CN108512660A - The verification method of virtual card - Google Patents

The verification method of virtual card Download PDF

Info

Publication number
CN108512660A
CN108512660A CN201810268668.2A CN201810268668A CN108512660A CN 108512660 A CN108512660 A CN 108512660A CN 201810268668 A CN201810268668 A CN 201810268668A CN 108512660 A CN108512660 A CN 108512660A
Authority
CN
China
Prior art keywords
verification
data
network
user
virtual card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810268668.2A
Other languages
Chinese (zh)
Other versions
CN108512660B (en
Inventor
蔡燕
何欧翔
颜星
邵飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Zhongyu Education Card Application Big Data Engineering Research Co Ltd
Hunan East Hualong Mdt Infotech Ltd
Original Assignee
Hunan Zhongyu Education Card Application Big Data Engineering Research Co Ltd
Hunan East Hualong Mdt Infotech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Zhongyu Education Card Application Big Data Engineering Research Co Ltd, Hunan East Hualong Mdt Infotech Ltd filed Critical Hunan Zhongyu Education Card Application Big Data Engineering Research Co Ltd
Priority to CN201810268668.2A priority Critical patent/CN108512660B/en
Publication of CN108512660A publication Critical patent/CN108512660A/en
Application granted granted Critical
Publication of CN108512660B publication Critical patent/CN108512660B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
    • G06K17/0022Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The present invention provides a kind of verification methods of virtual card;Wherein, this method is applied to preserve the intelligent terminal of virtual card, and virtual card includes user base verify data and network identity validation data, and this method includes:If receiving the checking request of virtual card, the corresponding verification mode of the checking request is parsed;Verification mode includes basic verification mode and network verification mode;If the verification mode is basic verification mode, the first verification is generated according to user base verify data and is identified, the user of virtual card is verified using the first verification mark;If the verification mode is network verification mode, generates the second verification according to network identity validation data and identify, the user of virtual card is verified using the second verification mark.Which improves the application security of virtual card by the verification mode of a variety of virtual cards of offer.

