collection described in claim 1 Breath;Respond first fingerprint identifier and send at least one second feature information.
- A kind of 14. verification method of user terminal, it is characterised in that including:User terminal submits checking request according to the prompting of the verification page to server, and asks hair according to the collection of the verification page Send at least one fisrt feature information;Receive based on described in claim 2 based on device-fingerprint collection verification method transmitted by the first fingerprint identifier and Verification code information;Respond first fingerprint identifier and verification code information and send testing at least one second feature information and input Demonstrate,prove code.
- 15. the verification method of user terminal as claimed in claim 14, it is characterised in that the first fingerprint authentication letter received Breath and verification code information are sent with the identifying code URL generated at random, described to respond first fingerprint identifier and verification Code information includes:Click on the URL and open the verification page;The second feature information and input validation code are collected based on the verification page.
- 16. the verification method of user terminal as claimed in claim 14, it is characterised in that the user terminal is according to verification page The prompting in face submits checking request to include to server:The Quick Response Code that the user terminal scanning verification page is shown with to Server submits the checking request.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610969894.4A CN108023865A (en) | 2016-10-28 | 2016-10-28 | A kind of verification method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610969894.4A CN108023865A (en) | 2016-10-28 | 2016-10-28 | A kind of verification method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108023865A true CN108023865A (en) | 2018-05-11 |
Family
ID=62084468
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610969894.4A Pending CN108023865A (en) | 2016-10-28 | 2016-10-28 | A kind of verification method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108023865A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109002555A (en) * | 2018-08-09 | 2018-12-14 | 郑州市景安网络科技股份有限公司 | A kind of ICP puts on record method, apparatus, equipment and readable storage medium storing program for executing |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011063014A1 (en) * | 2009-11-17 | 2011-05-26 | Secureauth Corporation | Single sign on with multiple authentication factors |
CN102347929A (en) * | 2010-07-28 | 2012-02-08 | 阿里巴巴集团控股有限公司 | Verification method of user identity and apparatus thereof |
CN102413074A (en) * | 2011-11-30 | 2012-04-11 | 向进轮 | Method for detecting login of instant messenger terminal in another place |
CN102664903A (en) * | 2012-05-16 | 2012-09-12 | 李明 | Network user identifying method and system |
CN103024706A (en) * | 2013-01-10 | 2013-04-03 | 甘肃省科学技术情报研究所 | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication |
CN104601602A (en) * | 2015-02-26 | 2015-05-06 | 北京成众志科技有限公司 | Terminal device network security enhanced access and authentication method |
CN105991590A (en) * | 2015-02-15 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method and system for verifying user identity, client, and server |
-
2016
- 2016-10-28 CN CN201610969894.4A patent/CN108023865A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011063014A1 (en) * | 2009-11-17 | 2011-05-26 | Secureauth Corporation | Single sign on with multiple authentication factors |
CN102347929A (en) * | 2010-07-28 | 2012-02-08 | 阿里巴巴集团控股有限公司 | Verification method of user identity and apparatus thereof |
CN102413074A (en) * | 2011-11-30 | 2012-04-11 | 向进轮 | Method for detecting login of instant messenger terminal in another place |
CN102664903A (en) * | 2012-05-16 | 2012-09-12 | 李明 | Network user identifying method and system |
CN103024706A (en) * | 2013-01-10 | 2013-04-03 | 甘肃省科学技术情报研究所 | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication |
CN105991590A (en) * | 2015-02-15 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method and system for verifying user identity, client, and server |
CN104601602A (en) * | 2015-02-26 | 2015-05-06 | 北京成众志科技有限公司 | Terminal device network security enhanced access and authentication method |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109002555A (en) * | 2018-08-09 | 2018-12-14 | 郑州市景安网络科技股份有限公司 | A kind of ICP puts on record method, apparatus, equipment and readable storage medium storing program for executing |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101465735B (en) | Network user identification verification method, server and client terminal | |
CN102790674B (en) | Auth method, equipment and system | |
KR102214247B1 (en) | Method and apparatus for service implementation | |
CN108989346B (en) | Third-party valid identity escrow agile authentication access method based on account hiding | |
CN106850209A (en) | A kind of identity identifying method and device | |
CN106657068A (en) | Login authorization method and device, login method and device | |
CN109889469B (en) | Short message verification method, device, storage medium, short message verification system and terminal | |
CN103986584A (en) | Double-factor identity verification method based on intelligent equipment | |
CN108259502A (en) | For obtaining the identification method of interface access rights, server-side and storage medium | |
CN105323253A (en) | Identity verification method and device | |
CN106911661A (en) | A kind of short-message verification method, device, client, server and system | |
CN102105920A (en) | Method and system for securing communication sessions | |
CN103607416A (en) | Method and application system for authenticating identity of network terminal machine | |
US20180374093A1 (en) | Method for sending digital information | |
CN105162774B (en) | Virtual machine entry method, the virtual machine entry method and device for terminal | |
CN101051905A (en) | Agent identity certificiation method | |
CN105786581A (en) | Multistage server and method for network data operation | |
CN110175439A (en) | User management method, device, equipment and computer readable storage medium | |
CN107835162B (en) | Software digital permit server gives the method and software digital permit server that permission is signed and issued in the license of software developer's software digital | |
CN104618356B (en) | Auth method and device | |
CN206962826U (en) | Identity authorization system based on FIDO U2F double factor fingerprint recognitions | |
CN104469736B (en) | A kind of data processing method, server and terminal | |
CN108834147A (en) | Examine WiFi cipher safety method, apparatus, computer equipment and storage medium | |
CN107580002A (en) | Double factor authentication safety management machine login system and method | |
CN112995227B (en) | One-stop information service platform based on three-party credit management |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180511 |