CN108023865A - A kind of verification method - Google Patents

A kind of verification method Download PDF

Info

Publication number
CN108023865A
CN108023865A CN201610969894.4A CN201610969894A CN108023865A CN 108023865 A CN108023865 A CN 108023865A CN 201610969894 A CN201610969894 A CN 201610969894A CN 108023865 A CN108023865 A CN 108023865A
Authority
CN
China
Prior art keywords
fingerprint
information
verification
feature information
external equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610969894.4A
Other languages
Chinese (zh)
Inventor
雷晓川
于波
周辉
张克
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mdt Infotech Ltd Shanghai
Original Assignee
Mdt Infotech Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mdt Infotech Ltd Shanghai filed Critical Mdt Infotech Ltd Shanghai
Priority to CN201610969894.4A priority Critical patent/CN108023865A/en
Publication of CN108023865A publication Critical patent/CN108023865A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Abstract

The present invention provides a kind of verification method based on device-fingerprint collection.Including:Selected in the checking request slave device fingerprint database inputted according to external equipment with the matched fingerprint feature information of the external equipment to generate the first fingerprint identifier, the selection includes being made according at least one fisrt feature information of the external equipment, and first fingerprint identifier includes transferring the solicited message of at least one second feature information from the external equipment;First fingerprint identifier is sent, and receives the information of the first fingerprint identifier described in the external-device response and the second feature information transferred, is matched again with first fingerprint identifier to pass through verification based on the second feature information.The present invention can be solved in the prior art, because note data, which is revealed, causes secondary short-message verification to fail the problem of by device-fingerprint acquisition technique.

Description

A kind of verification method
Technical field
The invention belongs to information security field, especially terminal identity identification technology, and in particular, to one kind is based on equipment The verification method of fingerprint collecting, a kind of verification method of user terminal.
Background technology
With the popularization of Internet technology, people carry out work by the service that the major Internet firm of exclusive account provides Make, entertain, learning etc., but these service the problems such as often involving money and privacy again.User account secure context is being protected, The major Internet firm's common practice for providing terminal service is to need user to bind a cell-phone number in register account number, and Determine that the cell-phone number belongs under the control of user by way of short-message verification.Terminal server can pass through binding Cell-phone number carries out user identification confirmation, i.e., terminal server received a certain request from user account when, such as pass through the account Family payment etc., terminal server may require that user inputs short message verification code, and send a short message to binding cell-phone number.User's It will be subject to a short message containing verification on mobile phone, by inputting the identifying code, can be known by the identity of terminal server Not, subsequent operation is carried out.
Although clear and definite active user's account can be effectively verified by way of binding cell-phone number and sending short message verification code The identity of number user, still, sends in plain text, is intercepted and forwards in the way that communicate and loses security, also all kinds of use Human Engineering deception victim leak identifying code fraud, for be all this weakness.With mobile terminal function increasingly Abundant, attacker can be read out information, intercept, change or reset by being implanted into wooden horse in mobile terminal.
For how to solve to cause the technical problem of secondary short-message verification failure because note data is revealed.The prior art carries Some solutions have been supplied, such as Application No. 201410003145.7, short-message verification system and verification method, its short message provided Verification system includes short-message verification module and encrypting module, and short-message verification module is arranged in mobile electronic device and generates movement Electronic equipment identity coding, what encrypting module was arranged in background server and need to be sent background server according to identity coding Generation encrypted authentication code is encrypted in short message verification code, and encrypted authentication code is encoded and carried out by short-message verification module according to machine identity Decrypt to obtain short message verification code and need to submit according to user.The identifying code that the short-message verification system sends needs utilizes machine Device identity coding is encrypted, and user is decrypted using short-message verification module can obtain real short message verification code, so that Avoid the attacker after SIM card is stolen or is replicated from obtaining the identifying code that background server is sent, ensure the property peace of user Entirely.The core of the technical solution is to need to be encrypted and decrypted using machine identity coding, and machine identity coding is once lost Lose, equally exist the risk that identifying code is stolen.
At this stage, the extraordinary side's technical solution of neither one solves the problems, such as mentioned above.
The content of the invention
Technical solution of the present invention solve technical problem be:Cause secondary short-message verification failure because note data is revealed Technical problem.
In order to solve the above-mentioned technical problem, technical solution of the present invention provides a kind of authentication based on device-fingerprint collection Method, including:
Selection is matched with the external equipment in the checking request slave device fingerprint database inputted according to external equipment For fingerprint feature information to generate the first fingerprint identifier, the selection includes at least one first according to the external equipment Characteristic information is made, and first fingerprint identifier includes transferring at least one second feature information from the external equipment Solicited message;
First fingerprint identifier is sent, and receives the first fingerprint identifier described in the external-device response Information and the second feature information transferred, are matched again based on the second feature information with first fingerprint identifier To pass through verification.
Optionally, further include:
The checking request inputted according to external equipment generates verification code information;
The verification code information is sent while the fingerprint identifier is sent;
Identifying code matching is carried out according to external equipment input validation code;
If first fingerprint identifier matches again and identifying code successful match, pass through verification.
Optionally, selection and the outside in the checking request slave device fingerprint database inputted according to external equipment The matched fingerprint feature information of equipment further includes:If the fingerprint feature information of first fingerprint identifier is special with described first Reference breath unanimously then exports first fingerprint identifier.
Optionally, selection and the outside in the checking request slave device fingerprint database inputted according to external equipment The matched fingerprint feature information of equipment further includes:The fisrt feature information of the external equipment is gathered according to the checking request.
Optionally, it is described based on the second feature information and first fingerprint identifier match again including:Base Selected in the second feature information from the device-fingerprint database and the fingerprint characteristic of the second feature information matches Information is to generate the second fingerprint identifier;Judge second fingerprint identifier and the first fingerprint identifier whether one Cause.
Optionally, it is described based on the second feature information and first fingerprint identifier match again including:Sentence Whether the second feature information of breaking is consistent with the fingerprint feature information of first fingerprint identifier.
Optionally, the characteristic information includes:In the hardware attributes of the external equipment, software attributes, behavior property At least one information.
Optionally, the characteristic information includes:The equipment operation system extracted from the agreement of the external device data bag System, protocol stack and the relevant feature of network state.
Optionally, the characteristic information includes:In the unique identification of the external equipment, MAC Address, screen message extremely A kind of few information.
Optionally, the first/second characteristic information includes:The hardware attributes of the external equipment, software attributes, behavior At least one of attribute information, the fingerprint feature information include:The unique identification of the external equipment, MAC Address, screen At least one of information information;
Judge that the fingerprint feature information step consistent with the first/second characteristic information includes:
Identify the unique identification of the external equipment in the first/second characteristic information, MAC Address, screen message At least one of information;
It is compared according to the information identified with the fingerprint feature information.
Optionally, the fingerprint identifier and the verification code information are sent with the communication pattern of short message.
Optionally, the identifying code URL, the URL that the short message includes generating at random are suitable for according to the click of user behaviour Make to be directed toward the verification page and send transferred second feature information and input validation code to server.
In order to solve the above-mentioned technical problem, technical solution of the present invention additionally provides a kind of verification method of user terminal, bag Include:
User terminal submits checking request according to the prompting of the verification page to server, and please according to the collection of the verification page Seek at least one fisrt feature information of transmission;
At least receive the first fingerprint identifier transmitted by the verification method based on device-fingerprint collection;
Respond first fingerprint identifier and send at least one second feature information.
Optionally, including:
User terminal submits checking request according to the prompting of the verification page to server, and please according to the collection of the verification page Seek at least one fisrt feature information of transmission;
Receive the first fingerprint identifier and identifying code letter transmitted by the verification method based on device-fingerprint collection Breath;
Respond first fingerprint identifier and verification code information and send at least one second feature information and input Identifying code.
Optionally, the first fingerprint identifier and verification code information received is sent out with the identifying code URL generated at random Send, first fingerprint identifier and verification code information of responding includes:
Click on the URL and open the verification page;
The second feature information and input validation code are collected based on the verification page.
Optionally, the user terminal submits checking request to include according to the prompting of the verification page to server:The use Verify the Quick Response Code that show of the page with to the server submission checking request described in the terminal scanning of family.
The beneficial effect of technical solution of the present invention includes at least:
Selection is matched with the external equipment in the checking request slave device fingerprint database inputted according to external equipment Fingerprint feature information transfers second feature information to generate the first fingerprint identifier, based on the second feature information Matched again with first fingerprint identifier to pass through verification.By device-fingerprint acquisition technique, existing skill can be solved In art, because note data, which is revealed, causes secondary short-message verification to fail the problem of.
Technical solution of the present invention additionally provides a kind of verification mode being combined based on device-fingerprint and identifying code, further Improve the security of authentication.
Technical solution of the present invention also by the hardware attributes, software attributes, behavior property of the external equipment at least A kind of information, and at least one of the unique identification of the external equipment, MAC Address, screen message information.It can carry significantly Rise the accuracy that equipment identities are verified by device-fingerprint.
Brief description of the drawings
Upon reading the detailed description of non-limiting embodiments with reference to the following drawings, other features of the invention, Objects and advantages will become more apparent upon:
Fig. 1 shows the first specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection Flow chart;
Fig. 2 shows a change case of the first specific embodiment according to the present invention, and one kind is gathered based on device-fingerprint Verification method flow chart;
Fig. 3 shows the second specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection Flow chart;
Fig. 4 shows the 3rd specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested The flow chart of card method;
Fig. 5 shows the 4th specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested The flow chart of card method;
Fig. 6 shows according to the present invention, a kind of short-message verification interface schematic diagram.
Embodiment
In order to preferably make technical scheme clearly show, the present invention is made below in conjunction with the accompanying drawings into one Walk explanation.
Fig. 1 shows the first specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection Flow chart.It is applicable in it is to be appreciated that the present invention is main but is not limited to such a scene, skilled artisan understands that so Control process have great importance, for example, the online service that user is provided by an acquisition for mobile terminal server, Server would generally provide account and password for the user.Account is the identity of the user in the server, be may be used as Other users are distinguished, password can then ensure account number safety, not used arbitrarily.But the mode of password login account may be because Hit storehouse or other modes and reduce security, thus, the way of most of servers is all by association user cell-phone number, is carried out Short-message verification.It will be appreciated by those skilled in the art that due to the separation of user account and user, cause the verification of account+password The safety index of mode is relatively low, and short message easily leakage again.In order to solve the above-mentioned technical problem, the present invention will by technological means The device-fingerprint information is linked up with user account, and in order to solve the above-mentioned technical problem, the first of technical solution of the present invention is specific Embodiment provides a kind of verification method based on device-fingerprint collection, further enhances associating for account and user.Specifically Step is as follows:
First, enter step S101, according to external equipment input checking request slave device fingerprint database in selection with The matched fingerprint feature information of external equipment is to generate the first fingerprint identifier.Specifically, the external equipment can be with It is a mobile terminal, the browser in such as computer, mobile phone, what the page of user terminal was accessed typically by browser A page in portal management service, server beam back response message according to operation of the user on the page accessed;Institute State checking solicited message and server is transferred to by outside, server identifies the information of present terminal identity according to this;Described first Fingerprint identifier be by server transport to the external equipment and require its submit relevant device information solicited message;Institute Stating selection includes being made according at least one fisrt feature information of the external equipment, and first fingerprint identifier includes The solicited message of at least one second feature information is transferred from the external equipment.More specifically, the fisrt feature information Part/whole characteristic information of the external equipment, in addition to being distinguish between in statement, two are belonged to second feature information Characteristic information content is also different contained by person's reality.The preliminary identity card of external equipment described in the fisrt feature information acute pyogenic infection of finger tip Bright information, included in the checking request of external equipment input, for example, it may be first request, which receives server, provides clothes During business, filling registration information and server is sent on the external equipment, then by server feedback, and be supplied to described outer The exclusive service account of portion's equipment and password, it will be appreciated by those skilled in the art that this exclusive account can be logged in by different equipment Server simultaneously receives service, in practice, when server detects that current account logs in address or different beaching accommodation, it will usually The authenticity of current user identities is verified, the solution that the first specific embodiment of the invention is provided is by institute The device-fingerprint information gathered when stating the second feature information of external equipment with registering first is matched, thus fisrt feature Information is the preliminary proof information of the external equipment identity, and second feature information, which is only, verifies the external equipment true identity Key message.
Then, step S102 is performed, sends the first fingerprint identifier, and receive first described in the external-device response The information of fingerprint identifier and the second feature information transferred.Specifically, described send is that server passes through digital signal First fingerprint identifier is transferred on the external equipment;The information of the first fingerprint identifier of the response refers to The external equipment allows first fingerprint inspection to the feedback information of first fingerprint identifier, i.e., described external equipment Card information transfers the request of the second feature information;The second feature information transferred refers to according to first fingerprint authentication The checking request included in information, the corresponding device characteristic information transferred in the external equipment, namely the second feature These information, are then transferred on server by information by cellular mobile network;More specifically, those skilled in the art manage Solution, the mode that acquisitions of the second feature information can be in this way, i.e., be embedded in and set in the application page of the external equipment The SDK application programs of standby fingerprint collecting, after obtaining device-fingerprint, when the external equipment asks short-message verification, are transported to network Battalion, which consults and request, seeks the second feature information for transferring the external equipment.
Next, perform step S103, judge the second feature information and first fingerprint identifier whether Match somebody with somebody.Specifically, the matching again will be referred to by the second feature information transferred on the external equipment with described first The characteristic information included in line information is matched.More specifically, a threshold value can be preset by the server, Threshold value is to judge a normative reference of the second feature information and the first fingerprint identifier matching degree.Specific service Device needs the two how many parameter of statistics identical, for example, the threshold value of systemic presupposition is n, the server is special to described second Reference breath is matched (x >=n) with the x items in first fingerprint identifier, and judging result has y matchings.If y >=n, Pass through verification;It is not verified if y < n.
Finally, S104 is entered step, if the judging result of step S103 is yes, passes through verification.
In order to be better understood from the present embodiment, illustrated below with one embodiment, the external equipment is needed by service Whether device verifies its identity consistent with currently used account, could continue receiving service, thus sends checking request to server. Server is after the checking request is received, by the fisrt feature information of the external equipment included in checking request, Search for and matched in the fingerprint database, transfer setting for the external equipment that is pre-stored in the fingerprint database Standby fingerprint feature information, the device-fingerprint characteristic information are probably the information of a certain/several classification, then generate described the One fingerprint identifier, first fingerprint identifier provide data needed for verification for a request external equipment actually Solicited message, then the first fingerprint identifier is transferred on the external input device by digital signal channel.Institute State after external equipment receives first fingerprint identifier, if checking request is agreed to, by the external equipment On operation the second feature information is provided, and the second feature information is transferred on server.Server receives After the second feature information, the matching of the second feature information and first fingerprint identifier is carried out, according to matching As a result Yes/No meets the default matched requirement of server, and output Yes/No is by verification, if by verifying, described in permission External equipment receives the further service of server offer.
Further, the fisrt feature information of the external equipment is gathered according to the checking request.Specifically, it is described to adopt Collection, the i.e. identity information of the external equipment of the server in checking request are searched in the device-fingerprint storehouse, are found The fisrt feature information of the external equipment to match with the checking request.The characteristic information includes:The outside is set At least one of standby hardware attributes, software attributes, behavior property information.And the characteristic information further includes:The outside At least one of the unique identification of equipment, MAC Address, screen message information.
Judge that the fingerprint feature information step consistent with the first/second characteristic information includes:Identify described the first/the At least one of the unique identification of the external equipment in two characteristic informations, MAC Address, screen message information;Then, root It is compared according to the information identified with the fingerprint feature information.
Fig. 2 shows a change case of the first specific embodiment according to the present invention, and one kind is gathered based on device-fingerprint Verification method flow chart.Fig. 2 is based on Fig. 1.
First, enter step S201, according to external equipment input checking request slave device fingerprint database in selection with The matched fingerprint feature information of external equipment is to generate the first fingerprint identifier.Specifically, in the first specific implementation Described in example, it will not go into details herein.
Then, step S202 is performed, sends the first fingerprint identifier, and receive the first fingerprint authentication of external-device response The information of information and the second feature information transferred.Specifically, it is not superfluous herein described in the first specific embodiment State.
Next, enter step S203, selected based on the second feature information from the device-fingerprint database with The fingerprint feature information of the second feature information matches is to generate the second fingerprint identifier.Specifically, in this step, institute State second feature information and offer is fed back by the external equipment, and believed with least one of second feature information feature Breath, scans the device-fingerprint database, carries out finger print data matching, and matching way may be referred to the first embodiment institute The given threshold of offer is matched, and it will not go into details herein.Then second with the second feature information match is picked out Fingerprint identifier.First fingerprint identifier of generation is different from the first finger checking information in statement, they are probably phase Same/different finger print information.Preferably, it is matched it will be appreciated by those skilled in the art that the second feature information of reference is more As a result it is more accurate.
Next, step S204 is performed, judges whether the second fingerprint identifier is consistent with the first fingerprint identifier. Specifically, the step S103 being different from the first specific embodiment, in step S204, it will be appreciated by those skilled in the art that due to Finger print information is all provided by the device-fingerprint storehouse, thus the first/bis- fingerprint identifier generated can only be it is consistent/differ Cause, and cannot be assessed by way of threshold value.
Finally, it is consistent with the first fingerprint identifier if entering step the second fingerprint identifiers of S205, pass through verification.
It should be noted that embodiment illustrated in fig. 2 is advantageous in that, since the external equipment is in normal use process Error caused by the change of the apparatus characteristic information of middle generation, by the second feature information from the device-fingerprint data Selection is ensureing necessarily with the fingerprint feature information of the second feature information matches to generate the second fingerprint identifier in storehouse Reference quantity on the premise of, the foregoing accuracy for changing the error brought, ensureing judging result can be reduced.
Further, if server, by verification, can be believed after each verification by the second feature of acquisition Breath updates the device-fingerprint database.Specifically, the apparatus characteristic information can include operating system, the protocol stack of equipment With the relevant feature of network state.More specifically, based on the apparatus characteristic information generation device-fingerprint basic principle be The feature of new information and System History are stored into the characteristic information global alignment using machine learning algorithm, based on comparison result by There is device-fingerprint to assign new information or new device-fingerprint is generated for new information.It will be appreciated by those skilled in the art that groundwork walks It is rapid as follows successively:New information enters system of fingerprints server, extracts protocol stack feature, is using machine learning algorithm that new information is special Sign compares one by one with old message, if comparing successfully, assigns the device-fingerprint for comparing success message;If comparison is unsuccessful, Generate new device-fingerprint.Eventually enter into the fingerprint database.
Fig. 3 shows the second specific embodiment according to the present invention, a kind of verification method based on device-fingerprint collection Flow chart.
First, S301 is entered step, the checking request inputted according to external equipment generates the first fingerprint identifier and tests Demonstrate,prove code information.Specifically, the first fingerprint identifier generating mode is not gone to live in the household of one's in-laws on getting married herein described in the first specific embodiment State;It will be appreciated by those skilled in the art that the verification code information is i.e. according to the present invention as shown in Figure 6, a kind of short-message verification interface Schematic diagram.For example, when user is paid by mobile phone terminal payment software, usual payment interface can eject as shown in Figure 6 The operation interface of input handset identifying code, at that time, payment terminal system can send to the phone number in region 1 and verify short breath, Its content generally comprises that " distinguished customer, for your privacy of guarantee, identifying code is:123456, use in 5 minutes, please don't Leak.[xx companies] ", user need that above-mentioned identifying code " 123456 " is input in region 3 by the keyboard in region 2, so Click on and submit afterwards.Payment terminal system can be matched the identifying code that user terminal is submitted with the verification that system is sent, if With success, then pass through verification, it is allowed to pay.It is emphasized that the mode that the verification code information produces refers to described first The mode that line checking information produces is different, first fingerprint identifier according to the checking request that the external equipment inputs from Selection obtains in fingerprint equipment database, and the checking information is to be tested by server according to what the checking request generated at random Code, or the verification content that other, needs input are demonstrate,proved, and the identifying code is not related to the equipment letter of the external equipment Breath.
Then, step S302 is performed, the verification code information is sent while the fingerprint identifier is sent.Specifically Ground, after server generates the corresponding fingerprint identifier and the verification code information, will be arrived by digital data transmission On the external equipment.For the external equipment after the information that server sends over is received, user can be to server feedback Response message.
Next, entering step S303 judges whether second feature information matches with the first fingerprint identifier.Specifically, Describe in the first embodiment, it will not go into details herein.
Next, step S304 is performed, judges whether identifying code matches.Specifically, server is to second feature information It is that after being, next will enter step whether S304 judges the identifying code with the output of the first fingerprint identifier matching result Matching, that is, inputting the identifying code at the interface shown in similar Fig. 2 in user, is then sent to server, server can be right Identifying code input by user with whether the identifying code that server is sent identical is judged, it is emphasized that, this step judges It is different from S303, it is desirable to which that being compared both sides must be consistent, and output result could be yes.
Finally, S305 is entered step, if the output result of step S304 is yes, server passes through the external equipment Checking request.
Further, with the communication pattern of short message send the fingerprint identifier and it is described test information, it is described short to disappear Breath includes the identifying code URL generated at random, and the URL is suitable for being directed toward the verification page and to server according to the clicking operation of user Send transferred second feature information and input validation code.Specifically, it will be appreciated by those skilled in the art that the URL refers to system One Resource Locator, is the position of resource to that can be obtained from internet and a kind of succinct expression of access method, is The address of standard resource on internet.Each file on internet has a unique URL, and the information that it is included points out text How the position of part and browser should handle it.And the identifying code URL link in technical solution of the present invention is verified to one The page, user can be by the verification pages to server sending device second feature information and verification code information.For example, ability Field technique personnel understand, are given birth to when the external equipment asks short-message verification, while according to the information of SDK collections in server end Into fingerprint ID, and by numeric string of the automatic mesh generation in relation to finger print information, and sent to the external equipment and include the numeral The short message of string;Server automatically generates the URL containing one section of random verification code, and passes through short message channel to the external equipment Send the short message for including the URL.The external equipment receives and clicks on the URL in short message, opens the verification page, is sent out to server Send the second feature information and verification code information.After second feature information described in received server-side and verification code information.Test Demonstrate,prove the uniformity of the second feature information and verification code information.If both successful match, this is proved to be successful, the two has one Item is not met, then authentication failed.
Fig. 4 shows the 3rd specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested Card method.Comprise the following steps that:
First, S401 is entered step, user terminal submits checking request according to the prompting of the verification page to server.Specifically Ground, it is described to verify pop-up on the page, that is, user terminal/turn interface jumped out, specifically retouched in the first specific embodiment State, herein not with repeating.
Then, step S402 is performed, at least one fisrt feature information is sent according to the collection request of the verification page.Specifically Ground, described in the first specific embodiment, it will not go into details herein.
Next, entering step S403, first finger based on transmitted by the verification method of fingerprint collecting is at least received Line checking information.Specifically, described in the first specific embodiment, it will not go into details herein.
Finally, step S404 is performed, first fingerprint identifier is responded and sends at least one second feature information. Specifically, described in the first specific embodiment, it will not go into details herein.
In order to be better understood from the present embodiment, it is exemplified below, in such a scene, in the user terminal to institute When stating the request of the required a certain service of acquisition of server, the server can veritify the identity of the user terminal, And the verification page is pushed in the user terminal, the user terminal is by the confirmation operation in the verification page, to described Server submits checking request, and sends at least one fisrt feature information according to verification page capture request.The server Scanned in the device-fingerprint database, matched according at least one fisrt feature information, generation the first fingerprint authentication letter Breath.The user terminal at least receives hair described in the verification method based on the fingerprint collecting stated in the first specific embodiment Send the first fingerprint identifier.Then, the user terminal according to first fingerprint identifier request, and by request Content provides at least one second feature information.
Fig. 5 shows the 4th specific embodiment according to the present invention, and a kind of user terminal based on device-fingerprint collection is tested Card method.Comprise the following steps that:
First, S501 is entered step, user terminal submits checking request, and root according to the prompting of the verification page to server At least one fisrt feature information is sent according to the collection request of the verification page.Specifically, described in the second specific embodiment, It will not go into details herein.
Then, S502 is entered step, the verification method based on device-fingerprint collection is received and sends the first fingerprint authentication Information and verification code information.Specifically, described in the second specific embodiment, it will not go into details herein.
Finally, step S503 is performed, first fingerprint identifier and verification code information is responded and sends at least one Second feature information and the identifying code of input.Specifically, described in the second specific embodiment, it will not go into details herein.
Further, the identifying code URL of the first fingerprint identifier of the reception and verification code information to generate at random Sent.First fingerprint identifier and verification code information of responding includes:Click on the URL and open the verification The page;Based on second feature information and input validation code described in the verification page mobile phone.
The user terminal submits checking request to include according to the prompting of the verification page to server:The user terminal is swept The Quick Response Code that show of the verification page is retouched with to the server submission checking request.For example, when being verified for PC ends, by Apply for that terminal initiates verification, and produce Quick Response Code, the external equipment, which scans the two-dimensional code, opens the short-message verification page, to server Short-message verification request is submitted at end, while generates the first fingerprint identifier in server end according to the information of SDK collections.Server The URL containing one section of random short message verification code is automatically generated, and sends to include by short message channel to the external equipment and is somebody's turn to do The short message of URL.The external equipment receives and clicks on the URL in short message, opens the verification page, and described second is sent to server Characteristic information and identifying code.After second feature information described in received server-side and verification code information.Verify the second feature The uniformity of information and verification code information.If both successful match, this is proved to be successful, the two has one not meet, then tests Card failure.
The specific embodiment of the present invention is described above.It is to be appreciated that the invention is not limited in above-mentioned Particular implementation, those skilled in the art can make various deformations or amendments within the scope of the claims, this not shadow Ring the substantive content of the present invention.

Claims (16)

  1. A kind of 1. verification method based on device-fingerprint collection, it is characterised in that including:
    Selection and the matched fingerprint of the external equipment in the checking request slave device fingerprint database inputted according to external equipment For characteristic information to generate the first fingerprint identifier, the selection includes at least one fisrt feature according to the external equipment Information is made, and first fingerprint identifier includes transferring the request of at least one second feature information from the external equipment Information;
    First fingerprint identifier is sent, and receives the information of the first fingerprint identifier described in the external-device response And the second feature information transferred, matched again with logical with first fingerprint identifier based on the second feature information Cross verification.
  2. 2. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that further include:
    The checking request inputted according to external equipment generates verification code information;
    The verification code information is sent while the fingerprint identifier is sent;
    Identifying code matching is carried out according to external equipment input validation code;
    If first fingerprint identifier matches again and identifying code successful match, pass through verification.
  3. 3. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described according to external equipment Selection is further included with the matched fingerprint feature information of the external equipment in the checking request slave device fingerprint database of input:If The fingerprint feature information of first fingerprint identifier is consistent with the fisrt feature information, exports first fingerprint inspection Demonstrate,prove information.
  4. 4. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described according to external equipment Selection is further included with the matched fingerprint feature information of the external equipment in the checking request slave device fingerprint database of input:Root The fisrt feature information of the external equipment is gathered according to the checking request.
  5. 5. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described to be based on described second Characteristic information and first fingerprint identifier match again including:Based on the second feature information from the device-fingerprint Selected in database with the fingerprint feature information of the second feature information matches to generate the second fingerprint identifier;Judge institute It is whether consistent with the first fingerprint identifier to state the second fingerprint identifier.
  6. 6. the verification method as claimed in claim 1 based on device-fingerprint collection, it is characterised in that described to be based on described second Characteristic information and first fingerprint identifier match again including:Judge the second feature information and first fingerprint Whether the fingerprint feature information of checking information is consistent.
  7. 7. the verification method gathered such as claim 1 to 6 any one of them based on device-fingerprint, it is characterised in that the spy Reference breath includes:At least one of the hardware attributes of the external equipment, software attributes, behavior property information.
  8. 8. the verification method gathered such as claim 1 to 6 any one of them based on device-fingerprint, it is characterised in that the spy Reference breath includes:Device operating system, protocol stack and the network state phase extracted from the agreement of the external device data bag The feature of pass.
  9. 9. the verification method gathered such as claim 1 to 6 any one of them based on device-fingerprint, it is characterised in that the spy Reference breath includes:At least one of the unique identification of the external equipment, MAC Address, screen message information.
  10. 10. the verification method gathered based on device-fingerprint such as claim 1 to 6 any one of them, it is characterised in that described the One/second feature information includes:At least one of the hardware attributes of the external equipment, software attributes, behavior property information, The fingerprint feature information includes:At least one of the unique identification of the external equipment, MAC Address, screen message information;
    Judge that the fingerprint feature information step consistent with the first/second characteristic information includes:
    Identify in the unique identification of the external equipment in the first/second characteristic information, MAC Address, screen message At least one information;
    It is compared according to the information identified with the fingerprint feature information.
  11. 11. the verification method as claimed in claim 2 based on device-fingerprint collection, it is characterised in that with the communication of short message Pattern sends the fingerprint identifier and the verification code information.
  12. 12. the verification method as claimed in claim 11 based on device-fingerprint collection, it is characterised in that the short message includes The identifying code URL generated at random, the URL, which is suitable for being directed toward according to the clicking operation of user, to be verified the page and sends institute to server The second feature information and input validation code transferred.
  13. A kind of 13. verification method of user terminal, it is characterised in that including:
    User terminal submits checking request according to the prompting of the verification page to server, and asks hair according to the collection of the verification page Send at least one fisrt feature information;
    At least receive based on the first fingerprint authentication letter transmitted by the verification method based on device-fingerprint collection described in claim 1 Breath;
    Respond first fingerprint identifier and send at least one second feature information.
  14. A kind of 14. verification method of user terminal, it is characterised in that including:
    User terminal submits checking request according to the prompting of the verification page to server, and asks hair according to the collection of the verification page Send at least one fisrt feature information;
    Receive based on described in claim 2 based on device-fingerprint collection verification method transmitted by the first fingerprint identifier and Verification code information;
    Respond first fingerprint identifier and verification code information and send testing at least one second feature information and input Demonstrate,prove code.
  15. 15. the verification method of user terminal as claimed in claim 14, it is characterised in that the first fingerprint authentication letter received Breath and verification code information are sent with the identifying code URL generated at random, described to respond first fingerprint identifier and verification Code information includes:
    Click on the URL and open the verification page;
    The second feature information and input validation code are collected based on the verification page.
  16. 16. the verification method of user terminal as claimed in claim 14, it is characterised in that the user terminal is according to verification page The prompting in face submits checking request to include to server:The Quick Response Code that the user terminal scanning verification page is shown with to Server submits the checking request.
CN201610969894.4A 2016-10-28 2016-10-28 A kind of verification method Pending CN108023865A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610969894.4A CN108023865A (en) 2016-10-28 2016-10-28 A kind of verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610969894.4A CN108023865A (en) 2016-10-28 2016-10-28 A kind of verification method

Publications (1)

Publication Number Publication Date
CN108023865A true CN108023865A (en) 2018-05-11

Family

ID=62084468

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610969894.4A Pending CN108023865A (en) 2016-10-28 2016-10-28 A kind of verification method

Country Status (1)

Country Link
CN (1) CN108023865A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109002555A (en) * 2018-08-09 2018-12-14 郑州市景安网络科技股份有限公司 A kind of ICP puts on record method, apparatus, equipment and readable storage medium storing program for executing

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011063014A1 (en) * 2009-11-17 2011-05-26 Secureauth Corporation Single sign on with multiple authentication factors
CN102347929A (en) * 2010-07-28 2012-02-08 阿里巴巴集团控股有限公司 Verification method of user identity and apparatus thereof
CN102413074A (en) * 2011-11-30 2012-04-11 向进轮 Method for detecting login of instant messenger terminal in another place
CN102664903A (en) * 2012-05-16 2012-09-12 李明 Network user identifying method and system
CN103024706A (en) * 2013-01-10 2013-04-03 甘肃省科学技术情报研究所 Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication
CN104601602A (en) * 2015-02-26 2015-05-06 北京成众志科技有限公司 Terminal device network security enhanced access and authentication method
CN105991590A (en) * 2015-02-15 2016-10-05 阿里巴巴集团控股有限公司 Method and system for verifying user identity, client, and server

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011063014A1 (en) * 2009-11-17 2011-05-26 Secureauth Corporation Single sign on with multiple authentication factors
CN102347929A (en) * 2010-07-28 2012-02-08 阿里巴巴集团控股有限公司 Verification method of user identity and apparatus thereof
CN102413074A (en) * 2011-11-30 2012-04-11 向进轮 Method for detecting login of instant messenger terminal in another place
CN102664903A (en) * 2012-05-16 2012-09-12 李明 Network user identifying method and system
CN103024706A (en) * 2013-01-10 2013-04-03 甘肃省科学技术情报研究所 Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication
CN105991590A (en) * 2015-02-15 2016-10-05 阿里巴巴集团控股有限公司 Method and system for verifying user identity, client, and server
CN104601602A (en) * 2015-02-26 2015-05-06 北京成众志科技有限公司 Terminal device network security enhanced access and authentication method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109002555A (en) * 2018-08-09 2018-12-14 郑州市景安网络科技股份有限公司 A kind of ICP puts on record method, apparatus, equipment and readable storage medium storing program for executing

Similar Documents

Publication Publication Date Title
CN101465735B (en) Network user identification verification method, server and client terminal
CN102790674B (en) Auth method, equipment and system
KR102214247B1 (en) Method and apparatus for service implementation
CN108989346B (en) Third-party valid identity escrow agile authentication access method based on account hiding
CN106850209A (en) A kind of identity identifying method and device
CN106657068A (en) Login authorization method and device, login method and device
CN109889469B (en) Short message verification method, device, storage medium, short message verification system and terminal
CN103986584A (en) Double-factor identity verification method based on intelligent equipment
CN108259502A (en) For obtaining the identification method of interface access rights, server-side and storage medium
CN105323253A (en) Identity verification method and device
CN106911661A (en) A kind of short-message verification method, device, client, server and system
CN102105920A (en) Method and system for securing communication sessions
CN103607416A (en) Method and application system for authenticating identity of network terminal machine
US20180374093A1 (en) Method for sending digital information
CN105162774B (en) Virtual machine entry method, the virtual machine entry method and device for terminal
CN101051905A (en) Agent identity certificiation method
CN105786581A (en) Multistage server and method for network data operation
CN110175439A (en) User management method, device, equipment and computer readable storage medium
CN107835162B (en) Software digital permit server gives the method and software digital permit server that permission is signed and issued in the license of software developer's software digital
CN104618356B (en) Auth method and device
CN206962826U (en) Identity authorization system based on FIDO U2F double factor fingerprint recognitions
CN104469736B (en) A kind of data processing method, server and terminal
CN108834147A (en) Examine WiFi cipher safety method, apparatus, computer equipment and storage medium
CN107580002A (en) Double factor authentication safety management machine login system and method
CN112995227B (en) One-stop information service platform based on three-party credit management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180511