Description

The verification method of virtual card
Technical field
The present invention relates to computer application technologies, more particularly, to a kind of verification method of virtual card.
Background technology
With the development of science and technology, people become increasingly popular to use various types of virtual cards in routine use.It is common Virtual card have electronic ID card, electronic driving license, virtual credit card, electronics social security card etc..Some virtual cards are mainly used for identity Certification, some virtual cards are mainly used for merchandising, and virtual card also has both both functions.
For existing virtual card substantially based on short message verification code or ID card information verification, verification mode is more single One, virtual card application security is poor.
Invention content
In view of this, the purpose of the present invention is to provide a kind of verification method of virtual card, to improve the application of virtual card Safety.
In a first aspect, an embodiment of the present invention provides a kind of verification method of virtual card, this method is applied to preserve void The intelligent terminal of quasi- card, virtual card includes user base verify data and network identity validation data, and this method includes:If connect The checking request for receiving virtual card parses the corresponding verification mode of the checking request;Verification mode include basic verification mode and Network verification mode;If the verification mode is basic verification mode, the first verification is generated according to user base verify data and is identified, The user of virtual card is verified using the first verification mark;If the verification mode is network verification mode, according to network body Part verify data generates the second verification mark, identifies using the second verification and is verified to the user of virtual card.
With reference to first aspect, an embodiment of the present invention provides the first possible embodiments of first aspect, wherein should Method further includes:If receiving the application request of the virtual card of user, the user base verify data of the user is obtained;According to User base verify data asks corresponding server log on certificate data to application;Obtain the application identity number of user According to;Application identity data include the biological characteristic of the user;It includes user base verify data and network to be generated for the user The virtual card of certificate data, network identity validation data include:Network credentials data and application identity data.
With reference to first aspect, an embodiment of the present invention provides second of possible embodiments of first aspect, wherein on The step of the first verification mark is generated according to user base verify data is stated, including:It extracts and uses from user base verify data Family identification information, User Identity information include at least one of following information:Plaintext identity information, private identity Information and entity card information;Using the plaintext of the User Identity information of extraction or code text as the first verification mark.
With reference to first aspect, an embodiment of the present invention provides the third possible embodiments of first aspect, wherein net Network certificate data includes:Network credentials data and application identity data;It is above-mentioned to generate the according to network identity validation data The step of two verification marks, including:Based in network identity validation data network credentials data and/or application identity data life It is identified at the second verification.
The third possible embodiment with reference to first aspect, an embodiment of the present invention provides the 4th kind of first aspect Possible embodiment, wherein the network credentials data in the above-mentioned data based on network identity validation and/or application identity data The step of generating the second verification mark, including:If network verification mode is two-dimentional code authentication, sent out to the server of the virtual card Quick Response Code is sent to obtain request;Receive the random number that server returns, the network credentials data in application network certificate data And/or application identity data sign to random number, obtain certificate signature;By certificate signature be sent to server carry out signature test Card;Receive server return Quick Response Code, the Quick Response Code be server after signature verification passes through, according to the card of the virtual card believe What breath generated;Using the Quick Response Code as the second verification mark.
With reference to first aspect, an embodiment of the present invention provides the 5th kind of possible embodiments of first aspect, wherein should Method further includes:If the first verification mark or the second verification mark receive next checking request by verification, continue Subsequent authentication is carried out according to the corresponding verification mode of next checking request, until the user's checking for completing virtual card.
Second aspect, an embodiment of the present invention provides a kind of verification device of virtual card, which, which is set to, preserves void The intelligent terminal of quasi- card, virtual card includes user base verify data and network identity validation data, which includes:Authentication Formula parsing module, if the checking request for receiving virtual card, the corresponding verification mode of parsing checking request;Verification mode Including basic verification mode and network verification mode;Basic authentication module, if being basic verification mode, root for the verification mode The first verification mark is generated according to user base verify data, the user of virtual card is verified using the first verification mark;Net Network authentication module generates the second verification according to network identity validation data and marks if being network verification mode for the verification mode Know, the user of virtual card is verified using the second verification mark.
In conjunction with second aspect, an embodiment of the present invention provides the first possible embodiments of second aspect, wherein on Basic authentication module is stated to be additionally operable to:User Identity information, User Identity letter are extracted from user base verify data Breath includes at least one of following information:Plaintext identity information, private identity information and entity card information;By the user of extraction The plaintext or code text of identification information are as the first verification mark.
In conjunction with second aspect, an embodiment of the present invention provides second of possible embodiments of second aspect, wherein net Network certificate data includes:Network credentials data and application identity data;Above-mentioned network verification module is additionally operable to:Based on network Network credentials data and/or application identity data in certificate data generate the second verification mark.
In conjunction with second aspect, an embodiment of the present invention provides the third possible embodiments of second aspect, wherein on Stating device further includes:Multidimensional authentication module, if for the first verification mark or the second verification mark by verification, and receive Next checking request continues to carry out subsequent authentication according to the corresponding verification mode of next checking request, until completing virtual Until the user's checking of card.
The embodiment of the present invention brings following advantageous effect:
An embodiment of the present invention provides a kind of verification method of virtual card and devices, applied to the intelligence for preserving virtual card Terminal is tested by including user base verify data and network identity validation data in virtual card based on the verification mode When card mode, the user of virtual card is verified according to user base verify data;It is network verification side in the verification mode Formula verifies the user of virtual card according to network identity validation data, enables difference of the virtual card according to verification mode, It provides different data to be verified, and then extends the diversity of virtual card verification mode, alleviate existing virtual card verification The single problem of mode.In addition, this multifarious verification mode, data preferably can be chosen according to verification mode and are carried out Verification, therefore improve the application security of virtual card.
Other features and advantages of the present invention will illustrate in the following description, alternatively, Partial Feature and advantage can be with Deduce from specification or unambiguously determine, or by implement the present invention above-mentioned technology it can be learnt that.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, better embodiment cited below particularly, and match Appended attached drawing is closed, is described in detail below.
Description of the drawings
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art are briefly described, it should be apparent that, in being described below Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor It puts, other drawings may also be obtained based on these drawings.
Fig. 1 is a kind of flow chart of the verification method of virtual card provided in an embodiment of the present invention;
Fig. 2 is the flow chart of the verification method of another virtual card provided in an embodiment of the present invention;
Fig. 3 is the flow chart for the method that Quick Response Code verification mark is generated in network verification provided in an embodiment of the present invention;
Fig. 4 is virtual card internal storage data partitioned storage schematic diagram provided in an embodiment of the present invention;
Fig. 5 is provided in an embodiment of the present invention another in network verification, generates the method for Quick Response Code verification mark Flow chart;
Fig. 6 is a kind of structural schematic diagram of the verification device of virtual card provided in an embodiment of the present invention.
Specific implementation mode
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention Technical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather than Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise Lower obtained every other embodiment, shall fall within the protection scope of the present invention.
The verification mode of virtual card is relatively simple at present, and application security is poor, is based on this, provided in an embodiment of the present invention A kind of verification method and device of virtual card, can be applied to the intelligent terminal for preserving virtual card.
For ease of understanding the present embodiment, the authentication first to a kind of virtual card disclosed in the embodiment of the present invention Method describes in detail.
A kind of flow chart of the verification method of virtual card shown in Figure 1, this method are applied to preserve virtual card Intelligent terminal, the intelligent terminal can be the intelligent communications equipment such as mobile phone, can also be palm intelligent equipment (such as PAD etc.) or Computer etc., or can also be wearable device, no longer citing repeats one by one here.Virtual card in the embodiment of the present invention can be with Including user base verify data and network identity validation data, wherein user base verify data may include name, identity General information, these information such as card number, working information are all the identification informations of user's actual identity.And network identity validation number It is signed and issued to according to the network credentials that issue of server that may include virtual card, such as " Ministry of Public Security citizen network identity identifying system " The network identity of citizen identifies;Network identity validation data can also include and hold virtual card user biological identification (example Such as fingerprint, vocal print, face characteristic ...).
As shown in Figure 1, this approach includes the following steps:
Step S100 parses the corresponding verification mode of the checking request if receiving the checking request of virtual card;Verification Mode includes basic verification mode and network verification mode.
It generally requires and is verified before using virtual card;When using purpose difference, safety coefficient difference can be used Verification mode.Based on this, the embodiment of the present invention divides verification mode for basic verification mode and network verification mode, In, the safety coefficient of basic verification mode is relatively low, and the safety coefficient of network verification mode is higher.Certainly, verification mode is specifically drawn Point both can be not limited to, finer division can be carried out according to safety requirements, such as be divided into three kinds of modes or more Various ways, the embodiment of the present invention is to this without limiting.
Step S102 generates the first verification if the verification mode is basic verification mode according to user base verify data Mark verifies the user of virtual card using the first verification mark.
Above-mentioned user base verify data can be preserved when applying for virtual card, such as:User is in application virtual card When, intelligent terminal provides these information to server, simultaneously, it is contemplated that some information in user base verify data may relate to And the privacy content to user, intelligent terminal can treat the data in user base verify data with a certain discrimination, such as by privacy Equal coded treatments, in an encoded form in locally stored memory block, for non-privacy information then stored in clear.
