CN109039990A - The method and device of behavior verifying is carried out based on identifying code - Google Patents
The method and device of behavior verifying is carried out based on identifying code Download PDFInfo
- Publication number
- CN109039990A CN109039990A CN201710427641.9A CN201710427641A CN109039990A CN 109039990 A CN109039990 A CN 109039990A CN 201710427641 A CN201710427641 A CN 201710427641A CN 109039990 A CN109039990 A CN 109039990A
- Authority
- CN
- China
- Prior art keywords
- identifying code
- terminal
- public key
- sent
- verifying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
Abstract
The invention discloses a kind of method and devices that behavior verifying is carried out based on identifying code, belong to Internet technical field.Method includes: the identifying code for obtaining terminal, and identifying code is generated and sent by server to terminal;It obtains the confirmation to identifying code to instruct, is signed based on the private key in the designated memory space for being stored in electronic equipment to identifying code, generate the first signing messages;By the first signing messages, identifying code and the public key of storage corresponding with private key index are sent to terminal, so that the information that terminal will acquire is sent to server, so that user is without identifying identifying code, only need to issue the confirmation instruction to identifying code to electronic equipment, and since confirmation instruction is to need the people to be operated manually on an electronic device to trigger, and machine is unable to complete trigger process, therefore, as long as server receives confirmation instruction, just the access behavior for determining terminal is manual operation, avoid the situation of the identification mistake to identifying code, improve verification efficiency, accuracy is higher.
Description
Technical field
The present invention relates to Internet technical field, in particular to a kind of method and dress that behavior verifying is carried out based on identifying code
It sets.
Background technique
With the continuous development of Internet technology, some criminals can carry out the visit of some malice using rogue program
It asks, such as brush ticket, continuous login and forum pour water, therefore, in order to confirm that current visitor is machine or people, some nets
Standing-meeting provides authentication mechanism, is verified by the identifying code of display character style or graphic form to visitor.For example, with
In using terminal Website login, website can show the identifying code being made of background and character at family, and user needs to distinguish identifying code
In character and be input in corresponding input frame, so that the current accessed behavior of website authentication terminal is manual operation or machine
Operation.For website, the identifying code generated can be made of several frame images, and visually be sought based on several frame images
Produce dynamic effect.Since identification method of the machine to identifying code is more single, machine has dynamic effect in identification
Identifying code when with certain difficulty, be easy to happen mistake, in this way, by verifying input frame in input character it is correct
Property, that is, it can determine whether that the current access behavior of terminal is manual operation or machine operation.
In the implementation of the present invention, the inventor finds that the existing technology has at least the following problems:
For some websites, generate identifying code it is complex, therefore, user identification when identification difficulty compared with
Greatly, there are very high misclassification rates, so that website judges that the current access behavior of terminal is manual operation or machine based on identifying code
Efficiency when device operates is lower, and accuracy is not high.
Summary of the invention
In order to solve problems in the prior art, behavior verifying is carried out based on identifying code the embodiment of the invention provides a kind of
Method and device.The technical solution is as follows:
In a first aspect, providing a kind of method for carrying out behavior verifying based on identifying code, which comprises
The identifying code of terminal is obtained, the identifying code is generated and sent by server to the terminal;
It obtains the confirmation to the identifying code to instruct, based on the private key pair in the designated memory space for being stored in electronic equipment
The identifying code is signed, and the first signing messages is generated;
The public key index of first signing messages, the identifying code and storage corresponding with the private key is sent to institute
Terminal is stated, so that the information that the terminal will acquire is sent to the server, is based on and the private key by the server
Corresponding public key verifies the information that receives, and determines whether the access behavior of the terminal is manual operation.
Technical solution provided in an embodiment of the present invention has the benefit that
Electronic equipment is by obtaining identifying code and instructing to the confirmation of identifying code, based on being stored in the specified of electronic equipment
Private key in memory space signs to identifying code, generate the first signing messages, and by the first signing messages, identifying code and with
The public key index of the corresponding storage of private key is sent to server, so that server verifies the information received, determines terminal
Access behavior whether be manual operation, user is without identifying identifying code, it is only necessary to issue to electronic equipment to identifying code
Confirmation instruction, and since confirmation instruction is to need people to be operated manually on an electronic device to trigger, and machine can not be complete
At above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may determine that the current access behavior of terminal is people
For operation, the situation of the identification mistake to identifying code is avoided, improves verification efficiency, accuracy is higher.
Second aspect provides a kind of method for carrying out behavior verifying based on identifying code, which comprises
The identifying code of server is obtained, the identifying code is generated by the server;
The identifying code is sent to electronic equipment, so that the electronic equipment after receiving the identifying code, obtains
Confirmation instruction to the identifying code, signs to the identifying code based on private key;
Obtain the first signing messages that the electronic equipment is sent after signing to the identifying code;
First signing messages, the identifying code and public key index are sent to the server, so that the clothes
Business device verifies the information received based on public key, determines whether the access behavior of the terminal is manual operation.
Technical solution provided in an embodiment of the present invention has the benefit that
Identifying code is sent to electronic equipment, so that electronic equipment is specified based on being stored in by obtaining identifying code by terminal
Private key in memory space signs to identifying code, generates the first signing messages, and receive the first A.L.S. of electronic equipment
The public key index of first signing messages, identifying code and storage corresponding with private key is sent to server, so as to server docking by breath
The information received is verified, and determines whether the access behavior of terminal is manual operation, and user is not necessarily to identify identifying code,
Only need to issue the confirmation instruction to identifying code to electronic equipment, and since confirmation instruction is that people is needed to carry out hand on an electronic device
Dynamic operation is to trigger, and machine is unable to complete above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may
It determines that the current access behavior of terminal is manual operation, avoids the situation of the identification mistake to identifying code, improve verifying effect
Rate, accuracy are higher.
The third aspect provides a kind of method for carrying out behavior verifying based on identifying code, which comprises
The verifying challenge code request for obtaining terminal, generates identifying code, and the verifying challenge code request is that the terminal determines
It is sent after access electronic equipment;
The identifying code is sent to the terminal, is set so that the identifying code is sent to the electronics by the terminal
It is standby, by the electronic equipment after receiving the identifying code, obtains the confirmation to the identifying code and instruct, based on private key to institute
It states identifying code to sign, generates the first signing messages;
First signing messages, the identifying code and the public key index for obtaining the terminal, are based on the public key rope
Draw determining public key, the information received is verified according to the public key, determines whether the access behavior of the terminal is people
For operation.
Technical solution provided in an embodiment of the present invention has the benefit that
The identifying code of generation is sent to terminal by server, so that identifying code is sent to electronic equipment by terminal, by electronics
Equipment obtains the confirmation to identifying code and instructs, based on the designated memory space for being stored in electronic equipment after receiving identifying code
In private key sign to identifying code, generate the first signing messages, and obtain the first signing messages of terminal, identifying code and
The public key of storage corresponding with private key indexes, and is indexed based on public key and determines public key, verified according to public key to the information received,
Whether the access behavior for determining terminal is manual operation, and user is without identifying identifying code, it is only necessary to issue to electronic equipment
To the confirmation of identifying code instruction, and since confirmation instruction is to need people to be operated manually on an electronic device to trigger, and machine
Device is unable to complete above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may determine the current access of terminal
Behavior is manual operation, avoids the situation of the identification mistake to identifying code, improves verification efficiency, accuracy is higher.
Fourth aspect, provides a kind of device that behavior verifying is carried out based on identifying code, and described device includes:
Module is obtained, for obtaining the identifying code of terminal, the identifying code is generated and sent by server to the terminal;
Signature blocks, for obtaining the instruction of the confirmation to the identifying code, based on the specified storage for being stored in electronic equipment
Private key in space signs to the identifying code, generates the first signing messages;
Sending module, for by the public affairs of first signing messages, the identifying code and storage corresponding with the private key
Key index is sent to the terminal, so that the information that the terminal will acquire is sent to the server, by the server
The information that receives is verified based on public key corresponding with the private key, determine the terminal access behavior whether be
Manual operation.
Technical solution provided in an embodiment of the present invention has the benefit that
Electronic equipment is by obtaining identifying code and instructing to the confirmation of identifying code, based on being stored in the specified of electronic equipment
Private key in memory space signs to identifying code, generate the first signing messages, and by the first signing messages, identifying code and with
The public key index of the corresponding storage of private key is sent to server, so that server verifies the information received, determines terminal
Access behavior whether be manual operation, user is without identifying identifying code, it is only necessary to issue to electronic equipment to identifying code
Confirmation instruction, and since confirmation instruction is to need people to be operated manually on an electronic device to trigger, and machine can not be complete
At above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may determine that the current access behavior of terminal is people
For operation, the situation of the identification mistake to identifying code is avoided, improves verification efficiency, accuracy is higher.
5th aspect, provides a kind of device that behavior verifying is carried out based on identifying code, and described device includes:
Identifying code obtains module, and for obtaining the identifying code of server, the identifying code is generated by the server;
First sending module, for the identifying code to be sent to electronic equipment, so that the electronic equipment is receiving
After the identifying code, obtains the confirmation to the identifying code and instruct, signed based on private key to the identifying code;
Data obtaining module, the first label sent after signing to the identifying code for obtaining the electronic equipment
Name information;
Second sending module, it is described for first signing messages, the identifying code and public key index to be sent to
Server determines that the access behavior of the terminal is so that the server verifies the information received based on public key
No is manual operation.
Technical solution provided in an embodiment of the present invention has the benefit that
Identifying code is sent to electronic equipment, so that electronic equipment is specified based on being stored in by obtaining identifying code by terminal
Private key in memory space signs to identifying code, generates the first signing messages, and receive the first A.L.S. of electronic equipment
The public key index of first signing messages, identifying code and storage corresponding with private key is sent to server, so as to server docking by breath
The information received is verified, and determines whether the access behavior of terminal is manual operation, and user is not necessarily to identify identifying code,
Only need to issue the confirmation instruction to identifying code to electronic equipment, and since confirmation instruction is that people is needed to carry out hand on an electronic device
Dynamic operation is to trigger, and machine is unable to complete above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may
It determines that the current access behavior of terminal is manual operation, avoids the situation of the identification mistake to identifying code, improve verifying effect
Rate, accuracy are higher.
6th aspect, provides a kind of device that behavior verifying is carried out based on identifying code, and described device includes:
Generation module, the verifying challenge code for obtaining terminal are requested, and identifying code is generated, and the verifying challenge code request is
The terminal is sent after determining access electronic equipment;
Sending module, for the identifying code to be sent to the terminal, so that the terminal sends the identifying code
It obtains the confirmation to the identifying code by the electronic equipment after receiving the identifying code to the electronic equipment and instructs,
It is signed based on private key to the identifying code, generates the first signing messages;
Authentication module, first signing messages, the identifying code and public key for obtaining the terminal index, base
It is indexed in the public key and determines public key, the information received is verified according to the public key, determines the access of the terminal
Whether behavior is manual operation.
Technical solution provided in an embodiment of the present invention has the benefit that
The identifying code of generation is sent to terminal by server, so that identifying code is sent to electronic equipment by terminal, by electronics
Equipment obtains the confirmation to identifying code and instructs, based on the designated memory space for being stored in electronic equipment after receiving identifying code
In private key sign to identifying code, generate the first signing messages, and obtain the first signing messages of terminal, identifying code and
The public key of storage corresponding with private key indexes, and is indexed based on public key and determines public key, verified according to public key to the information received,
Whether the access behavior for determining terminal is manual operation, and user is without identifying identifying code, it is only necessary to issue to electronic equipment
To the confirmation of identifying code instruction, and since confirmation instruction is to need people to be operated manually on an electronic device to trigger, and machine
Device is unable to complete above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may determine the current access of terminal
Behavior is manual operation, avoids the situation of the identification mistake to identifying code, improves verification efficiency, accuracy is higher.
7th aspect, provides a kind of electronic equipment, the electronic equipment includes memory and processor, the memory
In be stored at least one instruction, at least one section of program, code set or instruction set, at least one instruction, described at least one
Duan Chengxu, the code set or described instruction collection are loaded by the processor and are executed to realize that the above-mentioned identifying code that is based on is gone
For the method for verifying.
Eighth aspect provides a kind of computer readable storage medium, at least one finger is stored in the storage medium
Enable, at least one section of program, code set or instruction set, at least one instruction, at least one section of program, the code set or
Described instruction collection is loaded by processor and is executed to complete the above-mentioned method for carrying out behavior verifying based on identifying code.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is the system framework figure provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 2A is the method flow diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 2 B is the method flow diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 3 A is the apparatus structure schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 3 B is the apparatus structure schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 4 A is the apparatus structure schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 4 B is the apparatus structure schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 5 A is the apparatus structure schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 5 B is the apparatus structure schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 5 C is the apparatus structure schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code;
Fig. 6 is device 600 structural schematic diagram provided in an embodiment of the present invention that behavior verifying is carried out based on identifying code.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to embodiment party of the present invention
Formula is described in further detail.
Before carrying out detailed explanation to the present invention, first tested based on identifying code progress behavior of the present invention
The frame of the system of card is simply introduced.
It is of the present invention set in the system framework of behavior verifying including terminal, electronics based on identifying code referring to Fig. 1
Standby and server.Terminal can be connected by wireless or cable network with server, and terminal can be to be able to access that server
Electronic equipment can send information to server based on SDK (Software Development Kit, Software Development Kit),
The electronic equipment can be computer, smart phone, tablet computer or other electronic equipments.
Electronic equipment can pass through USB (Universal Serial Bus, universal serial bus), BLE (Bluetooth
Low Energy, bluetooth low energy consumption) or NFC (Near Field Communication, the short distance wireless communication technology) and eventually
Carry out data transmission between end, obtains the identifying code and send information to terminal that terminal is sent.Electronic equipment can be for testing
The equipment for demonstrate,proving function, such as verifying equipment, verifying terminal etc., for convenience's sake, with electronic equipment in later narration
To be illustrated for verifying equipment.For an electronic equipment, on the one hand, multiple buttons can be equipped with thereon, and worked as
When detecting that user presses designated button, sign to identifying code;On the other hand, sensor can be set inside, be based on
Sensor provides induction region, and when detecting tapping operation of the user in induction region, signs to identifying code.Into
Before behavior verification method in the row embodiment of the present invention, server produces public key and private key, and public key and private key are tied up
It is fixed, generate the public key index of public key corresponding with private key, public key stored to the designated memory space of server, and by private key and
Public key index is sent to verifying equipment, is stored private key and public key index to the specified storage sky of verifying equipment by verifying equipment
Between.
Server can be one or more Website server, for providing the behavior service for checking credentials for terminal.This implementation
In environment, terminal can be tested by being registered or being installed the means such as client on the server to obtain the behavior of server
Card service, the embodiment of the present invention are not construed as limiting this.For server, which can also have at least one data
There is user's targetedly behavior service for checking credentials in library to store identifying code and public key etc. so as to provide more.
Framework based on Fig. 1, when the system for carrying out behavior verifying based on identifying code judges that current access behavior is artificial
When operation or machine operation, substantially process is as follows:
1, server generates an identifying code, and identifying code is sent to terminal.
2, terminal is based on communication interface and identifying code is sent to verifying equipment.
3, terminal notifying user carries out confirmation operation in verifying equipment.
4, user presses the button (or the confirmation operations such as percussion) in verifying equipment, and verifying equipment starts signature operation, right
Identifying code is signed, and the first signing messages is generated.
5, the first signing messages, identifying code and public key index are sent to terminal by verifying equipment.
6, the information received is sent to server by terminal.
7, server verifies the information received based on public key corresponding with verifying equipment.
In above-mentioned process, user is without identifying identifying code, it is only necessary to be issued to verifying equipment to identifying code really
Recognize instruction, and since confirmation instruction is to need the people to be operated manually in verifying equipment to trigger, and machine is unable to complete
Trigger process is stated, therefore, as long as server receives confirmation instruction, so that it may determine that the current access behavior of terminal is artificially to grasp
Make, avoids the situation of the identification mistake to identifying code, improve verification efficiency, accuracy is higher.
For the websites such as some forums, shopping network, in order to identify that criminal is carried out using rogue program
Some malicious access, website can provide authentication mechanism, by the identifying code of display character style or graphic form come to access
Person verifies.Since the confirmation instruction in the embodiment of the present invention is to need people to be operated manually in verifying equipment to touch
Hair, and machine is unable to complete above-mentioned trigger process, therefore, in embodiments of the present invention, based on verifying equipment, terminal and server
Between tripartite's interaction the access behavior of terminal is verified so that user is without identifying identifying code, it is only necessary to testing
Card equipment issues the confirmation to identifying code and instructs and can be verified by the server access behavior current to terminal, avoids pair
The situation of the identification mistake of identifying code, improves verification efficiency, accuracy is higher.
In the following, the process based on tripartite's interaction is described in detail, Fig. 2A is a kind of base shown according to an exemplary embodiment
The flow chart of the method for behavior verifying is carried out in identifying code, as shown in Figure 2 A, this method is applied to terminal, verifying equipment and service
Interaction between device, this approach includes the following steps.
201, when terminal detects the access behavior of user, verifying challenge code request is generated, and verifying challenge code is asked
It asks and is sent to server.
In embodiments of the present invention, client and display webpage can be run in terminal, when user requests access to client
When end and webpage, such as user requests to log in client or user's request downloaded data etc. on webpage, in order to judge user
Current access behavior is manual operation or machine operation, and terminal can show the verifying page, and when user is in the verifying page
When upper confirmation is verified, verifying challenge code request is generated, server is sent to so that challenge code request will be verified, so that service
Device returns to identifying code, realizes the verifying to behavior.Wherein, the verifying page that terminal is shown is provided by server, for each
For client or webpage, a corresponding server is all had as client and webpage, service support is provided, therefore, when
When user requests access to client or webpage at the terminal, terminal needs to visit to client or the corresponding server request of webpage
It asks, such server will provide the verifying page, for terminal when detecting the current access behavior of terminal to work as to terminal
Preceding access behavior is verified.
Terminal can show the verifying page after obtaining the verifying page that server provides, and work as and detect user
When confirmation accesses on verifying the page, verifying challenge code request is generated, and verifying challenge code request is sent to server,
So that server returns to identifying code.For example, the input frame of user account, the input frame of account number cipher can be provided on the verifying page
And confirmation login button, after user account and account number cipher are input in corresponding input frame by user, if detecting use
Family triggering confirmation login button, then terminal will determine that user is currently requesting access to, and can generate verifying challenge code request,
Verifying challenge code request is sent to server, so that server determines that terminal is initiating logging request namely terminal currently just
Server is being requested access to, at this moment, it is people to verify the current access behavior of terminal that server, which can send identifying code to terminal,
For operation or machine operation.
It should be noted that whether terminal first judgement currently can access verifying to before server requests authentication code
Equipment, and different requests is sent to server according to the result of judgement.If terminal, which determines, does not access verifying equipment, table currently
The access behavior of terminal can not currently be verified based on verifying equipment by showing, namely can not execute following step 202 to step
207, in this way, terminal can prompt user that will verify equipment access, and show whether connect in prompt information with display reminding information
Enter to verify the option of equipment.If terminal detects that user selects access verifying equipment after prompting user, then wait stand-by
Family access verifying equipment, and when detecting the access of verifying equipment, following step 202 is continued to execute to step 207;If right
After user prompts, terminal detects that user refuses access verifying equipment, then terminal to server is needed to send conventional authentication
Code request, verifies process into conventional behavior, conventional authentication code is sent from server to terminal, so that terminal shows the routine
Identifying code, and user's naked eyes is needed to identify conventional authentication code, it is added in input frame manually, so that server is based on defeated
The correctness access behavior current to terminal for entering the character in frame is verified;If terminal determines that currently having accessed verifying sets
It is standby, then it represents that the access behavior of terminal can currently to be verified based on verifying equipment, can also continue to execute following steps
Rapid 202, to step 207, just need terminal to server to send verifying challenge code request, so that server generates and sends in this way
Identifying code can based on verifying equipment sign, identify and be manually entered without user.
202, server obtains the verifying challenge code request of terminal, generates identifying code, identifying code is sent to terminal, this is tested
Card challenge code request is to send after terminal determines access verifying equipment.
In embodiments of the present invention, when server detects terminal there is currently when access behavior, such as terminal is to service
Device sends logging request or downloading request etc., in order to judge that the current access behavior of terminal is manual operation or machine behaviour
Make, server can send identifying code to terminal.Wherein, server can provide the verifying page, obtained by terminal and show this
The page is verified, when detecting that terminal is accessed based on verifying page request, server can send identifying code to terminal.Its
In, server can determine that terminal is currently requesting access in the verifying challenge code request for receiving terminal.It needs
Bright, server can request to detect after the identifying code request for getting terminal to identifying code;If server detects
Identifying code request is that conventional authentication code is requested, then conventional authentication code is generated, and conventional authentication code is returned to terminal, based on conventional
Identifying code verifies behavior, does not just need to execute following step 203 in this way to step 207;If server detects verifying
Code request is verifying challenge code request, then the identifying code that server is generated and returned to terminal can be signed based on verifying equipment
Name so that subsequent authentication equipment verifies identifying code, namely executes following step 203 to step 207.
Wherein, server can generate identifying code, which can after obtaining the verifying challenge code request of terminal at random
For the random number of 32 an or more length, the embodiment of the present invention is to this without specifically limiting.Moreover, server is tested in generation
When demonstrate,proving code, the generation time of also recordable identifying code, based on the timestamp for generating the time and generating identifying code, and by timestamp with test
Card code is sent to terminal together.
203, terminal obtains the identifying code of server, and identifying code is sent to verifying equipment.
In embodiments of the present invention, when terminal obtains the identifying code of server, identifying code can be sent to verifying equipment,
It instructs so that verifying equipment after receiving identifying code, obtains the confirmation to identifying code, is signed based on private key to identifying code.
Since there are data connections between terminal and verifying equipment, and connection type can be a variety of, therefore terminal is sent out by identifying code
When sending to verifying equipment, need to be sent based on the communication interface that connects between verifying equipment.Wherein, communication interface can be with
For any one of USB, BLE and NFC.
It should be noted that terminal can also generate prompting message while identifying code is sent to verifying equipment, and
It is shown, user is reminded based on prompting message, user is allowed to carry out correct confirmation operation, guarantee that verifying is set
The standby available confirmation to identifying code instructs.For example, the prompting message that terminal generates can be " please to press in verifying equipment
A key ", it is ready to receive to testing in this way, determine that user has executed confirmation operation when verifying equipment and detecting that A key is pressed
The confirmation instruction for demonstrate,proving code, continues the operation signed to identifying code.
204, verifying equipment obtains the identifying code of terminal and instructs to the confirmation of identifying code, based on being stored in specified storage
Private key in space signs to identifying code, generates the first signing messages.
In embodiments of the present invention, verifying equipment can show identifying code after the identifying code for obtaining terminal, with
Just identifying code currently has been received in prompt user, can carry out confirmation operation, sign to identifying code.Due to server meeting
Public key and private key are generated, public key and private key are bound, the public key index of public key corresponding with private key is generated, public key is stored
It is sent to verifying equipment to the designated memory space of server, and by private key and public key index, by verifying equipment by private key and public
Key index is stored to the designated memory space of verifying equipment, therefore, when verifying equipment gets the identifying code of terminal and to testing
After the confirmation instruction for demonstrate,proving code, verifying equipment can get private key in designated memory space, call private key and corresponding non-
Symmetric cryptographic algorithm signs to identifying code, generates the first signing messages.Wherein, asymmetric cryptographic algorithm can be RAS (encryption
Algorithm) or ECC (Elliptic Curves Cryptography, elliptic curve cipher coding theory) scheduling algorithm, present invention implementation
Example is to this without specifically limiting.
For different types of verifying equipment, the mode for obtaining the confirmation instruction of identifying code can be a variety of, Yong Huke
To be voluntarily configured.The confirmation command function that setting obtains identifying code can be provided in verifying equipment, when verifying equipment detection
When triggering setting confirmation command function to user, the mode of available confirmation instruction is shown, and the mode that user determines is made
For the mode for obtaining confirmation instruction next time.Wherein, the mode that verifying equipment obtains confirmation instruction includes at least following two kinds of sides
Formula:
Mode one, when detecting click of the user to verifying button, obtain and the confirmation of identifying code instructed.
In embodiments of the present invention, due to that may be mentioned equipped with multiple buttons in this way, verifying equipment in a verifying equipment
The verifying button of confession just can be set by the user himself.Verifying equipment can provide button inlet porting, and will can be set to
The button of verifying button enumerate showing user, and the target button that user is selected is as verifying button, so as in next time
When detecting that user clicks the verifying button, confirmation instruction is obtained.
Mode two, when detecting the tapping operation of user, the number of taps of counting user, if number of taps and default time
Number is consistent, then obtains the confirmation to identifying code and instruct.
In embodiments of the present invention, it since sensor can be set inside a verifying equipment, and is provided based on sensor
Therefore induction region can judge whether to get by counting user in the number of taps that induction region carries out tapping operation
Confirmation instruction.Wherein, it in verifying equipment needs that preset times are arranged, when the number of taps counted on is consistent with preset times
When, confirmation instruction can be obtained.
Verifying equipment can provide number setting function, and when detecting user's triggering times setting function, display includes
The page is arranged in the number of number input frame, obtains the number that user inputs in number input frame, regard number as preset times
And save, so that next time is when the number of taps that induction region counts on user is consistent with preset times, obtain confirmation instruction.
It should be noted that on the one hand, if verifying equipment also gets the timestamp of identifying code, signing in generation first
When information, verifying equipment can also sign to timestamp, also regard the information of generation as the first signing messages;On the other hand,
Verifying equipment can also obtain public key rope when carrying out signature the first signing messages of generation to identifying code in designated memory space
Draw, signs to public key index, generate the second signing messages, and subsequent by the first signing messages and the second signing messages one
It rises and is sent to terminal.Wherein, the method for the second signing messages of verifying equipment generation is consistent with the method for the first signing messages is generated,
It is no longer repeated herein.In actual application, if the information that verifying equipment receives is identifying code, timestamp and public key
Index, for convenience's sake, then verifying equipment can sign together to identifying code, timestamp and public key index, will generate
Information group be combined into signing messages.
205, the public key index of the first signing messages, identifying code and storage corresponding with private key is sent to end by verifying equipment
End.
In embodiments of the present invention, after generating the first signing messages, verifying equipment can obtain in designated memory space
Public key index is indexed the first signing messages, identifying code and public key based on the communication interface connecting is established between terminal
It is sent to terminal, so that the information that terminal will acquire is sent to server, public key pair corresponding with private key is based on by server
The information that receives is verified, and determines whether the access behavior of terminal is manual operation.
It should be noted that if verifying equipment when generating the first signing messages, is also signed to public key index, is generated
Second signing messages then verifies equipment while the first signing messages, identifying code and public key index are sent to terminal,
Second signing messages can be sent to terminal.
206, terminal obtains verifying the first signing messages of equipment, identifying code and public key index, and by the first A.L.S.
Breath, identifying code and public key index are sent to server.
In embodiments of the present invention, terminal is in the first signing messages, identifying code and the public key rope for getting verifying equipment
After drawing, based on the network connection between server, the first signing messages, identifying code and public key index are sent to service
Device determines whether the access behavior of terminal is manual operation so that server verifies the information received based on public key.
207, server obtains the first signing messages, identifying code and the public key index of terminal, is indexed and is determined according to public key
Public key is decrypted the first signing messages based on public key;If public key is to the successful decryption of the first signing messages, it is determined that terminal
Access behavior be manual operation;If public key fails to the decryption of the first signing messages, it is determined that the access behavior of terminal is not
Manual operation.
In embodiments of the present invention, when server gets the first signing messages, identifying code and the public key index of terminal
Afterwards, public key is searched in designated memory space according to public key index first and indexes corresponding public key, determined and obtain and find
Public key;The first signing messages is decrypted subsequently, based on public key, and based on whether can judge the first A.L.S. with successful decryption
Whether breath is generated based on private key corresponding with public key.If public key to the successful decryption of the first signing messages, just determines the first signature
Information is generated based on private key corresponding with public key, it is determined that the current accessed behavior of terminal is manual operation;If public key is to first
The decryption of signing messages fails, and just determines that the first signing messages is not based on private key corresponding with public key and generates, it is determined that eventually
The current accessed behavior at end is not manual operation.
It should be noted that if server also gets the second signing messages of terminal, then it can also be based on public key to second
Signing messages is decrypted, and determines whether the access behavior of terminal is manual operation according to decrypted result.Wherein, server is based on
The process that public key is decrypted and judges to the second signing messages and the process one that the first signing messages is decrypted and is judged
It causes, is no longer repeated herein.
In actual application, since verifying equipment is very likely transformed in criminal, to simulate the key behaviour of the mankind
Make and tapping operation can uncap for verifying equipment design in order to improve the difficulty of transformation verifying equipment and damage function, so that
Verifying equipment, which is uncapped, to fail, and can not be transformed.
In actual application, B, actual operating process are for example following referring to fig. 2: when terminal is detected in login page or
When logging request or the query information request of query page, judge whether terminal has currently accessed verifying equipment;If terminal is true
Verifying equipment is not accessed before settled, then carries out conventional identifying code proving program;If terminal determines that currently having accessed verifying sets
Standby, then request server enters device authentication process (namely sending the request of verifying challenge code to server);When server receives
To when verifying challenge code request, identifying code is generated, identifying code is sent to terminal, communication interface is based on by terminal and sends out identifying code
It send to verifying equipment;Equipment is verified after receiving identifying code, private key is called to sign identifying code, generates the first A.L.S.
First signing messages, identifying code and public key index are sent to terminal, the information received are sent to service by terminal by breath
Device;Server indexes corresponding public key based on public key and carries out sign test to the information received, if sign test success, it is determined that terminal is worked as
Preceding access behavior is manual operation, into next step normal operating process;If sign test fails, the current access behavior of terminal
It is particularly likely that machine operates, just needs terminal to jump to login or query page again and access behavior is verified again.
In method provided in an embodiment of the present invention, electronic equipment is by obtaining identifying code and referring to the confirmation of identifying code
It enables, is signed based on the private key in the designated memory space for being stored in electronic equipment to identifying code, generate the first signing messages,
And the public key of the first signing messages, identifying code and storage corresponding with private key index is sent to server, so as to server docking
The information received is verified, and determines whether the access behavior of terminal is manual operation, and user is not necessarily to identify identifying code,
Only need to issue the confirmation instruction to identifying code to electronic equipment, and since confirmation instruction is that people is needed to carry out hand on an electronic device
Dynamic operation is to trigger, and machine is unable to complete above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may
It determines that the current access behavior of terminal is manual operation, avoids the situation of the identification mistake to identifying code, improve verifying effect
Rate, accuracy are higher.
Fig. 3 A is a kind of block diagram of device that behavior verifying is carried out based on identifying code shown according to an exemplary embodiment.
Referring to Fig. 3 A, which includes obtaining module 301, signature blocks 302 and sending module 303.
The acquisition module 301, for obtaining the identifying code of terminal, identifying code is generated and sent by server to terminal;
The signature blocks 302, for obtaining the confirmation instruction to identifying code, based on the specified storage for being stored in electronic equipment
Private key in space signs to identifying code, generates the first signing messages;
The sending module 303, for by the public key rope of the first signing messages, identifying code and storage corresponding with the private key
Draw and be sent to terminal, so that the information that terminal will acquire is sent to server, public key corresponding with private key is based on by server
It is verified to information is received, determines whether the access behavior of terminal is manual operation.
Device provided in an embodiment of the present invention, electronic equipment are instructed by acquisition identifying code and to the confirmation of identifying code,
It is signed based on the private key in the designated memory space for being stored in electronic equipment to identifying code, generates the first signing messages, and
The public key index of first signing messages, identifying code and storage corresponding with private key is sent to server, so that server is to reception
To information verified, determine whether the access behavior of terminal is manual operation, and user is without identifying identifying code, only
The confirmation instruction to identifying code need to be issued to electronic equipment, and since confirmation instruction is that people is needed to carry out on an electronic device manually
Operation is to trigger, and machine is unable to complete above-mentioned trigger process, therefore, as long as server receives confirmation instruction, so that it may really
Determining the current access behavior of terminal is manual operation, avoids the situation of the identification mistake to identifying code, improves verification efficiency,
Accuracy is higher.
In another embodiment, signature blocks 302, for obtaining when detecting click of the user to verifying button
It takes the confirmation to identifying code to instruct, is signed based on private key to the identifying code, generate the first signing messages;Or, when detection
To user tapping operation when, the number of taps of counting user, if number of taps is consistent with preset times, obtain to identifying code
Confirmation instruction, signed based on private key to the identifying code, generate the first signing messages.
In another embodiment, the signature blocks 302, are also used to when signing to identifying code, index to public key
It signs, generates the second signing messages;
The sending module 303 is also used to that the second signing messages is sent to terminal when sending the first signing messages.
In another embodiment, referring to Fig. 3 B, which further includes memory module 304.
The memory module 304, the public key for storing private key and public key corresponding with private key index, private key and public key by
Server generates.
Fig. 4 A is a kind of block diagram of device that behavior verifying is carried out based on identifying code shown according to an exemplary embodiment.
Referring to Fig. 4 A, which includes that identifying code obtains module 401, the first sending module 402, data obtaining module 403 and the second hair
Send module 404.
The identifying code obtains module 401, and for obtaining the identifying code of server, identifying code is generated by server;
First sending module 402, for identifying code to be sent to electronic equipment, so that electronic equipment is receiving verifying
After code, obtains the confirmation to identifying code and instruct, signed based on private key to identifying code;
The data obtaining module 403, the first signature sent after signing to identifying code for obtaining electronic equipment
Information;
Second sending module 404, for the first signing messages, identifying code and public key index to be sent to server,
So that server verifies the information received based on public key, determine whether the access behavior of terminal is manual operation.
Identifying code is sent to electronic equipment by acquisition identifying code by device provided in an embodiment of the present invention, terminal, so that
Electronic equipment signs to identifying code based on the private key being stored in designated memory space, generates the first signing messages, and connect
The public key of first signing messages, identifying code and storage corresponding with private key is indexed and is sent by the first signing messages for receiving electronic equipment
Determine whether the access behavior of terminal is manual operation so that server verifies the information received to server, uses
Family is without identifying identifying code, it is only necessary to the instruction of the confirmation to identifying code is issued to electronic equipment, and since confirmation instruction is
People is needed to be operated manually on an electronic device to trigger, and machine is unable to complete above-mentioned trigger process, therefore, server is only
Receive confirmation instruction, so that it may determine that the current access behavior of terminal is manual operation, avoid the identification to identifying code
The situation of mistake, improves verification efficiency, and accuracy is higher.
In another embodiment, identifying code is sent to electricity for being based on communication interface by first sending module 402
Sub- equipment;Wherein, communication interface is at least general-purpose serial bus USB, bluetooth low energy consumption BLE and short-range data exchange NFC.
In another embodiment, first sending module 402, is also used to when identifying code is sent to electronic equipment,
Prompting message is generated, message is will be prompted to and is shown, so that user is based on prompting message and executes confirmation operation on an electronic device.
In another embodiment, B, the device further include judgment module 405 and third sending module 406 referring to fig. 4.
The judgment module 405, for judging currently whether access electronic equipment;
The third sending module 406, for if it is determined that currently not accessing electronic equipment, then to server transmission conventional authentication
Code request obtains the information inputted in identifying code input frame, determines the access row of terminal directly to show to identifying code
Whether to be manual operation;
The third sending module 406 is also used to if it is determined that currently having accessed electronic equipment, then to server transmission verifying
Challenge code request, so as to execute above-mentioned determining terminal access behavior whether be manual operation process.
Fig. 5 A is a kind of block diagram of device that behavior verifying is carried out based on identifying code shown according to an exemplary embodiment.
Referring to Fig. 5 A, which includes generation module 501, sending module 502 and authentication module 503.
The generation module 501, the verifying challenge code for obtaining terminal are requested, and identifying code, verifying challenge code request are generated
It is sent after determining access electronic equipment for terminal;
The sending module 502, for identifying code to be sent to terminal, so that identifying code is sent to electronic equipment by terminal,
By electronic equipment after receiving identifying code, obtains the confirmation to identifying code and instruct, signed based on private key to identifying code, it is raw
At the first signing messages;
The authentication module 503, the first signing messages, identifying code and public key for obtaining terminal index, and are based on public key
It indexes and determines public key, the information received is verified according to public key, determines whether the access behavior of terminal is manual operation.
The identifying code of generation is sent to terminal by device provided in an embodiment of the present invention, server, so that terminal will be verified
Code is sent to electronic equipment, by electronic equipment after receiving identifying code, obtains and instructs to the confirmation of identifying code, based on being stored in
Private key in the designated memory space of electronic equipment signs to identifying code, generates the first signing messages, and obtain terminal
The public key of first signing messages, identifying code and storage corresponding with private key indexes, and is indexed based on public key and determines public key, according to public key
The information received is verified, determines whether the access behavior of terminal is manual operation, and user is not necessarily to carry out identifying code
Identification, it is only necessary to the instruction of the confirmation to identifying code is issued to electronic equipment, and since confirmation instruction is to need people on an electronic device
It is operated manually to trigger, and machine is unable to complete above-mentioned trigger process, therefore, as long as server receives confirmation instruction,
It is assured that the current access behavior of terminal is manual operation, avoids the situation of the identification mistake to identifying code, improve
Verification efficiency, accuracy are higher.
In another embodiment, referring to Fig. 5 B, which includes decryption submodule 5031 and determining submodule
5032。
The decryption submodule 5031, for the first signing messages to be decrypted based on public key;
The determination submodule 5032, if for public key to the successful decryption of the first signing messages, it is determined that the access of terminal
Behavior is manual operation;
The determination submodule 5032 fails to the decryption of the first signing messages if being also used to public key, it is determined that the visit of terminal
The behavior of asking not is manual operation.
In another embodiment, referring to Fig. 5 C, which includes searching submodule 5033 and acquisition submodule
5034。
The lookup submodule 5033 indexes corresponding public affairs for searching public key in designated memory space according to public key index
Key;
The acquisition submodule 5034, for determining and obtaining the public key found.
It should be understood that the device of behavior provided by the above embodiment verifying is when behavior is verified, only with above-mentioned each function
Can module division progress for example, in practical application, can according to need and by above-mentioned function distribution by different functions
Module is completed, i.e., the internal structure of equipment is divided into different functional modules, described above all or part of to complete
Function.In addition, the device of behavior verifying provided by the above embodiment and the embodiment of the method for behavior verifying belong to same design,
Specific implementation process is detailed in embodiment of the method, and which is not described herein again.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
Fig. 6 is a kind of block diagram of card writing station 600 shown according to an exemplary embodiment.For example, device 600 can
To be mobile phone, computer, digital broadcasting terminal, messaging device, game console, tablet device, Medical Devices are good for
Body equipment, personal digital assistant etc..
Referring to Fig. 6, device 600 may include following one or more components: processing component 602, memory 604, power supply
Component 606, multimedia component 608, audio component 610, the interface 612 of I/O (Input/Output, input/output), sensor
Component 614 and communication component 616.
The integrated operation of the usual control device 600 of processing component 602, such as with display, telephone call, data communication, phase
Machine operation and record operate associated operation.Processing component 602 may include that one or more processors 620 refer to execute
It enables, to perform all or part of the steps of the methods described above.In addition, processing component 602 may include one or more modules, just
Interaction between processing component 602 and other assemblies.For example, processing component 602 may include multi-media module, it is more to facilitate
Interaction between media component 608 and processing component 602.
Memory 604 is configured as storing various types of data to support the operation in device 600.These data are shown
Example includes the instruction of any application or method for operating on device 600, contact data, and telephone book data disappears
Breath, picture, video etc..Memory 604 can be by any kind of volatibility or non-volatile memory device or their group
It closes and realizes, such as SRAM (Static Random Access Memory, static random access memory), EEPROM
(Electrically-Erasable Programmable Read-Only Memory, the read-only storage of electrically erasable
Device), EPROM (Erasable Programmable Read Only Memory, Erasable Programmable Read Only Memory EPROM), PROM
(Programmable Read-Only Memory, programmable read only memory), and ROM (Read-Only Memory, it is read-only to deposit
Reservoir), magnetic memory, flash memory, disk or CD.
Power supply module 606 provides electric power for the various assemblies of device 600.Power supply module 606 may include power management system
System, one or more power supplys and other with for device 600 generate, manage, and distribute the associated component of electric power.
Multimedia component 608 includes the screen of one output interface of offer between described device 600 and user.One
In a little embodiments, screen may include LCD (Liquid Crystal Display, liquid crystal display) and TP (Touch
Panel, touch panel).If screen includes touch panel, screen may be implemented as touch screen, from the user to receive
Input signal.Touch panel includes one or more touch sensors to sense the gesture on touch, slide, and touch panel.Institute
The boundary of a touch or slide action can not only be sensed by stating touch sensor, but also be detected and the touch or slide phase
The duration and pressure of pass.In some embodiments, multimedia component 608 includes that a front camera and/or postposition are taken the photograph
As head.When device 600 is in operation mode, such as in a shooting mode or a video mode, front camera and/or rear camera can
With the multi-medium data outside reception.Each front camera and rear camera can be a fixed optical lens system
Or have focusing and optical zoom capabilities.
Audio component 610 is configured as output and/or input audio signal.For example, audio component 610 includes a MIC
(Microphone, microphone), when device 600 is in operation mode, such as call mode, recording mode, and voice recognition mode
When, microphone is configured as receiving external audio signal.The received audio signal can be further stored in memory 604
Or it is sent via communication component 616.In some embodiments, audio component 610 further includes a loudspeaker, for exporting audio
Signal.
I/O interface 612 provides interface between processing component 602 and peripheral interface module, and above-mentioned peripheral interface module can
To be keyboard, click wheel, button etc..These buttons may include, but are not limited to: home button, volume button, start button and lock
Determine button.
Sensor module 614 includes one or more sensors, and the state for providing various aspects for device 600 is commented
Estimate.For example, sensor module 614 can detecte the state that opens/closes of equipment 600, the relative positioning of component, such as component
For the display and keypad of device 600, sensor module 614 can be with the position of 600 1 components of detection device 600 or device
Set change, the existence or non-existence that user contacts with device 600, the temperature in 600 orientation of device or acceleration/deceleration and device 600
Variation.Sensor module 614 may include proximity sensor, be configured to detect without any physical contact near
The presence of object.Sensor module 614 can also include optical sensor, such as CMOS (Complementary Metal Oxide
Semiconductor, complementary metal oxide) or CCD (Charge-coupled Device, charge coupled cell) image biography
Sensor, for being used in imaging applications.In some embodiments, which can also include acceleration sensing
Device, gyro sensor, Magnetic Sensor, pressure sensor or temperature sensor.
Communication component 616 is configured to facilitate the communication of wired or wireless way between device 600 and other equipment.Device
600 can access the wireless network based on communication standard, such as WiFi, 2G or 3G or their combination.In an exemplary implementation
In example, communication component 616 receives broadcast singal or broadcast related information from external broadcasting management system via broadcast channel.
In one exemplary embodiment, the communication component 616 further includes that (Near Field Communication, near field are logical by NFC
Letter) module, to promote short range communication.For example, RFID (Radio Frequency can be based in NFC module
Identification, radio frequency identification) technology, IrDA (Infra-red Data Association, Infrared Data Association) skill
Art, UWB (Ultra Wideband, ultra wide band) technology, BT (Bluetooth, bluetooth) technology and other technologies are realized.
In the exemplary embodiment, device 600 can be by one or more ASIC (Application Specific
Integrated Circuit, application specific integrated circuit), DSP (Digital signal Processor, at digital signal
Manage device), DSPD (Digital signal Processor Device, digital signal processing appts), PLD (Programmable
Logic Device, programmable logic device), FPGA) (Field Programmable Gate Array, field programmable gate
Array), controller, microcontroller, microprocessor or other electronic components realize, above-mentioned gone based on identifying code for executing
For the method for verifying.
In the exemplary embodiment, a kind of non-transitorycomputer readable storage medium including instruction, example are additionally provided
It such as include the memory 604 of instruction, above-metioned instruction can be executed by the processor 620 of device 600 to complete the above method.For example,
The non-transitorycomputer readable storage medium can be ROM, RAM (Random Access Memory, random access memory
Device), CD-ROM (Compact Disc Read-Only Memory, compact disc read-only memory), tape, floppy disk and light data deposit
Store up equipment etc..A kind of computer readable storage medium, when the instruction in the storage medium is by the processor of behavior verifying device
When execution, so that behavior verifying device is able to carry out the above-mentioned method for carrying out behavior verifying based on identifying code.
A kind of electronic equipment, the electronic equipment include memory and processor, and at least one is stored in the memory
Item instruction, at least one section of program, code set or instruction set, at least one instruction, at least one section of program, the code
Collection or described instruction collection are loaded by the processor and are executed to realize the above-mentioned method for carrying out behavior verifying based on identifying code.
A kind of computer readable storage medium, be stored in the storage medium at least one instruction, at least one section of program,
Code set or instruction set, at least one instruction, at least one section of program, the code set or the described instruction collection are by handling
Device is loaded and is executed to complete the above-mentioned method for carrying out behavior verifying based on identifying code.
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, it is all in spirit of the invention and
Within principle, any modification, equivalent replacement, improvement and so on be should all be included in the protection scope of the present invention.
Claims (15)
1. a kind of method for carrying out behavior verifying based on identifying code, which is characterized in that the described method includes:
The identifying code of terminal is obtained, the identifying code is generated and sent by server to the terminal;
It obtains the confirmation to the identifying code to instruct, based on the private key in the designated memory space for being stored in electronic equipment to described
Identifying code is signed, and the first signing messages is generated;
The public key index of first signing messages, the identifying code and storage corresponding with the private key is sent to the end
End is based on corresponding with the private key so that the information that the terminal will acquire is sent to the server by the server
Public key the information that receives is verified, determine whether the access behavior of the terminal is manual operation.
2. being based on the method according to claim 1, wherein the confirmation obtained to the identifying code instructs
Private key signs to the identifying code, generates the first signing messages and includes:
When detecting click of the user to verifying button, obtains the confirmation to the identifying code and instruct, based on private key to described
Identifying code is signed, and the first signing messages is generated;Or,
When detecting the tapping operation of the user, the number of taps of the user is counted, if the number of taps and default
Number is consistent, then obtains the confirmation to the identifying code and instruct, signed based on private key to the identifying code, generate the first label
Name information.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
When signing to the identifying code, signs to public key index, generate the second signing messages;
When sending first signing messages, second signing messages is sent to the terminal.
4. method according to any one of claims 1 to 3, which is characterized in that before the identifying code for obtaining terminal, institute
State method further include:
The public key index of private key and public key corresponding with the private key is stored, the private key and the public key are by the server
It generates.
5. a kind of method for carrying out behavior verifying based on identifying code, which is characterized in that the described method includes:
The identifying code of server is obtained, the identifying code is generated by the server;
The identifying code is sent to electronic equipment, so that the electronic equipment after receiving the identifying code, is obtained to institute
The confirmation instruction for stating identifying code, signs to the identifying code based on private key;
Obtain the first signing messages that the electronic equipment is sent after signing to the identifying code;
First signing messages, the identifying code and public key index are sent to the server, so that the server
The information received is verified based on public key, determines whether the access behavior of the terminal is manual operation.
6. according to the method described in claim 5, it is characterized in that, described be sent to electronic equipment for the identifying code and include:
Based on communication interface, the identifying code is sent to the electronic equipment;
Wherein, the communication interface is at least general-purpose serial bus USB, bluetooth low energy consumption BLE and short-range data exchange
NFC。
7. according to the method described in claim 6, it is characterized in that, the method also includes:
When the identifying code is sent to the electronic equipment, prompting message is generated, the prompting message is shown, with
So that user is based on the prompting message and executes confirmation operation on the electronic equipment.
8. according to the described in any item methods of claim 5 to 7, which is characterized in that before the identifying code for obtaining server,
The method also includes:
Whether judgement currently accesses the electronic equipment;
If it is determined that currently not accessing the electronic equipment, then the request of conventional authentication code is sent to the server, so as to directly right
The identifying code shown, the information inputted in identifying code input frame is obtained, determine the terminal access behavior whether be
Manual operation;
If it is determined that currently having accessed the electronic equipment, then verifying challenge code request is sent to the server, to execute
The access behavior of the above-mentioned determination terminal whether be manual operation process.
9. a kind of method for carrying out behavior verifying based on identifying code, which is characterized in that the described method includes:
The verifying challenge code request for obtaining terminal, generates identifying code, and the verifying challenge code request is that the terminal determines access
It is sent after electronic equipment;
The identifying code is sent to the terminal, so that the identifying code is sent to the electronic equipment by the terminal, by
The electronic equipment is obtained the confirmation to the identifying code and instructed, tested based on private key described after receiving the identifying code
Card code is signed, and the first signing messages is generated;
First signing messages, the identifying code and the public key index of the terminal are obtained, it is true based on public key index
Determine public key, the information received is verified according to the public key, determines whether the access behavior of the terminal is artificially to grasp
Make.
10. according to the method described in claim 9, it is characterized in that, described carry out the information received according to the public key
Verifying, determines whether the access behavior of the terminal is that manual operation includes:
First signing messages is decrypted based on the public key;
If the public key is to the successful decryption of first signing messages, it is determined that the access behavior of the terminal is artificially to grasp
Make;
If the public key fails to the decryption of first signing messages, it is determined that the access behavior of the terminal and non-artificial behaviour
Make.
11. method according to claim 9 or 10, which is characterized in that described indexed based on the public key determines public key packet
It includes:
The public key is searched in designated memory space according to public key index indexes corresponding public key;
It determines and obtains the public key found.
12. a kind of device for carrying out behavior verifying based on identifying code, which is characterized in that described device includes:
Module is obtained, for obtaining the identifying code of terminal, the identifying code is generated and sent by server to the terminal;
Signature blocks, for obtaining the instruction of the confirmation to the identifying code, based on the designated memory space for being stored in electronic equipment
In private key sign to the identifying code, generate the first signing messages;
Sending module, for by the public key rope of first signing messages, the identifying code and storage corresponding with the private key
Initiation is based on to terminal so that the information that the terminal will acquire is sent to the server by the server described in sending
Public key corresponding with the private key verifies the information that receives, and determines whether the access behavior of the terminal is artificial
Operation.
13. a kind of device for carrying out behavior verifying based on identifying code, which is characterized in that described device includes:
Generation module, the verifying challenge code for obtaining terminal are requested, and generate identifying code, the verifying challenge code request is described
Terminal is sent after determining access electronic equipment;
Sending module, for the identifying code to be sent to the terminal, so that the identifying code is sent to institute by the terminal
Electronic equipment is stated, by the electronic equipment after receiving the identifying code, the confirmation to the identifying code is obtained and instructs, be based on
Private key signs to the identifying code, generates the first signing messages;
Authentication module, first signing messages, the identifying code and public key for obtaining the terminal index, and are based on institute
It states public key and indexes determining public key, the information received is verified according to the public key, determines the access behavior of the terminal
It whether is manual operation.
14. a kind of electronic equipment, which is characterized in that the electronic equipment includes memory and processor, is deposited in the memory
Contain at least one instruction, at least one section of program, code set or instruction set, at least one instruction, at least one section of journey
Sequence, the code set or described instruction collection are loaded by the processor and are executed to realize that claim 1-11 is described in any item
The method for carrying out behavior verifying based on identifying code.
15. a kind of computer readable storage medium, which is characterized in that be stored at least one instruction, extremely in the storage medium
Few one section of program, code set or instruction set, at least one instruction, at least one section of program, the code set or described
Instruction set is loaded by processor and is executed described in any item based on identifying code progress behavior verifying to complete claim 1-11
Method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710427641.9A CN109039990B (en) | 2017-06-08 | 2017-06-08 | Behavior verification method and device based on verification code |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710427641.9A CN109039990B (en) | 2017-06-08 | 2017-06-08 | Behavior verification method and device based on verification code |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109039990A true CN109039990A (en) | 2018-12-18 |
| CN109039990B CN109039990B (en) | 2020-07-07 |
Family
ID=64629437
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710427641.9A Active CN109039990B (en) | 2017-06-08 | 2017-06-08 | Behavior verification method and device based on verification code |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109039990B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110062002A (en) * | 2019-04-29 | 2019-07-26 | 核芯互联科技(青岛)有限公司 | A kind of method for authenticating and Related product |
| CN110611598A (en) * | 2019-10-15 | 2019-12-24 | 浙江齐治科技股份有限公司 | Method, device and system for realizing challenge code |
| CN111193595A (en) * | 2019-11-28 | 2020-05-22 | 腾讯云计算(北京)有限责任公司 | Error detection method, device, equipment and storage medium for electronic signature |
| CN111245870A (en) * | 2020-04-26 | 2020-06-05 | 国网电子商务有限公司 | Identity authentication method based on mobile terminal and related device |
| CN112233287A (en) * | 2020-10-19 | 2021-01-15 | 北京安恒利通科技股份公司 | Automatic unlocking method of intelligent lock and intelligent lock system |
| CN112717417A (en) * | 2020-12-31 | 2021-04-30 | 新浪网技术(中国)有限公司 | Man-machine recognition method and device |
| CN113615227A (en) * | 2019-01-10 | 2021-11-05 | Mhm微技术责任有限公司 | Network connectable sensing device |
| CN114726595A (en) * | 2022-03-24 | 2022-07-08 | 中科吉芯(昆山)信息科技有限公司 | Method for authenticating man-machine identity by using space-time information |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103488922A (en) * | 2013-08-27 | 2014-01-01 | 百度在线网络技术(北京)有限公司 | Method and equipment for providing verification code |
| CN104680376A (en) * | 2015-03-13 | 2015-06-03 | 中国工商银行股份有限公司 | Transaction information verification method and device |
| US20150270969A1 (en) * | 2012-10-29 | 2015-09-24 | Mitsubishi Electric Corporation | Facility management device, facility management system and program |
| CN105681340A (en) * | 2016-03-07 | 2016-06-15 | 吴晓军 | Digital certificate use method and apparatus |
| US9436930B2 (en) * | 2012-11-28 | 2016-09-06 | Emc Corporation | Method and apparatus for recognizing image content |
| CN105991519A (en) * | 2015-01-29 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method, device and system of verifying identifying codes |
-
2017
- 2017-06-08 CN CN201710427641.9A patent/CN109039990B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150270969A1 (en) * | 2012-10-29 | 2015-09-24 | Mitsubishi Electric Corporation | Facility management device, facility management system and program |
| US9436930B2 (en) * | 2012-11-28 | 2016-09-06 | Emc Corporation | Method and apparatus for recognizing image content |
| CN103488922A (en) * | 2013-08-27 | 2014-01-01 | 百度在线网络技术(北京)有限公司 | Method and equipment for providing verification code |
| CN105991519A (en) * | 2015-01-29 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method, device and system of verifying identifying codes |
| CN104680376A (en) * | 2015-03-13 | 2015-06-03 | 中国工商银行股份有限公司 | Transaction information verification method and device |
| CN105681340A (en) * | 2016-03-07 | 2016-06-15 | 吴晓军 | Digital certificate use method and apparatus |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113615227A (en) * | 2019-01-10 | 2021-11-05 | Mhm微技术责任有限公司 | Network connectable sensing device |
| CN110062002A (en) * | 2019-04-29 | 2019-07-26 | 核芯互联科技(青岛)有限公司 | A kind of method for authenticating and Related product |
| CN110611598A (en) * | 2019-10-15 | 2019-12-24 | 浙江齐治科技股份有限公司 | Method, device and system for realizing challenge code |
| CN110611598B (en) * | 2019-10-15 | 2022-03-18 | 浙江齐治科技股份有限公司 | Method, device and system for realizing challenge code |
| CN111193595A (en) * | 2019-11-28 | 2020-05-22 | 腾讯云计算(北京)有限责任公司 | Error detection method, device, equipment and storage medium for electronic signature |
| CN111193595B (en) * | 2019-11-28 | 2023-05-09 | 腾讯云计算(北京)有限责任公司 | Error detection method, device, equipment and storage medium for electronic signature |
| CN111245870A (en) * | 2020-04-26 | 2020-06-05 | 国网电子商务有限公司 | Identity authentication method based on mobile terminal and related device |
| CN112233287A (en) * | 2020-10-19 | 2021-01-15 | 北京安恒利通科技股份公司 | Automatic unlocking method of intelligent lock and intelligent lock system |
| CN112717417A (en) * | 2020-12-31 | 2021-04-30 | 新浪网技术(中国)有限公司 | Man-machine recognition method and device |
| CN114726595A (en) * | 2022-03-24 | 2022-07-08 | 中科吉芯(昆山)信息科技有限公司 | Method for authenticating man-machine identity by using space-time information |
| CN114726595B (en) * | 2022-03-24 | 2023-09-29 | 中科吉芯(昆山)信息科技有限公司 | Method for authenticating identity of man-machine by using space-time information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109039990B (en) | 2020-07-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109039990A (en) | The method and device of behavior verifying is carried out based on identifying code | |
| WO2017219269A1 (en) | Method and device for activating virtual card | |
| RU2643473C2 (en) | Method and tools for fingerprinting identification | |
| CN105138942B (en) | The display methods and device of two dimensional code | |
| CN104270404B (en) | A kind of login method and device based on terminal iidentification | |
| CN104794382A (en) | Application starting method and device | |
| CN109032675A (en) | The unlocking screen method, apparatus and terminal device of terminal device | |
| CN105224195A (en) | Terminal operation method and device | |
| CN104933351A (en) | Information security processing method and information security processing device | |
| CN104933555B (en) | Moade setting method and device | |
| WO2017156960A1 (en) | Method and device for accessing smart camera | |
| WO2018133387A1 (en) | Fingerprint identification method and device | |
| CN105678549A (en) | Payment method and device | |
| CN111368232A (en) | Password sharing reflux method and device, electronic equipment and storage medium | |
| CN104967593A (en) | Identity verification method, apparatus and system | |
| CN105263126B (en) | Short-message verification method, apparatus and system | |
| CN104933419A (en) | Method and device for obtaining iris images and iris identification equipment | |
| CN109947981A (en) | Video sharing method and device | |
| WO2015165172A1 (en) | Information transmission method and device in voice service | |
| CN106060027B (en) | Method, apparatus, equipment and the system verified based on identifying code | |
| CN103810595B (en) | Information verification method and device | |
| CN107959757A (en) | User information processing method, device, APP servers and terminal device | |
| CN108022349A (en) | Information input method, equipment, smart lock and storage medium | |
| TW202101392A (en) | Access control method and device, electronic device and storage medium | |
| CN105407070A (en) | Logging-in authorization method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |