CN109151820A - One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 " - Google Patents

One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 " Download PDF

Info

Publication number
CN109151820A
CN109151820A CN201810970835.8A CN201810970835A CN109151820A CN 109151820 A CN109151820 A CN 109151820A CN 201810970835 A CN201810970835 A CN 201810970835A CN 109151820 A CN109151820 A CN 109151820A
Authority
CN
China
Prior art keywords
information
user
card
mobile phone
account
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810970835.8A
Other languages
Chinese (zh)
Inventor
水新莹
邓伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Xunfei Intelligent Technology Co Ltd
Original Assignee
Anhui Xunfei Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Xunfei Intelligent Technology Co Ltd filed Critical Anhui Xunfei Intelligent Technology Co Ltd
Priority to CN201810970835.8A priority Critical patent/CN109151820A/en
Publication of CN109151820A publication Critical patent/CN109151820A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a kind of safety certifying methods and device for being based on " one machine of a people, one card No.1 ", safety certifying method include S1, server end database obtain the card number of the account of user, login password, real name identity information, the identification code of mobile device and U/SIM card used, correspond binding and simultaneously store information;S2, the user log on mobile terminals, submit account and login password;The identification code of the client acquisition mobile device of S3, mobile terminal and the card number of U/SIM card used carry out authentication verification with the logical server end that is submitted to of account and login password one;The gathering information from database carries out one-to-one correspondence comparison by account for S4, the server end, and any information is not consistent then safety certification failure, the safety certification success if all information are consistent.The present invention not only may be implemented to verify the true identity of user, authenticate, it may also be ensured that will not cause private data leakage even if user equipment is lost.

Description

One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 "
Technical field
The present invention relates to mobile Internet safety certification fields, and in particular to one kind is based on " one machine of a people, one card No.1 " Safety certifying method and device.
Background technique
Recently as the rapid development and application of Internet technology, more and more people are accessed mutual by intelligent terminal Networking, completes the activities such as daily work, study.Mobile internet service also hides all while so convenient, fast More security risks.For example, the password of user is easy to be stolen, usurp, to bring loss to user and country.Meanwhile user When using Internet service, the true identity of the user can not be identified, user is easy to assume another's name to carry out using other people identity cards Real-name authentication.When carrying out certain sensitive operations, do not have effective resisting denying ability yet, once cause legal dispute When, it investigates and collects evidence also extremely difficult.
In current safety certification field, common authentication techniques have:
(1) based on known to user: such as password, pattern;
(2) all based on user: such as Intelligent bracelet, smart card;
(3) based on the biological characteristic of user: such as iris, fingerprint, voice, face feature;
(4) hardware characteristics are based on: such as the IMEI number of equipment, Bluetooth MAC address.
But all there are some problems in above-mentioned authentication techniques: based on technology known to user, in user's typing password or When fingerprint, be very easy to by Malware intercept, record, or input when, be easy by one's side other people steal;Based on user All technologies need extra purchase hardware, and if forgotten to carry, are not available service;Based on user biological feature Technology, failure probability is high and is easy to be modeled, and once a useful photo turned on the precedent of iPhone X;Based on hardware characteristics Technology but still be easy to be stolen, forge although having uniqueness.When intelligent terminal repairs, it may lead Cause the hardware characteristics change, such as replacement mainboard etc. of equipment.
In conclusion still can not achieve while taking into account safe and convenient in current safety certification field, additionally it is possible to Meet the ability of resisting denying and unique subscriber identification.
Summary of the invention
The purpose of the present invention is to provide a kind of safety certifying methods for being based on " one machine of a people, one card No.1 ", existing to solve There is technology that can not guarantee the defect for recognizing safety to unique subscriber when taking into account efficiently.
The safety certifying method based on " one machine of a people, one card No.1 ", comprising the following steps:
S1, server end database obtain user account, login password, real name identity information, mobile device knowledge The card number of other code and U/SIM card used corresponds and binds and store information;
S2, the user log on mobile terminals, submit account and login password;
S3, the client slave mobile device of mobile terminal and currently used U/SIM card obtain the identification code of mobile device With the card number of U/SIM card used, authentication verification is carried out with the logical server end that is submitted to of account and login password one;
S4, the server end are transferred and the login password of account binding, real name identity by account from database The card number of information, the identification code of mobile device and U/SIM card used, and compared with the information that client is submitted correspond to, appoint One information be not consistent then safety certification failure, if all information are consistent safety certification success.
Preferably, account described in the step S1 is the cell-phone number used when registration, and the server end passes through real name Authentication interface and telecom operators carry out real-name authentication information checking, to detect whether the real name information of user's submission transports with telecommunications It seeks real name information corresponding with the cell-phone number of submission in the database of quotient to be consistent, by real-name authentication information and account if being consistent Binding storage is into database.
Preferably, in the step S1, the server end by several real-name authentication interfaces respectively with public security, civil administration, Meter systems are defended to be connected, and according to the real name information of the user's registration respectively with public security, civil administration, defend it is corresponding in meter systems Data compare verification, and only all information all correspondences are consistent and could verify successfully, and real-name authentication information is tied up with account Fixed storage is into database.
Preferably, the data interaction and operation that carry out after safety authentication method further includes step S5, logs in client Behavior is sent to server end, and the behavioural information for being related to user by digital encryption and is recorded as history behaviour by the server end Make information, storage is in the database.
Preferably, the U/SIM card is CA- mobile phone card, and the SDK component that the client is provided with CA- mobile phone is counted According to exchange, when user carries out user's registration, login operates user information, the client is to as operation object User information carries out digital encryption by CA digital certificate.
Preferably, in the step S2 after input account and password, the client is defeated by SDK component pop-up password Enter interface, for inputting the mobile phone card CA password being previously set, the password that the on-screen keyboard of input CA password is popped up in SDK component Random alignment position in input interface.
Preferably, safety container is incorporated in the CA- mobile phone card, while the storage for meeting the close certificate of RSA certificate and state is wanted It asks, the safety certifying method can all generate the Token identity of one-time pad, utilize mobile phone in each authentication process itself The storage of card memory space, the CA- mobile phone card are provided out PIN-based code, Token authentication, application by SDK component Authorize the dual factor anthentication of each dimension.
The present invention also provides a kind of safety certification devices using above-mentioned safety certifying method, including client and service Device end, client include account registration/certification module, mobile phone card information acquisition module and equipment collection apparatus module, the clothes Business device end includes account management module, real-name authentication module, setting database and bound device management module, in which:
Account registration/certification module, for the account of typing submission user, login password and real-name authentication letter in registration The account information of user is carried out typing and authentication verification when logging in by breath;
Equipment collection apparatus module, for when user registers or logs in the uniqueness characteristic of mobile device used Data, that is, identification code is acquired;
Mobile phone card information acquisition module, for when user registers or logs in the card number information of mobile phone card used and Corresponding cell-phone number information is acquired;
Account management module can modify to the registration information of account for the account of managing users registration, can deactivate Account deletes account;
Real-name authentication module, for inquiring and managing the real-name authentication information of user, in registration to the reality of user's submission Name authentication information compares verification;
Database is set, for store the user information for verifying no problem after registration, the user information including tying up one by one Fixed account, login password, real-name authentication information, mobile phone card card number and mobile device identifier;
Bound device management module, for inquiring and managing the bound device of user.
Preferably, the mobile phone card is CA- mobile phone card, and the client further includes mobile phone card CA security module and mobile phone card CA management module, the server end further include historical operation enquiry module,
Mobile phone card information acquisition module be mobile phone card ca authentication module, be also used to CA- mobile phone card provide SDK component into Row data exchange transfers the encryption data stored in CA- mobile phone card, carries out the login authentication of mobile phone card CA password, and needing When relative users identity being wanted to be operated, digital encryption is carried out by information of the CA digital certificate to operation;
Mobile phone card CA security module, for being historical operation trace by the specific operation behavior record of user and carrying out data Encryption, and the data that encrypted historical operation trace is interacted with the mobile phone card ca authentication module are led to server Letter;
Mobile phone card CA management module, for inquiring the mobile phone card CA state of the user, mobile phone card CA function is opened and closed, And resetting mobile phone card CA password;
Historical operation enquiry module, for inquiring the historical operation trace of user.
Preferably, safety authentication device further includes consolidation data inquiry module and consolidation database, the consolidation data Enquiry module is used to provide query service to external system by api interface;The consolidation database is used for multiple tripartites The data of system are extracted, are summarized, are loaded, and are inquired and are used for consolidation data inquiry module;The real-name authentication module is by returning The user's corresponding informance recorded in entire data library and three method, systems compares verification, determines the authenticity of real-name authentication information.
The present invention has the advantages that acquiring the information of mobile phone card and the identification code of mobile device as opponent by client The unique identification feature of machine card and mobile device.Account, login password and real-name authentication information are submitted by user.In server End carries out real-name authentication to real-name authentication information, then will be as the cell-phone number of account and corresponding login password, real-name authentication The identification code of information, mobile phone card number and mobile device is bound one by one, and is stored in consolidation database.And when logging in, also use Same way obtains the identification code of account, login password, mobile phone card number and mobile device and all carries out to each information corresponding Compare verifying.Therefore the present invention not only may be implemented to verify the true identity of user, authenticate, it may also be ensured that using Family device losses will not cause private data leakage.Meanwhile it also being realized by the historical operation trace of record storage user All sensitive operation history traces of user, the ability for operating non-repudiation.
Detailed description of the invention
Fig. 1 is the module connection figure of safety certification device in the embodiment of the present invention 1;
Fig. 2 is the module connection figure of safety certification device in the embodiment of the present invention 2.
Specific embodiment
Below against attached drawing, by the description of the embodiment, making further details of theory to the specific embodiment of the invention It is bright, to help those skilled in the art to have more complete, accurate and deep reason to inventive concept of the invention, technical solution Solution.
Embodiment 1
As shown in Figure 1, the present invention provides a kind of safety certifying methods for being based on " one machine of a people, one card No.1 ", including with Lower step:
S1, server end database obtain user account, login password, real name identity information, mobile device knowledge The card number of other code and U/SIM card used corresponds and binds and store information.
S2, the user log on mobile terminals, submit account and login password.
S3, the client slave mobile device of mobile terminal and currently used U/SIM card obtain the identification code of mobile device With the card number of U/SIM card used, authentication verification is carried out with the logical server end that is submitted to of account and login password one.
S4, the server end are transferred and the login password of account binding, real name identity by account from database The card number of information, the identification code of mobile device and U/SIM card used, and compared with the information that client is submitted correspond to, appoint One information be not consistent then safety certification failure, if all information are consistent safety certification success.
The present invention also provides a kind of safety certification devices using above-mentioned safety certifying method, including client and service Device end, client include account registration/certification module, mobile phone card information acquisition module and equipment collection apparatus module, the clothes Business device end includes account management module, real-name authentication module, consolidation database and bound device management module, in which:
Account registration/certification module, for the account of typing submission user, login password and real-name authentication letter in registration The account information of user is carried out typing and authentication verification when logging in by breath;
Equipment collection apparatus module, for when user registers or logs in the uniqueness characteristic of mobile device used Data, that is, identification code is acquired;
Mobile phone card information acquisition module, for when user registers or logs in the card number information of mobile phone card used and Corresponding cell-phone number information is acquired;
Account management module can modify to the registration information of account for the account of managing users registration, can deactivate Account deletes account;
Real-name authentication module, for inquiring and managing the real-name authentication information of user, in registration to the reality of user's submission Name authentication information compares verification;When user uses other cell-phone number repeated registrations or other people falsely use the user information When registration, not pass through.
Database is set, for store the user information for verifying no problem after registration, the user information including tying up one by one Fixed account, login password, real-name authentication information, mobile phone card card number and mobile device identifier;
Bound device management module, for inquiring and managing the bound device of user.
By above-mentioned safety certification device and authentication method, account, login password and real-name authentication is submitted to believe by user Breath.Real-name authentication is carried out to real-name authentication information in server end, it then will be close as the cell-phone number of account and corresponding login The identification code of code, real-name authentication information, mobile phone card number and mobile device is bound one by one, and is stored in setting database.If Had identical information before before registration, then cannot register, be avoided that stealing information in this way and destroy each verification information it Between one-to-one relationship.
And when logging in, also the identification code of account, login password, mobile phone card number and mobile device is obtained simultaneously with same way Each information is all carried out relatively to verify accordingly.An entity user of the invention must bind unique mobile terminal, using only One mobile phone U/SIM card, association unique login account can not be authorized to service when any link mismatches.Namely It says, which must be the real user by real-name authentication, and using the mobile terminal bound in management backstage, and The specified mobile phone U/SIM card of insertion, can be authorized to service in the terminal.
Embodiment 2
As shown in Fig. 2, the present invention provides a kind of safety certifying methods for being based on " one machine of a people, one card No.1 ", including with Lower step:
S1, server end database obtain user account, login password, real name identity information, mobile device knowledge The card number of other code and U/SIM card used corresponds and binds and store information.
The account is the cell-phone number used when registration, and the server end passes through real-name authentication interface and telecom operators Carry out real-name authentication information checking, with detect user submission real name information whether in the database of telecom operators with submission The corresponding real name information of cell-phone number be consistent.
The server end by several real-name authentication interfaces respectively with public security, civil administration, defend meter systems and be connected, and according to The real name information of the user's registration respectively with public security, civil administration, defend corresponding data in meter systems and compare verification, only All information all are corresponded to be consistent and could be verified successfully, and by real-name authentication information and account binding storage into database.
S2, the user log on mobile terminals, submit account and login password.
The client pops up interface for password input by SDK component, for inputting the mobile phone card CA password being previously set, The on-screen keyboard of input CA password random alignment position in the interface for password input that SDK component pops up.
S3, the client slave mobile device of mobile terminal and currently used U/SIM card obtain the identification code of mobile device With the card number of U/SIM card used, authentication verification is carried out with the logical server end that is submitted to of account and login password one.
The U/SIM card is CA- mobile phone card, and the SDK component that the client and CA- mobile phone provide carries out data exchange, When user carries out user's registration, login operates user information, the client is to user's letter as operation object Breath carries out digital encryption by CA digital certificate.
S4, the server end are transferred and the login password of account binding, real name identity by account from database The card number of information, the identification code of mobile device and U/SIM card used, and compared with the information that client is submitted correspond to, appoint One information be not consistent then safety certification failure, if all information are consistent safety certification success.
Step S5, the data interaction and operation behavior carried out after logging in client is sent to server end, the service The behavioural information for being related to user by digital encryption and is recorded as historical operation information by device end, and storage is in the database.
The CA- mobile phone card is, regular handset U/SIM card on the basis of involvement safety appearance special by telecom operators Device, while meeting the storage requirement of the close certificate of RSA certificate and state.With the close chip of state, it is set to meet national secret algorithm requirement, every In secondary authentication process itself, the Token identity of one-time pad can be all generated.It is stored using mobile phone card memory space, the CA- hand Machine card is provided out PIN-based code, Token authentication, using the dual factor anthentication for authorizing each dimension by SDK component. The specific structure of CA- mobile phone card is because being the prior art and not influencing implementation of the invention therefore repeats no more herein.
The present invention also provides a kind of safety certification devices using above-mentioned safety certifying method, including client and service Device end, client include account registration/certification module, mobile phone card ca authentication module, mobile phone card CA security module, mobile phone card CA pipe Module and equipment collection apparatus module are managed, the server end includes account management module, real-name authentication module, setting data Library, consolidation database, historical operation enquiry module, consolidation data inquiry module and bound device management module.Wherein:
Account registration/certification module, for the account of typing submission user, login password and real-name authentication letter in registration The account information of user is carried out typing and authentication verification when logging in by breath.
Equipment collection apparatus module, for when user registers or logs in the uniqueness characteristic of mobile device used Data, that is, identification code is acquired.
Account management module can modify to the registration information of account for the account of managing users registration, can deactivate Account deletes account.
Real-name authentication module, for inquiring and managing the real-name authentication information of user, in registration to the reality of user's submission Name authentication information compares verification.Real-name authentication module is also connected respectively to by several real-name authentication interfaces and is transported including telecommunications Battalion quotient, public security, civil administration, three method, systems defended including meter systems can be also used for the real-name authentication for submitting user in verification The user's corresponding informance recorded in information and three method, systems compares verification.When user uses other cell-phone number repeated registrations When or other people falsely use the user information registration when, not pass through.
Database is set, for store the user information for verifying no problem after registration, the user information including tying up one by one Fixed account, login password, real-name authentication information, mobile phone card card number and mobile device identifier.
Bound device management module, for inquiring and managing the bound device of user.When user's bound device lose or its When his reason needs to unbind, it can be operated by the module.
Mobile phone card ca authentication module is also used to the SDK group provided with CA- mobile phone card for acquiring the information in mobile phone card Part carries out data exchange, the card number of the encryption data and CA- mobile phone card that store in CA- mobile phone card is transferred, to determine that user is tying up It is inserted on fixed mobile terminal matched " CA- mobile phone card " with register account number.Mobile phone card ca authentication module also can be carried out mobile phone The login authentication for blocking CA password passes through CA digital certificate pair when certain operations in application need relative users identity to operate The information of operation carries out digital encryption, prevents denial of the user to operation.Meanwhile 6-8 mobile phone cards can be set in user CA password, interface for password input are popped up by SDK, and tripartite can not obtain, and the on-screen keyboard for inputting password is random alignment position, Prevent by one's side other people record.
Mobile phone card CA security module, for being historical operation trace by the specific operation behavior record of user and carrying out data Encryption, and the data that encrypted historical operation trace is interacted with the mobile phone card ca authentication module are led to server Letter.By the way that historical operation trace is uploaded to setting database, operation history trace and user's operation resisting denying can be used for.
Mobile phone card CA management module, for inquiring the mobile phone card CA state of the user, mobile phone card CA function is opened and closed, And resetting mobile phone card CA password.It, can Temporarily Closed mobile phone card CA when user damages or loses because of " CA- mobile phone card " Function.After closing, which is only capable of using partially concerning security matters function, other function are not available.When user forgets mobile phone card CA password or when leading to mobile phone card CA password locking because of reasons such as maloperations, can carry out resetting password by the module.Resetting Order will be sent on designated equipment by safe encrypted tunnel, carry out responding related resetting by mobile phone card CA security module Operation.
Historical operation enquiry module, for inquiring the historical operation trace of user.Historical operation trace is by setting, mainly Record is sensitive operation content.
The consolidation data inquiry module is used to take by api interface to the inquiry that external system is provided to consolidation database Business is inquired for other operation systems and is used.
The consolidation database is to extract the data of multiple three method, systems, summarize, loading, looks into for consolidation data Ask the database that module polls use.Its data source is in many aspects, comprising:
(1) user, in the real name information of telecom operators' registration, is provided when handling CA- mobile phone card by operator Interface synchronization into consolidation database, for verify user's registration cell-phone number real name information whether the real name information with certification Match.
(2) other from public security, defend the real name information data that the departments such as meter, civil administration synchronize, for verifying the user The authenticity of real name information.
The present invention not only may be implemented to verify the true identity of user, authenticate, it may also be ensured that even if user sets It is standby to lose, private data leakage will not be caused.Meanwhile also achieving all sensitive operation history traces of user, operation not The ability that can be denied.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not It must be directed to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be in office It can be combined in any suitable manner in one or more embodiment or examples.In addition, without conflicting with each other, the skill of this field Art personnel can tie the feature of different embodiments or examples described in this specification and different embodiments or examples It closes and combines.
The present invention is exemplarily described above in conjunction with attached drawing, it is clear that the present invention implements not by aforesaid way Limitation, it is or not improved as long as using the improvement for the various unsubstantialities that the method for the present invention conception and technical scheme carry out Present inventive concept and technical solution are directly applied into other occasions, within that scope of the present invention.

Claims (10)

1. the safety certifying method that one kind is based on " one machine of a people, one card No.1 ", it is characterised in that: the following steps are included:
S1, server end database obtain the identification code of the account of user, login password, real name identity information, mobile device With the card number of U/SIM card used, corresponds and bind and store information;
S2, the user log on mobile terminals, submit account and login password;
S3, the client slave mobile device of mobile terminal and currently used U/SIM card obtain identification code and the institute of mobile device With the card number of U/SIM card, authentication verification is carried out with the logical server end that is submitted to of account and login password one;
S4, the server end by account transferred from database with the account binding login password, real name identity information, The card number of the identification code of mobile device and U/SIM card used, and compared with the information that client is submitted correspond to, any information Be not consistent then safety certification failure, the safety certification success if all information are consistent.
2. a kind of safety certifying method for being based on " one machine of a people, one card No.1 " according to claim 1, it is characterised in that: Account described in the step S1 is the cell-phone number used when registration, and the server end is transported by real-name authentication interface and telecommunications Seek quotient carry out real-name authentication information checking, with detect user submission real name information whether in the database of telecom operators with The corresponding real name information of the cell-phone number of submission is consistent, and real-name authentication information and account binding storage are arrived database if being consistent In.
3. a kind of safety certifying method for being based on " one machine of a people, one card No.1 " according to claim 1, it is characterised in that: In the step S1, the server end by several real-name authentication interfaces respectively with public security, civil administration, defend meter systems and be connected, And according to the real name information of the user's registration respectively with public security, civil administration, defend corresponding data in meter systems and compare school It tests, only all information all correspondences are consistent and could verify successfully, and real-name authentication information and account binding storage are arrived database In.
4. a kind of safety certifying method for being based on " one machine of a people, one card No.1 " according to claim 1, it is characterised in that: The data interaction that carries out and operation behavior are sent to server end, the server after further including step S5, logging in client The behavioural information for being related to user by digital encryption and is recorded as historical operation information by end, and storage is in the database.
5. a kind of safety certifying method for being based on " one machine of a people, one card No.1 " according to claim 1, it is characterised in that: The U/SIM card is CA- mobile phone card, and the SDK component that the client and CA- mobile phone provide carries out data exchange, when user into When row user's registration, login operate user information, the client passes through CA to the user information as operation object Digital certificate carries out digital encryption.
6. a kind of safety certifying method for being based on " one machine of a people, one card No.1 " according to claim 5, it is characterised in that: In the step S2 after input account and password, the client pops up interface for password input by SDK component, for inputting The mobile phone card CA password being previously set, the on-screen keyboard for inputting CA password are random in the interface for password input that SDK component pops up Arrangement position.
7. a kind of safety certifying method for being based on " one machine of a people, one card No.1 " according to claim 5, it is characterised in that: Safety container is incorporated in the CA- mobile phone card, while meeting the storage requirement of the close certificate of RSA certificate and state, the safety certification Method can all generate the Token identity of one-time pad in each authentication process itself, be stored using mobile phone card memory space, The CA- mobile phone card by SDK component, be provided out PIN-based code, Token authentication, using authorize each dimension mostly because Element certification.
8. being based on one kind of the safety certifying method of " one machine of a people, one card No.1 " using one kind described in -7 according to claim 1 Safety certification device, it is characterised in that: including client and server end, client includes account registration/certification module, mobile phone Card information acquisition module and equipment collection apparatus module, the server end include account management module, real-name authentication module, set Determine database and bound device management module, in which:
Account registration/certification module, for registration when typing submit user account, login password and real-name authentication information, The account information of user is subjected to typing and authentication verification when logging in;
Equipment collection apparatus module, for when user registers or logs in the uniqueness characteristic data of mobile device used I.e. identification code is acquired;
Mobile phone card information acquisition module, for when user registers or logs in the card number information and correspondence of mobile phone card used Cell-phone number information be acquired;
Account management module can modify to the registration information of account for the account of managing users registration, can deactivate account Or delete account;
Real-name authentication module, for inquiring and managing the real-name authentication information of user, the real name submitted in registration to user is recognized Card information compares verification;
Set database, for store registration after verification no problem user information, the user information includes binding one by one Account, login password, real-name authentication information, mobile phone card card number and mobile device identifier;
Bound device management module, for inquiring and managing the bound device of user.
9. a kind of safety certification device according to claim 8, it is characterised in that: the mobile phone card is CA- mobile phone card, institute Stating client further includes mobile phone card CA security module and mobile phone card CA management module, and the server end further includes that historical operation is looked into Module is ask,
Mobile phone card information acquisition module is mobile phone card ca authentication module, is also used to be counted with the SDK component that CA- mobile phone card provides According to exchange, the encryption data stored in CA- mobile phone card is transferred, carries out the login authentication of mobile phone card CA password, and is needing phase When user identity being answered to be operated, digital encryption is carried out by information of the CA digital certificate to operation;
Mobile phone card CA security module, for being historical operation trace by the specific operation behavior record of user and carrying out data and add It is close, and the data that encrypted historical operation trace is interacted with the mobile phone card ca authentication module are led to server Letter;
Mobile phone card CA management module, for inquiring the mobile phone card CA state of the user, mobile phone card CA function is opened and closed, and Reset mobile phone card CA password;
Historical operation enquiry module, for inquiring the historical operation trace of user.
10. a kind of safety certification device according to claim 8 or claim 9, it is characterised in that: further include consolidation data query mould Block and consolidation database, the consolidation data inquiry module are used to provide query service to external system by api interface;It is described Consolidation database makes for being extracted, being summarized by the data of multiple three method, systems, loaded for the inquiry of consolidation data inquiry module With;The real-name authentication module compares verification by the user's corresponding informance recorded in consolidation database and three method, systems, Determine the authenticity of real-name authentication information.
CN201810970835.8A 2018-08-24 2018-08-24 One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 " Pending CN109151820A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810970835.8A CN109151820A (en) 2018-08-24 2018-08-24 One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 "

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810970835.8A CN109151820A (en) 2018-08-24 2018-08-24 One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 "

Publications (1)

Publication Number Publication Date
CN109151820A true CN109151820A (en) 2019-01-04

Family

ID=64827709

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810970835.8A Pending CN109151820A (en) 2018-08-24 2018-08-24 One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 "

Country Status (1)

Country Link
CN (1) CN109151820A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109951604A (en) * 2019-02-27 2019-06-28 维沃移动通信有限公司 A kind of message treatment method, mobile terminal and user identification module
CN110149625A (en) * 2019-06-14 2019-08-20 北京么登科技有限公司 Phone number verification method and system
CN110414208A (en) * 2019-07-25 2019-11-05 中国工商银行股份有限公司 Login validation method, calculates equipment and medium at device
CN110555300A (en) * 2019-09-06 2019-12-10 北京字节跳动网络技术有限公司 application program authorization method, client, server, terminal device and medium
CN111798240A (en) * 2020-05-13 2020-10-20 广州永惠网络科技股份有限公司 User authentication binding method and device
CN112187736A (en) * 2020-09-10 2021-01-05 珠海格力电器股份有限公司 Supply chain account login method and device based on mobile terminal
CN112929881A (en) * 2019-12-05 2021-06-08 华为技术有限公司 Machine card verification method applied to extremely simple network and related equipment
CN112995160A (en) * 2021-02-07 2021-06-18 北京声智科技有限公司 Data decryption system and method, terminal, server and non-transient storage medium
CN113704738A (en) * 2021-08-31 2021-11-26 潍柴动力股份有限公司 Terminal identity verification method based on historical map and related equipment
CN114222297A (en) * 2021-12-11 2022-03-22 天翼电信终端有限公司 Authentication method, device, terminal and storage medium based on mobile phone SIM card

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
CN102609837A (en) * 2012-01-21 2012-07-25 伯泰雄森(北京)网络科技有限公司 Payment method and payment system based on correlated specific information and terminal number
US20120300927A1 (en) * 2011-05-25 2012-11-29 Yeon Gil Choi Method of registering smart phone when accessing security authentication device and method of granting access permission to registered smart phone
CN103037374A (en) * 2012-12-28 2013-04-10 合肥工业大学 Enterprise-level intelligent mobile terminal anti-theft method
CN103853950A (en) * 2014-03-20 2014-06-11 深圳市中兴移动通信有限公司 Authentication method based on mobile terminal and mobile terminal
CN104066085A (en) * 2014-01-16 2014-09-24 苏州天鸣信息科技有限公司 Safety protection method applied for mobile terminal and system thereof
CN106411853A (en) * 2016-09-05 2017-02-15 广东聚联电子商务股份有限公司 Method for supplementing and perfecting network real name system information

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
US20120300927A1 (en) * 2011-05-25 2012-11-29 Yeon Gil Choi Method of registering smart phone when accessing security authentication device and method of granting access permission to registered smart phone
CN102609837A (en) * 2012-01-21 2012-07-25 伯泰雄森(北京)网络科技有限公司 Payment method and payment system based on correlated specific information and terminal number
CN103037374A (en) * 2012-12-28 2013-04-10 合肥工业大学 Enterprise-level intelligent mobile terminal anti-theft method
CN104066085A (en) * 2014-01-16 2014-09-24 苏州天鸣信息科技有限公司 Safety protection method applied for mobile terminal and system thereof
CN103853950A (en) * 2014-03-20 2014-06-11 深圳市中兴移动通信有限公司 Authentication method based on mobile terminal and mobile terminal
CN106411853A (en) * 2016-09-05 2017-02-15 广东聚联电子商务股份有限公司 Method for supplementing and perfecting network real name system information

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109951604A (en) * 2019-02-27 2019-06-28 维沃移动通信有限公司 A kind of message treatment method, mobile terminal and user identification module
CN110149625A (en) * 2019-06-14 2019-08-20 北京么登科技有限公司 Phone number verification method and system
CN110414208A (en) * 2019-07-25 2019-11-05 中国工商银行股份有限公司 Login validation method, calculates equipment and medium at device
CN110555300A (en) * 2019-09-06 2019-12-10 北京字节跳动网络技术有限公司 application program authorization method, client, server, terminal device and medium
CN112929881A (en) * 2019-12-05 2021-06-08 华为技术有限公司 Machine card verification method applied to extremely simple network and related equipment
WO2021109753A1 (en) * 2019-12-05 2021-06-10 华为技术有限公司 Machine-card verification method applied to minimalist network, and related device
EP4057658A4 (en) * 2019-12-05 2023-01-04 Huawei Technologies Co., Ltd. Machine-card verification method applied to minimalist network, and related device
CN111798240A (en) * 2020-05-13 2020-10-20 广州永惠网络科技股份有限公司 User authentication binding method and device
CN112187736A (en) * 2020-09-10 2021-01-05 珠海格力电器股份有限公司 Supply chain account login method and device based on mobile terminal
CN112995160A (en) * 2021-02-07 2021-06-18 北京声智科技有限公司 Data decryption system and method, terminal, server and non-transient storage medium
CN112995160B (en) * 2021-02-07 2022-05-06 北京声智科技有限公司 Data decryption system and method, terminal, server and non-transient storage medium
CN113704738A (en) * 2021-08-31 2021-11-26 潍柴动力股份有限公司 Terminal identity verification method based on historical map and related equipment
CN113704738B (en) * 2021-08-31 2024-05-17 潍柴动力股份有限公司 Terminal identity verification method based on historical map and related equipment
CN114222297A (en) * 2021-12-11 2022-03-22 天翼电信终端有限公司 Authentication method, device, terminal and storage medium based on mobile phone SIM card
CN114222297B (en) * 2021-12-11 2023-06-30 天翼电信终端有限公司 Authentication method, device, terminal and storage medium based on mobile phone SIM card

Similar Documents

Publication Publication Date Title
CN109151820A (en) One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 "
EP3320667B1 (en) Method for mapping at least two authentication devices to a user account using an authentication server
RU2434352C2 (en) Reliable authentication method and device
CN102461231B (en) Program at radio mobile communication network registry radio mobile communication equipment
CN111787530B (en) Block chain digital identity management method based on SIM card
US10050791B2 (en) Method for verifying the identity of a user of a communicating terminal and associated system
CN104735065B (en) A kind of data processing method, electronic equipment and server
CN109325342A (en) Identity information management method, apparatus, computer equipment and storage medium
CN107113613B (en) Server, mobile terminal, network real-name authentication system and method
CN104321777A (en) Method for generating public identity for authenticating an individual carrying an identification object
CN104424676A (en) Identity information sending method, identity information sending device, access control card reader and access control system
CN106936588A (en) A kind of trustship method, the apparatus and system of hardware controls lock
CN107733636A (en) Authentication method and Verification System
CN104469736B (en) A kind of data processing method, server and terminal
WO2014180345A1 (en) User identity verification and authorization system
US8601270B2 (en) Method for the preparation of a chip card for electronic signature services
CN110995661B (en) Network card platform
CN108769981A (en) A kind of a kind of personal information protecting method for after the encryption SIM card of terminal device and SIM card loss based on encryption
CN113779534A (en) Personal information providing method and service platform based on digital identity
CN107888376A (en) NFC Verification Systems based on quantum communication network
CN105072136B (en) A kind of equipment room safety certifying method and system based on virtual drive
CN107786566A (en) Method for protecting privacy, system, server and receiving terminal
EP3684004A1 (en) Offline interception-free interaction with a cryptocurrency network using a network-disabled device
JP4303952B2 (en) Multiple authentication system, computer program, and multiple authentication method
CN105743883B (en) A kind of the identity attribute acquisition methods and device of network application

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190104

RJ01 Rejection of invention patent application after publication