During generating the first verification mark according to user base verify data, it may be used in existing coding mode One or more combination producings such as carry out operation generation Hash codes, as the using hash algorithm to user base verify data One verification mark can also be used directly using user base verify data as the first verification mark.
First verification mark can be bar code, Quick Response Code or other information mark, generally have timeliness.
Step S104 generates the second verification if the verification mode is network verification mode according to network identity validation data Mark verifies the user of virtual card using the second verification mark.
The generating process of second verification mark can also use existing coding to realize, the second verification mark can be bar shaped Code, Quick Response Code or other information mark, generally have timeliness.
The verification of above application first mark or the second verification mark verify the user of virtual card, can be tested first Card mark or second verification mark be supplied to the sender of above-mentioned checking request to verify, can also by first verification mark or Second verification mark is supplied to and is verified with the above-mentioned related third party of checking request sender, to this present invention without It limits.
Usual authentication can generate the first verification mark according to the virtual card information locally preserved or the second verification identifies, The verification of application first mark or second provided with intelligent terminal with the verification of application first mark or the second verification mark of generation Verification mark is compared, and then whether verify user identity legal.
An embodiment of the present invention provides a kind of verification method of virtual card, this method is applied to preserve the intelligence of virtual card Terminal is tested by including user base verify data and network identity validation data in virtual card based on the verification mode When card mode, the user of virtual card is verified according to user base verify data;It is network verification side in the verification mode Formula verifies the user of virtual card according to network identity validation data, enables difference of the virtual card according to verification mode, It provides different data to be verified, and then extends the diversity of virtual card verification mode, alleviate existing virtual card verification The single problem of mode.In addition, this multifarious verification mode, data preferably can be chosen according to verification mode and are carried out Verification, therefore improve the application security of virtual card
The flow chart of the verification method of another virtual card shown in Figure 2, this method method basis shown in Fig. 1 On realize, include the following steps:
Step S200 parses the corresponding verification mode of the checking request if receiving the checking request of virtual card.
Step S202 extracts user identity if the verification mode is basic verification mode from user base verify data Identification information, User Identity information include at least one of following information:Plaintext identity information, private identity information and Entity card information;Using the plaintext of the User Identity information of extraction or code text as the first verification mark, using the first verification Mark verifies the user of virtual card.
Specifically, cleartext information generally comprises ESN (Electronic Serial Number Electronic Serial Numbers) and identity Type etc..Relatively low with the information privacy that plaintext is shown, information leakage will not cause damages substantially.Private identity includes mainly Name, ID card No. etc. have certain confidentiality, are shown generically as coded graphics when being identified as verification.Entity card Information includes card number and related identification information of the entity card bound with virtual card etc., such as the entity card packet of virtual education card The card number of the card of education containing entity and student status number etc..When registering virtual card, above-mentioned three category information passes through corresponding official information Verification.Under normal conditions, basis verification mainly verifies the information such as name, ID card No., so that it is determined that holder Identity.
Step S204, if the verification mode is network verification mode, based on the network credentials in network identity validation data Data and/or application identity data generate the second verification mark, are verified to the user of virtual card using the second verification mark; Wherein, network identity validation data include:Network credentials data and application identity data.
Specifically, network credentials data include network identification card etc., and application identity data include portrait, vocal print, fingerprint etc. Biological characteristic also includes social security information, medical insurance information etc..Wherein, biological attribute data is primarily present the application identity of virtual card Area, can also be by the way of local data verification;User only needs to acquire biological information and virtual card by certain rule Interior information is compared, and comparison is by then completing authentication function.Application identity information shows virtual card tool, and there are one industries Attribute, such as electronics social security card, Web education card, electronic driving license etc., this identity can be used for entire industry, such as social security Buy medicine, retired pay is got.
It is above-mentioned second verification mark if it is Quick Response Code, the generating process of the Quick Response Code is shown in Figure 3, specifically include with Lower step:
Step S300 sends Quick Response Code to the server of the virtual card and obtains if network verification mode is two-dimentional code authentication Take request.
Specifically, server is after receiving Quick Response Code and obtaining request, generation random number, generally 32;Server pair After the random number is preserved, intelligent terminal is sent it to.
Step S302 receives the random number that server returns, the network credentials data in application network certificate data And/or application identity data sign to random number, obtain certificate signature.
Specifically, after the random number for receiving server return, corresponding information input interface is generated;Receive user's input Information, using the information to random number sign, obtain signature result;Above-mentioned signature is construed as a kind of algorithm for encryption, Algorithm used is the algorithm with server commitment, and signature result is also a kind of arithmetic result.
Certificate signature is sent to server and carries out signature verification by step S304;The Quick Response Code that server returns is received, it should Quick Response Code be server after signature verification passes through, according to the card information of the virtual card generate.
Specifically, certificate signature or arithmetic result are sent to server to verify, server carries out the signature Verification;Be essentially using agreement algorithm carry out inverse operation, obtain random number, by random number with preserved in server it is initial Random number is compared, if unanimously, be verified;After being verified, server is by the information of virtual card according to a set pattern Quick Response Code is then generated, intelligent terminal is sent to.
Step S306 is identified the Quick Response Code as the second verification.
After receiving the Quick Response Code, other authenticating parties can be displayed it to, carry out authentication.
In practical application, this method further includes being registered to virtual card, row information of going forward side by side typing, specifically by following manner It realizes:
(1) if receiving the application request of the virtual card of user, the user base verify data of the user is obtained;
(2) corresponding server log on certificate data is asked to application according to user base verify data;It obtains and uses The application identity data at family;Application identity data include the biological characteristic of the user;
(3) be the user generate include user base verify data and network identity validation data virtual card, network Certificate data includes:Network credentials data and application identity data.
Referring specifically to virtual card internal storage data partitioned storage schematic diagram shown in Fig. 4, the virtual card is to educate respective fictional It is illustrated for card, after user's registration virtual card, the data in virtual card include mainly three classes:Base identity data (are schemed Data in frame where middle base identity), network identity data (data i.e. in figure in frame where network identity) and using body Part data (data i.e. in figure in frame where application identity), the virtual card of the present embodiment is carried out for being divided into three subregions Illustrate, these three subregions are respectively used to storage and base identity, network identity and the relevant data of application identity, base identity phase The data of pass generally comprise ESN (Electronic Serial Number, Electronic Serial Number), identity type, name, identity card Number, student status number etc., these data are equivalent to the user base verify data in above-described embodiment;Wherein, ESN and identity type Generally to show in plain text, also referred to as cleartext information;Name and ID card No. are shown as privacy information in the form of code text; Student status number is corresponding with entity card information.The relevant data of network identity generally comprise integrated certificate, net card and EID (or writing EID, electronic IDentity, electronic identifications) etc.;These identity datas are with certificate data, net card data and eID The form of mark is stored in the corresponding subregion of network identity.The relevant data of application identity include mainly personal characteristics, social security body Part and education identity etc.;Personal characteristics may include portrait, vocal print and fingerprint etc.;The content of social security identity include social security number and Password etc..Above-mentioned network identity and application identity correspond to the data in subregion and are equivalent to above-mentioned network identity validation data.It is above-mentioned Multiple subregions all contain identity information, and when carrying out authentication, more than one identity number can be selected from these subregions According to being verified respectively, this multimode verification mode is also referred to as various dimensions certification.
Virtual card is after being bound with entity card, in store corresponding with virtual card in the corresponding server-side of the virtual card The information of entity card, such as electronic driving license;The another kind of the virtual card is directed in network verification, generates Quick Response Code verification mark The flow chart of the method for knowledge is as shown in figure 5, in the figure, being related to user, virtual card (i.e. intelligent terminal) and server-side and (taking Business device) three, include the following steps:
Step S500, user initiate identity Quick Response Code and generate request;
Step S502, intelligent terminal receive application request, initiate to generate the request of identity Quick Response Code to server-side;
Step S504, server-side generate and preserve 32 random numbers, which is back to intelligent terminal;
The certificate of step S506, intelligent terminal network identity area sign to random number;In practical applications, it can also be used Other personalized identity documents of virtual card memory area carry out operation to random number, obtain operation result;
The personal information in base identity area and signature value are returned to server-side by step S508, intelligent terminal;Or by base The personal information in plinth identity area and above-mentioned operation result are returned to server-side;
Step S510, the validity of server authentication signature value;If being verified, believed according to the individual in base identity area Breath inquiry correspondent entity card information, and two-dimensional code data is generated by certain rule, send data to intelligent terminal;Actually answering In, when server receives operation result, operation result is verified, if being verified, according to base identity area Personal information inquire correspondent entity card information, and generate two-dimensional code data by certain rule, send data to intelligent terminal;
Step S512, intelligent terminal obtain two-dimensional code data, generate Quick Response Code;
Quick Response Code is supplied to authenticating party by step S514, user, realizes authentication.
When the user for holding electronic driving license is required to show driving license, you can Quick Response Code is generated using the above method, Show the Quick Response Code, with the driving authentication of realization.
This method provides a plurality of types of data for the verification of virtual card;By above-mentioned data, in addition to single identity Information Authentication is demonstrate,proved, human face scanning certification, iris recognition certification, electron underwriting authentication, the certification of identity card copy, short can also be carried out Believe certification, eid certifications, fingerprint recognition certification, finger vein biometric identification etc.;Meanwhile when the demand for security of checking request is higher When, any two or two kinds or more of authentication mode combined authentication can also be used, such as while carrying out face verification, together When verification fingerprint, iris, vocal print etc., avoid the security risk of similar photo attack, establish a safer identity and recognize Card system, almost can completely avoid the problem of identity is falsely used.
For the higher scene of security requirement, one-time authentication is not sufficient to ensure that its safety, it may be considered that introduces multidimensional Verification mode is verified, i.e., server repeatedly issues different checking requests, and each checking request specifically indicates this verification Verification mode and the corresponding specific verification means of the verification mode, such as:The verification mode of first time checking request is net Recognition of face is verified in network verification mode, after intelligent terminal receives first time checking request, transfers the face number on virtual card According to the second verification mark is generated, the recognition of face for carrying out user using the second verification mark is verified.If recognition of face is verified Pass through, server can also continue to issue second of checking request, and the verification mode of second of checking request can be that network is tested Fingerprint recognition verification in card mode, similarly, after intelligent terminal receives second of checking request, transfers the fingerprint on virtual card Data generate this second verification mark, and the fingerprint recognition that user is carried out using this second verification mark is verified.With this Analogize, until the verification of setting means passes through, determines that the user of the intelligent terminal is legal.
Based on above-mentioned multidimensional verification mode, the above method further includes:If the first verification mark or the second verification mark are logical Verification is crossed, and receives next checking request, continuation is subsequently tested according to the corresponding verification mode of next checking request Card, until the user's checking for completing virtual card.By this multidimensional verification mode, virtual card verification can be greatly promoted Safety.
A kind of structural schematic diagram of the verification device of virtual card shown in Figure 6, which, which is set to, preserves virtually The intelligent terminal of card, virtual card include user base verify data and network identity validation data, which includes:Verification mode Parsing module 600, if the checking request for receiving virtual card, the corresponding verification mode of parsing checking request;Authentication Formula includes basic verification mode and network verification mode;Basic authentication module 602, if being basic authentication for the verification mode Formula generates the first verification according to user base verify data and identifies, tested the user of virtual card using the first verification mark Card;Network verification module 604 generates the if being network verification mode for the verification mode according to network identity validation data Two verification marks verify the user of virtual card using the second verification mark.
Further, above-mentioned basic authentication module is additionally operable to:User Identity is extracted from user base verify data Information, User Identity information include at least one of following information:Plaintext identity information, private identity information and entity Card information;Using the plaintext of the User Identity information of extraction or code text as the first verification mark.
Under normal conditions, network identity validation data include:Network credentials data and application identity data;Above-mentioned network is tested Card module is additionally operable to:Based in network identity validation data network credentials data and/or application identity data generate and second test Card mark.
Further, above-mentioned apparatus further includes multidimensional authentication module, if for the first verification mark or the second verification mark Know through verification, and receive next checking request, continues after being carried out according to the corresponding verification mode of next checking request Continuous verification, until the user's checking for completing virtual card.
A kind of verification device of virtual card provided in an embodiment of the present invention, a kind of virtual card provided with above-described embodiment Verification method technical characteristic having the same reaches identical technique effect so can also solve identical technical problem.
A kind of verification method for virtual card that the embodiment of the present invention is provided and the computer program product of device, including deposit The computer readable storage medium of program code is stored up, the instruction that said program code includes can be used for executing previous methods and implement Method described in example, specific implementation can be found in embodiment of the method, and details are not described herein.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description And/or the specific work process of device, it can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
In addition, in the description of the embodiment of the present invention unless specifically defined or limited otherwise, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can Can also be electrical connection to be mechanical connection;It can be directly connected, can also indirectly connected through an intermediary, Ke Yishi Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in invention.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in a computer read/write memory medium.Based on this understanding, technical scheme of the present invention is substantially in other words The part of the part that contributes to existing technology or the technical solution can be expressed in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention. And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic disc or CD.
In the description of the present invention, it should be noted that term "center", "upper", "lower", "left", "right", "vertical", The orientation or positional relationship of the instructions such as "horizontal", "inner", "outside" be based on the orientation or positional relationship shown in the drawings, merely to Convenient for the description present invention and simplify description, do not indicate or imply the indicated device or element must have a particular orientation, With specific azimuth configuration and operation, therefore it is not considered as limiting the invention.In addition, term " first ", " second ", " third " is used for description purposes only, and is not understood to indicate or imply relative importance.
Finally it should be noted that:Embodiment described above, only specific implementation mode of the invention, to illustrate the present invention Technical solution, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair It is bright to be described in detail, it will be understood by those of ordinary skill in the art that:Any one skilled in the art In the technical scope disclosed by the present invention, it can still modify to the technical solution recorded in previous embodiment or can be light It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make The essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover the protection in the present invention Within the scope of.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. a kind of verification method of virtual card, which is characterized in that the method is applied to preserve the intelligent terminal of virtual card, institute It includes user base verify data and network identity validation data to state virtual card, the method includes:
If receiving the checking request of virtual card, the corresponding verification mode of the checking request is parsed;The verification mode packet Include basic verification mode and network verification mode;
If the verification mode is the basic verification mode, the first verification is generated according to the user base verify data and is marked Know, the user of the virtual card is verified using the first verification mark;
If the verification mode is the network verification mode, generates the second verification according to the network identity validation data and mark Know, the user of the virtual card is verified using the second verification mark.
2. according to the method described in claim 1, it is characterized in that, the method further includes:
If receiving the application request of the virtual card of user, the user base verify data of the user is obtained;
According to the user base verify data corresponding server log on certificate data is asked to the application;
Obtain the application identity data of the user;The application identity data include the biological characteristic of the user;
Include the virtual card of the user base verify data and network identity validation data, the net for user generation Network certificate data includes:The network credentials data and the application identity data.
3. according to the method described in claim 1, it is characterized in that, described generate first according to the user base verify data The step of verification mark, including:
User Identity information is extracted from the user base verify data, the User Identity information includes following At least one of information:Plaintext identity information, private identity information and entity card information;
Using the plaintext of the User Identity information of extraction or code text as the first verification mark.
4. according to the method described in claim 1, it is characterized in that, the network identity validation data include:Network credentials number According to application identity data;
It is described to generate the step of the second verification identifies according to the network identity validation data, including:Based on the network identity Network credentials data and/or application identity data in verify data generate the second verification mark.
5. according to the method described in claim 4, it is characterized in that, the network based in the network identity validation data Certificate data and/or application identity data generate the step of the second verification mark, including:
If the network verification mode is two-dimentional code authentication, sends Quick Response Code to the server of the virtual card and obtain request;
Receive the random number that the server returns, using in the network identity validation data network credentials data and/or Application identity data sign to the random number, obtain certificate signature;
The certificate signature is sent to the server and carries out signature verification;
Receive the Quick Response Code that the server returns, the Quick Response Code is the server after signature verification passes through, according to institute State the card information generation of virtual card;
Using the Quick Response Code as the second verification mark.
6. according to the method described in claim 1, it is characterized in that, the method further includes:
If the first verification mark or the second verification mark receive next checking request by verification, after It is continuous that subsequent authentication is carried out according to the corresponding verification mode of the next checking request, until the user for completing the virtual card tests Until card.
7. a kind of verification device of virtual card, which is characterized in that described device is set to the intelligent terminal for preserving virtual card, institute It includes user base verify data and network identity validation data to state virtual card, and described device includes:
Verification mode parsing module parses that the checking request is corresponding to be tested if the checking request for receiving virtual card Card mode;The verification mode includes basic verification mode and network verification mode;
Basic authentication module verifies number if being the basic verification mode for the verification mode according to the user base According to the first verification mark is generated, the user of the virtual card is verified using the first verification mark;
Network verification module, if being the network verification mode for the verification mode, according to the network identity validation number According to the second verification mark is generated, the user of the virtual card is verified using the second verification mark.
8. device according to claim 7, which is characterized in that the basis authentication module is additionally operable to:
User Identity information is extracted from the user base verify data, the User Identity information includes following At least one of information:Plaintext identity information, private identity information and entity card information;
Using the plaintext of the User Identity information of extraction or code text as the first verification mark.
9. device according to claim 7, which is characterized in that the network identity validation data include:Network credentials number According to application identity data;
The network verification module is additionally operable to:Based in the network identity validation data network credentials data and/or application Identity data generates the second verification mark.
10. device according to claim 7, which is characterized in that described device further includes:
Multidimensional authentication module, if for the first verification mark or the second verification mark by verification, and receive Next checking request continues to carry out subsequent authentication according to the corresponding verification mode of the next checking request, until completing Until the user's checking of the virtual card.
CN201810268668.2A 2018-03-28 2018-03-28 Virtual card verification method Active CN108512660B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810268668.2A CN108512660B (en) 2018-03-28 2018-03-28 Virtual card verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810268668.2A CN108512660B (en) 2018-03-28 2018-03-28 Virtual card verification method

Publications (2)

Publication Number Publication Date
CN108512660A true CN108512660A (en) 2018-09-07
CN108512660B CN108512660B (en) 2021-03-16

Family

ID=63378998

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810268668.2A Active CN108512660B (en) 2018-03-28 2018-03-28 Virtual card verification method

Country Status (1)

Country Link
CN (1) CN108512660B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109493058A (en) * 2018-12-14 2019-03-19 深圳壹账通智能科技有限公司 A kind of personal identification method and relevant device based on block chain
CN110955858A (en) * 2019-11-12 2020-04-03 广州大白互联网科技有限公司 Information management method of network license platform
CN112416648A (en) * 2020-06-03 2021-02-26 上海哔哩哔哩科技有限公司 Data verification method and device
CN113255505A (en) * 2021-05-20 2021-08-13 中国联合网络通信集团有限公司 Certificate photo generation method, device, equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9135425B2 (en) * 2012-11-28 2015-09-15 Arnold Yau Method and system of providing authentication of user access to a computer resource on a mobile device
CN105429760A (en) * 2015-12-01 2016-03-23 神州融安科技(北京)有限公司 Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment)
CN105450416A (en) * 2014-09-01 2016-03-30 阿里巴巴集团控股有限公司 Security authentication method and apparatus
CN106372483A (en) * 2016-08-31 2017-02-01 厦门中控生物识别信息技术有限公司 Information verification method and system
CN107204974A (en) * 2017-04-14 2017-09-26 努比亚技术有限公司 The management method and mobile terminal of a kind of user cipher
CN107592308A (en) * 2017-09-13 2018-01-16 西安电子科技大学 A kind of two server multiple-factor authentication method towards mobile payment scene

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9135425B2 (en) * 2012-11-28 2015-09-15 Arnold Yau Method and system of providing authentication of user access to a computer resource on a mobile device
CN105450416A (en) * 2014-09-01 2016-03-30 阿里巴巴集团控股有限公司 Security authentication method and apparatus
CN105429760A (en) * 2015-12-01 2016-03-23 神州融安科技(北京)有限公司 Method and system for identity verification of digital certificate based on TEE (Trusted Execution Environment)
CN106372483A (en) * 2016-08-31 2017-02-01 厦门中控生物识别信息技术有限公司 Information verification method and system
CN107204974A (en) * 2017-04-14 2017-09-26 努比亚技术有限公司 The management method and mobile terminal of a kind of user cipher
CN107592308A (en) * 2017-09-13 2018-01-16 西安电子科技大学 A kind of two server multiple-factor authentication method towards mobile payment scene

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109493058A (en) * 2018-12-14 2019-03-19 深圳壹账通智能科技有限公司 A kind of personal identification method and relevant device based on block chain
CN110955858A (en) * 2019-11-12 2020-04-03 广州大白互联网科技有限公司 Information management method of network license platform
CN112416648A (en) * 2020-06-03 2021-02-26 上海哔哩哔哩科技有限公司 Data verification method and device
CN113255505A (en) * 2021-05-20 2021-08-13 中国联合网络通信集团有限公司 Certificate photo generation method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN108512660B (en) 2021-03-16

Similar Documents

Publication Publication Date Title
US20220058655A1 (en) Authentication system
CN109657446B (en) System and method for providing blockchain based multi-factor personal identity verification
CN107888557B (en) Method and system for generating protocol file
CN103729341B (en) The method and apparatus of positioning electronic seal and the device for realizing E-seal
CN108512660A (en) The verification method of virtual card
EP3382587B1 (en) Identity authentication using a barcode
CN110287682A (en) A kind of login method, apparatus and system
KR100548638B1 (en) Creating and authenticating one time password using smartcard and the smartcard therefor
CN110326251A (en) The system and method that the general dispersion solution of user is verified using cross validation feature are provided
CN109598663A (en) There is provided and obtain the method and device of secure identity information
CN106600717B (en) A kind of method, system and smart machine based on the networking ticket checking of user terminal interface
CN106060078B (en) User information encryption method, register method and verification method applied to cloud platform
CN107294900A (en) Identity registration method and apparatus based on biological characteristic
CN103310141B (en) Credential information monitoring administration method and system
CN107231331A (en) Obtain, issue the implementation method and device of electronic certificate
CN103310254B (en) A kind of safety anti-fake voucher and preparation method thereof
CN109829317A (en) A kind of method, apparatus and system generating electronic contract based on handwritten signature picture
CN103810588A (en) Electronic seal system and electronic seal
KR101897085B1 (en) Apparatus and method for generating a realtime password and storage medium
US8601270B2 (en) Method for the preparation of a chip card for electronic signature services
CN110324344A (en) The method and device of account information certification
CN109409110A (en) A kind of electronic document signature method, device, equipment and readable medium
CN107332668A (en) A kind of method and apparatus for handling encrypted message
CN113934993A (en) Electronic seal based on electronic handwriting signature technology
CN113255505A (en) Certificate photo generation method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant