CN109344590A - User identity online verification method and user identity online verification system - Google Patents

User identity online verification method and user identity online verification system Download PDF

Info

Publication number
CN109344590A
CN109344590A CN201811066318.4A CN201811066318A CN109344590A CN 109344590 A CN109344590 A CN 109344590A CN 201811066318 A CN201811066318 A CN 201811066318A CN 109344590 A CN109344590 A CN 109344590A
Authority
CN
China
Prior art keywords
user
real name
identity
time
answer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811066318.4A
Other languages
Chinese (zh)
Inventor
路成业
王凌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Iallchain Co Ltd
Original Assignee
Iallchain Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Iallchain Co Ltd filed Critical Iallchain Co Ltd
Priority to CN201811066318.4A priority Critical patent/CN109344590A/en
Publication of CN109344590A publication Critical patent/CN109344590A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Tourism & Hospitality (AREA)
  • General Physics & Mathematics (AREA)
  • Economics (AREA)
  • Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Human Resources & Organizations (AREA)
  • General Business, Economics & Management (AREA)
  • General Health & Medical Sciences (AREA)
  • Marketing (AREA)
  • Educational Administration (AREA)
  • Development Economics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention belongs to block chain technical fields, are related to user identity online verification method and system.This method comprises: receiving the real name verification application proposed online to real name verification user;By to the identity information of real name verification user, real name verification application information local time stamp, signs and broadcast with the private key to real name verification user;Challenge is initiated to real name verification user online;The response video for carrying out response to challenge recorded and uploaded to real name verification user is received, video is responded and includes at least the identity document photograph to real name verification user, response time segment and respond answer;The content responded in video is identified, and is included the verifying to the timeliness, the authenticity of real name identity, the correctness of response answer for responding video;After the content responded in video after real name verification user is by verifying, generates and sign and broadcast to the identity information of real name verification user.This method and system enormously simplify the online identity confirmation process of user.

Description

User identity online verification method and user identity online verification system
Technical field
The invention belongs to block chain technical fields, and in particular to a kind of user identity online verification method and user identity exist Line verifies system.
Background technique
Resident identification card is that citizen carries out social activities, is safeguarded citizens' lawful rights and interests, it was demonstrated that the legal certificate of citizenship, It is closely bound up with everybody in daily life.
With the development of technology, electronic ID card is had also appeared at present, i.e., identifies individual citizens identity by head portrait In the electronic certificate generated on mobile phone after biotechnological method comparison, it to be used for user identity identification.It is current only to pass through scene It can confirm that user identity, therefore user must arrive general office of public security organ or public security organ's specified " trusted terminal " accepts and a little opens It is logical, it handles more troublesome.
Correspondingly, other affairs based on electronic ID card, also generally require and handle at the scene, for example obtain from the Ministry of Public Security Its identity information etc. signed.It is limited to the limitation of user time, place and working organ processing capacity, scene carries out body Part certification is no longer satisfied the application in current people's daily life.
Therefore, how to simplify authentication and have become technical problem urgently to be resolved.
Summary of the invention
The technical problem to be solved by the present invention is to it is online to provide a kind of user identity for above-mentioned deficiency in the prior art Verification method and user identity online verification system, sign to the identity information after confirmation, carry out without user to scene Application enormously simplifies the online identity confirmation process of user.
Solving technical solution used by present invention problem is the user identity online verification method, comprising steps of
The real name verification application proposed online to real name verification user is received, includes at least institute in real name verification application information State the identity information of the name and identification card number to real name verification user;
By the identity information to real name verification user, real name verification application information local time stamp, with described to reality The private key of name verifying user is signed and is broadcasted;
Challenge is initiated to real name verification user to described online;
Receive the response video that response is carried out to the challenge recorded and uploaded to real name verification user, institute It states and responds video including at least described to the identity document photograph of real name verification user, response time segment and response answer;
Content in the response video is identified, and is included to timeliness, the real name for responding video The verifying of the authenticity, the correctness of response answer of identity;
After the content in the response video after real name verification user is by verifying, generation is described to test to real name The identity information of card user sign and is broadcasted, identity information signature including at least to real name verification user identification card number, Name, head portrait and public key.
Optionally, carrying out verifying to the timeliness for responding video includes:
It identifies and extracts the timestamp in the response video;
When calculating first between the time of the timestamp and the time for receiving the broadcast message for responding video Between it is poor;
Judge poor at the first time whether allow in time difference threshold range first:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
Optionally, carrying out verifying to the timeliness for responding video includes:
Identify and extract the time of corresponding user identifier and time slice in the response video;
Calculate in the time real name verification solicitation message corresponding with the user identifier of the time slice when Between between the second time difference;
Judge whether second time difference allows in time difference threshold range second:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
Optionally, carrying out verifying to the authenticity of the real name identity includes:
It identifies and extracts the head portrait image in the living body head portrait image and identity document photograph in the response video;
The living body head portrait image and the head portrait image in identity document photograph are compared, it is similar to calculate head portrait Degree;
Judge the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
Optionally, the authenticity of the real name identity is verified further include:
It identifies and extracts name, identification card number in identity document photograph described in the response video;
By the name in name, the identification card number real name verification solicitation message corresponding with the user identifier, identity Card number compares;Alternatively, by the identity document shine in name, identification card number is in local public security organ's identity information data Library compares;
Judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
Optionally, carrying out verifying to the correctness for responding answer includes:
It identifies and extracts the response answer in the response video;
Inquire the corresponding system answer of the challenge;
The response answer and the system answer are compared;
Judge whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
Optionally, in the step of generating the identity information signature to real name verification user:
To it is described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations directly into Row signature;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name, And encryption head portrait and other identity informations are signed.
A kind of user identity online verification system, including Subscriber Interface Module SIM, service module, verifying challenge module and identification Authentication module, in which:
The Subscriber Interface Module SIM is configured to receive the real name verification application proposed online to real name verification user, real name It verifies described in being included at least in application information to the name of real name verification user and the identity information of identification card number;And it receives The response video that response is carried out to the challenge recorded and uploaded to real name verification user, the response video is extremely Few includes described to the identity document photograph of real name verification user, response time segment and response answer;
The service module is configured to the identity information to real name verification user, real name verification application information sheet Ground timestamp is signed and is broadcasted with the private key to real name verification user;
And after the content in the response video after real name verification user is by verifying, generate it is described to The identity information of real name verification user is signed and is broadcasted, and the identity information signature includes at least the identity to real name verification user Card number, name, head portrait and public key;
Module is challenged in the verifying, is configured to initiate challenge to real name verification user to described online;
The identification authentication module is configured to identify the content in the response video, and is included to institute State the verifying of the timeliness for responding video, the authenticity of real name identity, the correctness of response answer.
Optionally, the identification authentication module includes timeliness verifying submodule, and the timeliness verifies submodule packet Include first time recognition unit, the first computing unit and the first judging unit, in which:
The first time recognition unit, for identification it is described respond video in timestamp;
First computing unit, the time for calculating the timestamp disappear with the broadcast for responding video is received First time between the time of breath is poor;
First judging unit, poor whether in the first permission time difference threshold range at the first time for judging:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
Optionally, the identification authentication module includes timeliness verifying submodule, and the timeliness verifies submodule packet Include the second time recognition unit, the second computing unit and second judgment unit, in which:
The second time recognition unit for identification and extracts corresponding user identifier and time in the response video The time of segment;
Second computing unit, the time reality corresponding with the user identifier for calculating the time slice The second time difference between time in name verifying solicitation message;
The second judgment unit, for judging second time difference whether in the second permission time difference threshold range It is interior:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
Optionally, the identification authentication module includes authenticity verification submodule, the authenticity verification submodule packet Include head portrait recognition unit, head portrait similarity calculated and identity judging unit, in which:
The head portrait recognition unit for identification and extracts the living body head portrait image in the response video and the identity Head portrait image in certificate photo;
The head portrait similarity calculated, with the head portrait figure in shining the living body head portrait image and the identity document As comparing, head portrait similarity is calculated;
The identity judging unit, for judging the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
Optionally, the authenticity verification submodule further includes name's recognition unit, name's comparison unit, in which:
Name's recognition unit, for identification and extract it is described response video described in identity document shine in name, Identification card number;
Name's comparison unit is used for name, the identification card number real name verification corresponding with the user identifier Name, identification card number in solicitation message compare;Alternatively, by the identity document shine in name, identification card number this Ground public security organ identity information database compares;
The identity judging unit is also used to judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
Optionally, the identification authentication module includes verification of correctness submodule, the verification of correctness submodule packet Include answer recognition unit, answer query unit, answer comparison unit and answer judging unit, in which:
The answer recognition unit for identification and extracts the response answer in the response video;
The answer query unit, for inquiring the corresponding system answer of the challenge;
The answer comparison unit, for comparing the response answer and the system answer;
The answer judging unit, for judging whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
Optionally, the service module includes identity information signature submodule, is configured that
To it is described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations directly into Row signature;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name, And encryption head portrait and other identity informations are signed.
The beneficial effects of the present invention are:
User identity online verification method and user identity online verification method system of the invention, it is special by sending Meet the response video of certain rule and the online service platform for being connected into public security organ's offer carries out the verifying and confirmation of identity, it is right Identity information after confirmation is signed, and is applied without user to scene, and the online identity confirmation of user is enormously simplified Process.
Detailed description of the invention
Fig. 1 is the flow chart of user identity online verification method in the embodiment of the present invention;
Fig. 2 is the structural block diagram of user identity online verification system in the embodiment of the present invention;
Fig. 3 is the flow diagram of user's B online application subscriber authentication in the embodiment of the present invention;
In figure:
1- Subscriber Interface Module SIM;2- service module;3- verifying challenge module;4- identifies authentication module.
Specific embodiment
Technical solution in order to enable those skilled in the art to better understand the present invention, with reference to the accompanying drawing and specific embodiment party Formula is described in further detail user identity online verification method of the present invention and user identity online verification system.
The present invention provides a kind of user identity online verification method and user identity online verification method system, passes through transmission Special the responses video for meeting certain rule and the online service platform that public security organ's offer is provided carry out the verifying of identity with Confirmation, sign to the identity information after confirmation, apply without user to scene, enormously simplify user in line body Part confirmation process.
As shown in Figure 1, in the present embodiment user identity online verification method comprising steps of
Step S1): receive the real name verification application that proposes online to real name verification user, in real name verification application information extremely It less include the identity information of the name and identification card number to real name verification user
Step S2): by the identity information of real name verification user, real name verification application information local time stamp, to reality The private key of name verifying user is signed and is broadcasted.
Step S3): challenge is initiated to real name verification user online.
Step S4): the response video for carrying out response to challenge recorded and uploaded to real name verification user is received, is returned Video is answered to include at least the identity document photograph to real name verification user, response time segment and respond answer.
Step S5): the content responded in video is identified, and is included to timeliness, the real name for responding video The verifying of the authenticity, the correctness of response answer of identity.
In this step, which is suitable for public security organ's offer user identity online verification clothes Business, receives the real name verification application of user.Knowledge in the user identity online verification method, for user response video Not and verifying is emphasis, and the present embodiment is done from the timeliness, the authenticity of real name identity, the correctness of response answer for responding video Multi-faceted consideration and audit, it is ensured that the confidence level of user identity.
Wherein, carrying out verifying to the timeliness for responding video includes:
It identifies and extracts the timestamp responded in video;
Calculate timestamp time and receive respond video broadcast message time between first time it is poor;
Judge poor at the first time whether allow in time difference threshold range first:
If at the first time it is poor first allow time difference threshold range in, continue next step, continue in other words to return The content in video is answered to be identified and verified;
If poor at the first time do not allow in time difference threshold range first, stopping continues to verify.
Alternatively, to respond video timeliness carry out verifying include:
It identifies and extracts the time for responding corresponding user identifier and time slice in video;
Calculate the between the time in the time real name verification solicitation message corresponding with user identifier of time slice Two time differences;
Judge whether the second time difference allowed in time difference threshold range second:
If the second time difference second allow time difference threshold range in, continue next step, continue in other words to return The content in video is answered to be identified and verified;
If the second time difference did not allowed in time difference threshold range second, stopping continues to verify.
Carrying out verifying to the authenticity of real name identity includes:
It identifies and extracts the head portrait image responded in living body head portrait image and identity document photograph in video;
Living body head portrait image and the head portrait image in identity document photograph are compared, head portrait similarity is calculated;
Judge head portrait similarity whether in third threshold range:
If head portrait similarity in third threshold range, continues next step, continue in other words in response video Content is identified and is verified;
If head portrait similarity, not in third threshold range, stopping continues to verify.
Further, the authenticity of real name identity is verified further include:
It identifies and extracts name, the identification card number responded in video in identity document photograph;
Name, identification card number in name, identification card number real name verification solicitation message corresponding with user identifier is carried out Comparison;Alternatively, by identity document shine in name, identification card number compares in local public security organ's identity information database;
Judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step, continue in other words to respond video in content carry out identification and Verifying;
If comparing result is inconsistent, stopping continues to verify.
Carrying out verifying to the correctness for responding answer includes:
It identifies and extracts the response answer responded in video;
Inquire the corresponding system answer of challenge;
Answer will be responded to compare with system answer;
Judge whether response answer is correct:
If respond answer it is correct, continue next step, continue in other words to respond video in content carry out identification and Verifying;
If it is incorrect to respond answer, stopping continues to verify.
Step S6): after the content responded in video after real name verification user is by verifying, generates and used to real name verification The identity information at family is signed and is broadcasted, and identity information signature includes at least identification card number, name, head portrait to real name verification user And public key.
In the multi-faceted first sentence to the timeliness, the authenticity of real name identity, the correctness of response answer of responding video Core and after all passing through, identity information signature of the generation to real name verification user the step of in:
Identification card number, name, head portrait, client public key and other identity informations for treating real name verification user are directly signed Name;
Alternatively, by after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and Encryption head portrait and other identity informations are signed.
Correspondingly, as shown in Fig. 2, the present embodiment also provides a kind of user identity online verification system comprising Yong Hujie Mouth mold block 1, service module 2, verifying challenge module 3 and identification authentication module 4, in which:
Subscriber Interface Module SIM 1 is configured to propose real name verification application online on service platform to real name verification user, real It includes at least in name verifying application information to the name of real name verification user and the identity information of identification card number;And for reality Name verifying user, which records and uploads response video, carries out response to challenge, responds video and includes at least to real name verification user Identity document shine, response time segment and respond answer;
Service module 2 is configured to identity information, real name verification application information local zone time to real name verification user Stamp, is signed and is broadcasted with the private key to real name verification user;
And it after the content responded in video after real name verification user is by verifying, generates to real name verification user Identity information sign and broadcast, identity information signature include at least to the identification card number of real name verification user, name, head portrait and Public key;
Verifying challenge module 3 is configured to initiate challenge to real name verification user online;
It identifies authentication module 4, is configured to identify the content responded in video, and included to response video The verifying of timeliness, the authenticity of real name identity, the correctness of response answer.
Wherein, identification authentication module 4 includes that timeliness verifies submodule, and it includes knowing at the first time that timeliness, which verifies submodule, Other unit, the first computing unit and the first judging unit, in which:
First time recognition unit responds the timestamp in video for identification;
First computing unit, for calculate the time in timestamp with receive the broadcast message for responding video time it Between first time it is poor;
First judging unit, poor whether in the first permission time difference threshold range at the first time for judging:
If at the first time it is poor first allow time difference threshold range in, continue next step, continue in other words to return The content in video is answered to be identified and verified;
If poor at the first time do not allow in time difference threshold range first, stopping continues to verify.
Identify that authentication module 4 includes that timeliness verifies submodule, it includes that the identification of the second time is single that timeliness, which verifies submodule, Member, the second computing unit and second judgment unit, in which:
Second time recognition unit, for identification and extract respond corresponding user identifier and time slice in video when Between;
Second computing unit, for calculating the time real name verification solicitation message corresponding with user identifier in time slice In time between the second time difference;
Second judgment unit, for judging for the second time difference whether in the second permission time difference threshold range:
If the second time difference second allow time difference threshold range in, continue next step, continue in other words to return The content in video is answered to be identified and verified;
If the second time difference did not allowed in time difference threshold range second, stopping continues to verify.
Identify that authentication module 4 includes authenticity verification submodule, authenticity verification submodule includes head portrait recognition unit, head As similarity calculated and identity judging unit, in which:
Head portrait recognition unit for identification and extracts the head responded in living body head portrait image and identity document photograph in video As image;
Head portrait similarity calculated is compared with by living body head portrait image and the head portrait image in identity document photograph, Calculate head portrait similarity;
Identity judging unit, for judging head portrait similarity whether in third threshold range:
If head portrait similarity in third threshold range, continues next step, continue in other words in response video Content is identified and is verified;
If head portrait similarity, not in third threshold range, stopping continues to verify.
Further, authenticity verification submodule further includes name's recognition unit, name's comparison unit, in which:
Name's recognition unit for identification and extracts name, the identification card number responded in video in identity document photograph;
Name's comparison unit, for will be in name, identification card number real name verification solicitation message corresponding with user identifier Name, identification card number compare;Alternatively, by identity document shine in name, identification card number believes in local public security organ's identity Breath database compares;
Identity judging unit is also used to judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step, continue in other words to respond video in content carry out identification and Verifying;
If comparing result is inconsistent, stopping continues to verify.
Identify that authentication module 4 includes verification of correctness submodule, verification of correctness submodule includes answer recognition unit, answers Case query unit, answer comparison unit and answer judging unit, in which:
Answer recognition unit for identification and extracts the response answer responded in video;
Answer query unit, for inquiring the corresponding system answer of inquiry challenge;
Answer comparison unit is compared for that will respond answer with system answer;
Answer judging unit, for judging whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
In identification 4 pairs of authentication module response timeliness of video, the authenticity of real name identity, the correctness for responding answer After multi-faceted audit all passes through, it can be signed by service module 2 to identity information.Wherein, service module 2 is believed including identity Breath signature submodule, is configured that
Identification card number, name, head portrait, client public key and other identity informations for treating real name verification user are directly signed Name;
Alternatively, by after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and Encryption head portrait and other identity informations are signed.
Above-mentioned user identity online verification system can be considered the service platform for being based on block chain (Blockchain), use One of node is first registered as before family use certificate function.While succeeding in registration, user obtains a pair of public Key and private key.Block chain is a kind of chained record knot for being sequentially in time combined into data block in such a way that sequence is connected Structure, and guarantee that data therein can not be distorted and can not be forged in a manner of cryptography.
Below with reference to above-mentioned user identity online verification method and user identity online verification system, (service is flat in other words Platform), as shown in figure 3, technical solution of the present invention is specifically addressed by the example that user B carries out online verification:
Step S1): receive the real name verification application proposed online on service platform to real name verification user, real name verification It includes at least in application information to the name of real name verification user and the identity information of identification card number.
Real name verification application is initiated online to Subscriber Interface Module SIM 1 of the real name verification user on service platform, and real name is tested The identity information included at least in application information to real name verification user is demonstrate,proved, wants to apply to real name verification user such as certain user B Real name verification then inputs the identity informations such as name, identification card number in service platform first online.
Real name verification application information further include: the local time stamp applied to the user identifier of real name verification user, initiation With the public key to real name verification user.User identifier therein is automatically generated by service platform, also according to real name verification user Application time generate timestamp.Service platform also automatically generates corresponding a pair of of public key and private key when user's registration.
Step S2): by the identity information of real name verification user, real name verification application information local time stamp, to reality The private key of name verifying user is signed and is broadcasted.
The service module 2 of service platform by when the identity information of real name verification user, when the local of real name verification user Between stab and signed with the private key to real name verification user.I.e. by the use of the name of user B, the identification card number of user B, user B The public key of family mark, user B, the private of user B of the information such as local time stamp TIME1 of user's B real name verification application information Key is signed and is broadcasted.Other users in service platform or service platform, with the public key of user B to after to its private key encryption Information is decrypted.
Based on block chain framework, the work of service platform carries out on backstage.
Step S3): service platform initiates challenge to real name verification user online.
In this step, such as the verifying of service platform challenges module 3 and initiates a challenge by certain mode, first First, which is the answer that all participants necessarily know;Secondly, in order to avoid Replay Attack, current challenges problem It is not repeated with pervious challenge.The challenge, which is supplied to, carries out response to real name verification user recorded video.
Step S4): the response video for carrying out response to challenge recorded and uploaded to real name verification user is received, is returned Video is answered to include at least the identity document photograph to real name verification user, response time segment and respond answer
To the real-time record that real name verification user query service platform currently returns, finds current newest real name and test The challenge A of card records one section of response video for challenge A and carries out response.Wherein, the type of challenge can be with Are as follows: one section of word please be read, perhaps inquires current time or known other problems, here without limitation.
It is corresponding, some, which is simulated, in order to avoid malicious node waits for that real name verification user resets some response video, Response video is used and is first stated, the mode of rear video verifying is signed again after being verified.Wherein pass through " identity card in statement According to " prove " whom is ", respond in video " testimony of a witness unification ", after statement, service platform just obtains the public key signature of user, after The continuous signature for responding video must be consistent with statement, therefore intermediate malicious node can not carry out responding video playback attack.
Solution video and the time slice comprising reading aloud current date are included at least in the response video.Answer therein The problem of must including user's real name verification problem in video, illustrates and answers;Time slice is preferably accurate to minute, either The image of one time electronic watch including date and current specific moment.It optionally, can also include proof of identification, it should Proof of identification can be identity card or passport, it is desirable that can be clearly apparent head portrait and name, identification card number etc., can not also wrap certainly Content containing this item.
Step S5): service platform receives the response video messaging to real name verification user, verifies to real name identity.
Service platform identification 4 pairs of authentication module respond videos in contents carry out intelligent recognitions, to respond video when Effect property, the authenticity of real name identity, the correctness of response answer are verified respectively.
Service platform carries out the identification of intelligence to response video, and carrying out verifying to real name identity includes that can carry out or divide parallel The four kinds of modes not carried out independently successively, specific as follows:
For the timeliness for responding video, a kind of mode is that timeliness verifying submodule is calculated and identified in responding video To timestamp and receive the response video broadcasting message time time difference, judge the time difference whether first allow when Between in poor threshold range.To the timestamp that identifies in responding video and the time for receiving the response video broadcasting message when Between difference whether first allow time difference threshold range in, it can be determined that the timeliness for responding video avoids forging recording in advance Respond video.For responding the time of video, in the case where current time identification is not known, with returning for the real name verification problem Video is answered to upload to the issuing time in network as judgment basis.If the poor first time is to allow time difference threshold value first In range, then need to be continued to verify real name identity;If poor at the first time do not allow in time difference threshold range first, Then fail to real name authentication, without subsequent step.First permission time difference threshold range is difficult to according to challenge Degree, video length or network upload state correlation, and it can be one hour or so that first, which allows time difference threshold range for example,.
For the timeliness for responding video, another way is that timeliness verifies submodule computing services platform for the response Corresponding user identifier extracts video in fact, inquires the real name verification Shen of non-video corresponding with the user identifier of the user B Please message, take out the time therein, calculate non-video real name verification solicitation message time and respond video in include time The time difference of segment, judge whether the time difference allows in time difference threshold range second.If second time difference is second Allow then to need to be continued to verify real name identity in time difference threshold range;If second time difference does not allow second In time difference threshold range, then the text version real name verification application and video version real name verification application be considered in vain, without Subsequent step.For a variety of reasons, user registers in service platform and applies many times not in a period, by right Application time difference is verified, and can more accurately judge the matching of user identity, and first allows time difference threshold range for example It can be two hours or so.
For the authenticity of real name identity, authenticity verification submodule carries out image recognition to the response video, identifies back Answer the living body head portrait image in video, and by the living body head portrait image in the living body head portrait image and identity card in the response video Contrasting detection judges head portrait similarity.If the head portrait contrasting detection similarity degree is more than certain threshold value, head portrait contrasting detection is logical It crosses, if not passing through, authentication failed.
Then, the authenticity verification submodule of service platform further extract respond video in identity card in name, Identification card number is compared with name, the identification card number in the previous message, if name and identification card number contrasting detection pass through, It carries out in next step;If not passing through, authentication failed.Optionally, service platform can also with will respond the head portrait in video, Yi Jishen Part card information is compared with the information in local public security organ ID card information database.Correspondingly, if calling the database pair Than that can not include the segment that clear identity card shines in the response video that then user provides.
For the correctness for responding answer, the verification of correctness submodule of service platform will respond answer and be pre-stored in system In the corresponding answer of challenge be compared.That is, service platform M extracts the real name verification for including in the response video The problem of answer, checking real name validation problem compares in the answer responded in video, and system of real name certification passes through if consistent.
The sequence of above each link verification process can convert, only need to respond the timeliness of video, real name identity it is true Reality, respond answer correctness confirmed one by one respectively, here without limitation.
Step S6): after the content responded in video after real name verification user is by verifying, generates and used to real name verification The identity information at family is signed and is broadcasted, and identity information signature includes at least identification card number, name, head portrait to real name verification user And public key.
In this step, service platform is included at least to the identity information signature sent to real name verification: identification card number, surname Name, head portrait, client public key etc..A kind of mode is, identification card number, name, head portrait, client public key and other identity informations etc. are straight Tap into capable signature;Another way is, generates the head portrait encrypted after key and other to identification card number, name, and with name Identity information is signed.
User identity online verification method and user identity online verification method system in the present invention exist for public security organ Line justification user identity provides a kind of effective mechanism, by sending the special response video for meeting certain rule and being connected into The online service platform that public security organ provides carries out the verifying and confirmation of identity, signs to the identity information after confirmation, nothing It needs user to apply to scene, enormously simplifies the online identity confirmation process of user.
It is understood that the principle that embodiment of above is intended to be merely illustrative of the present and the exemplary implementation that uses Mode, however the present invention is not limited thereto.For those skilled in the art, essence of the invention is not being departed from In the case where mind and essence, various changes and modifications can be made therein, these variations and modifications are also considered as protection scope of the present invention.

Claims (14)

1. a kind of user identity online verification method, which is characterized in that comprising steps of
Receive the real name verification application that proposes online to real name verification user, included at least in real name verification application information it is described to The name of real name verification user and the identity information of identification card number;
By the identity information to real name verification user, real name verification application information local time stamp, tested with described to real name The private key of card user is signed and is broadcasted;
Challenge is initiated to real name verification user to described online;
The response video that response is carried out to the challenge recorded and uploaded to real name verification user described in receiving, described time Video is answered to include at least described to the identity document photograph of real name verification user, response time segment and response answer;
Content in the response video is identified, and is included to timeliness, the real name identity for responding video Authenticity, respond answer correctness verifying;
After the content in the response video after real name verification user is by verifying, generate described to real name verification use The identity information at family is signed and is broadcasted, identity information signature include at least to the identification card number of real name verification user, name, Head portrait and public key.
2. user identity online verification method according to claim 1, which is characterized in that the timeliness for responding video Property carry out verifying include:
It identifies and extracts the timestamp in the response video;
The first time calculated between the time of the timestamp and the time for receiving the broadcast message for responding video is poor;
Judge poor at the first time whether allow in time difference threshold range first:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
3. user identity online verification method according to claim 1, which is characterized in that the timeliness for responding video Property carry out verifying include:
Identify and extract the time of corresponding user identifier and time slice in the response video;
Calculate time in the time real name verification solicitation message corresponding with the user identifier of the time slice it Between the second time difference;
Judge whether second time difference allows in time difference threshold range second:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
4. user identity online verification method according to claim 1, which is characterized in that the true of the real name identity Property carry out verifying include:
It identifies and extracts the head portrait image in the living body head portrait image and identity document photograph in the response video;
The living body head portrait image and the head portrait image in identity document photograph are compared, head portrait similarity is calculated;
Judge the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
5. user identity online verification method according to claim 4, which is characterized in that the true of the real name identity Property is verified further include:
It identifies and extracts name, identification card number in identity document photograph described in the response video;
By name, the identification card number in name, the identification card number real name verification solicitation message corresponding with the user identifier It compares;Alternatively, by the identity document shine in name, identification card number local public security organ's identity information database into Row comparison;
Judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
6. user identity online verification method according to claim 1, which is characterized in that respond the correct of answer to described Property carry out verifying include:
It identifies and extracts the response answer in the response video;
Inquire the corresponding system answer of the challenge;
The response answer and the system answer are compared;
Judge whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
7. user identity online verification method according to claim 1, which is characterized in that generate described to real name verification use In the step of identity information signature at family:
It is directly signed to described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations Name;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and Encryption head portrait and other identity informations are signed.
8. a kind of user identity online verification system, which is characterized in that including Subscriber Interface Module SIM, service module, verifying challenge Module and identification authentication module, in which:
The Subscriber Interface Module SIM is configured to receive the real name verification application proposed online to real name verification user, real name verification It is included at least in application information described to the name of real name verification user and the identity information of identification card number;And described in reception That records and upload to real name verification user carries out the response video of response to the challenge, and the response video at least wraps It includes described to the identity document photograph of real name verification user, response time segment and response answer;
The service module is configured to described when the identity information of real name verification user, real name verification application information local Between stab, sign and broadcast with the private key to real name verification user;
And after the content in the response video after real name verification user is by verifying, generate described to real name The identity information of verifying user is signed and is broadcasted, and the identity information signature includes at least the identity card to real name verification user Number, name, head portrait and public key;
Module is challenged in the verifying, is configured to initiate challenge to real name verification user to described online;
The identification authentication module is configured to identify the content in the response video, and is included to described time Answer the verifying of the timeliness of video, the authenticity of real name identity, the correctness of response answer.
9. user identity online verification system according to claim 8, which is characterized in that the identification authentication module includes Timeliness verifies submodule, and the timeliness verifying submodule includes first time recognition unit, the first computing unit and first Judging unit, in which:
The first time recognition unit, for identification it is described respond video in timestamp;
First computing unit, for calculating the time of the timestamp and the broadcast message for receiving the response video First time between time is poor;
First judging unit, poor whether in the first permission time difference threshold range at the first time for judging:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
10. user identity online verification system according to claim 8, which is characterized in that the identification authentication module packet Include timeliness verifying submodule, timeliness verifying submodule includes the second time recognition unit, the second computing unit and the Two judging units, in which:
The second time recognition unit for identification and extracts corresponding user identifier and time slice in the response video Time;
Second computing unit, the time real name corresponding with the user identifier for calculating the time slice are tested Demonstrate,prove the second time difference between the time in solicitation message;
The second judgment unit, for judging second time difference whether in the second permission time difference threshold range:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
11. user identity online verification system according to claim 8, which is characterized in that the identification authentication module packet Include authenticity verification submodule, the authenticity verification submodule include head portrait recognition unit, head portrait similarity calculated and Identity judging unit, in which:
The head portrait recognition unit for identification and extracts living body head portrait image and the identity document in the response video Head portrait image according in;
The head portrait similarity calculated, with the head portrait image in shining the living body head portrait image and the identity document into Row comparison, calculates head portrait similarity;
The identity judging unit, for judging the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
12. user identity online verification system according to claim 11, which is characterized in that the authenticity verification submodule Block further includes name's recognition unit, name's comparison unit, in which:
Name's recognition unit for identification and extracts the name in identity document photograph described in the response video, identity Card number;
Name's comparison unit is used for name, the identification card number real name verification application corresponding with the user identifier Name, identification card number in message compare;Alternatively, by the identity document shine in name, identification card number is in local public affairs Peace organ's identity information database compares;
The identity judging unit is also used to judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
13. user identity online verification system according to claim 8, which is characterized in that the identification authentication module packet Verification of correctness submodule is included, the verification of correctness submodule includes answer recognition unit, answer query unit, answer comparison Unit and answer judging unit, in which:
The answer recognition unit for identification and extracts the response answer in the response video;
The answer query unit, for inquiring the corresponding system answer of the challenge;
The answer comparison unit, for comparing the response answer and the system answer;
The answer judging unit, for judging whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
14. user identity online verification system according to claim 8, which is characterized in that the service module includes body Part Information Signature submodule, is configured that
It is directly signed to described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations Name;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and Encryption head portrait and other identity informations are signed.
CN201811066318.4A 2018-09-13 2018-09-13 User identity online verification method and user identity online verification system Pending CN109344590A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811066318.4A CN109344590A (en) 2018-09-13 2018-09-13 User identity online verification method and user identity online verification system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811066318.4A CN109344590A (en) 2018-09-13 2018-09-13 User identity online verification method and user identity online verification system

Publications (1)

Publication Number Publication Date
CN109344590A true CN109344590A (en) 2019-02-15

Family

ID=65305399

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811066318.4A Pending CN109344590A (en) 2018-09-13 2018-09-13 User identity online verification method and user identity online verification system

Country Status (1)

Country Link
CN (1) CN109344590A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113472521A (en) * 2020-03-30 2021-10-01 山东浪潮质量链科技有限公司 Block chain-based real-name digital identity management method, signature device and verification device

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102622707A (en) * 2012-02-15 2012-08-01 孙大利 Self-service account opening system and self-service account opening method thereof
CN103634120A (en) * 2013-12-18 2014-03-12 上海市数字证书认证中心有限公司 Method and system for real-name authentication based on face recognition
CN103944737A (en) * 2014-05-06 2014-07-23 中国联合网络通信集团有限公司 User identity authentication method, third-party authentication platform and operator authentication platform
US8902045B1 (en) * 2011-12-23 2014-12-02 Emc Corporation Controlling access to a computerized resource based on authentication using pulse data
CN104994114A (en) * 2015-07-27 2015-10-21 尤磊 Identity authentication system and method based on electronic identification card
US20160148651A1 (en) * 2011-02-18 2016-05-26 Google Inc. Facial detection, recognition and bookmarking in videos
CN105701372A (en) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 Block chain identity construction and verification method
CN105989263A (en) * 2015-01-30 2016-10-05 阿里巴巴集团控股有限公司 Method for authenticating identities, method for opening accounts, devices and systems
CN107241309A (en) * 2017-05-04 2017-10-10 上海斐讯数据通信技术有限公司 A kind of identity identifying method, authentication device and Verification System

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160148651A1 (en) * 2011-02-18 2016-05-26 Google Inc. Facial detection, recognition and bookmarking in videos
US8902045B1 (en) * 2011-12-23 2014-12-02 Emc Corporation Controlling access to a computerized resource based on authentication using pulse data
CN102622707A (en) * 2012-02-15 2012-08-01 孙大利 Self-service account opening system and self-service account opening method thereof
CN103634120A (en) * 2013-12-18 2014-03-12 上海市数字证书认证中心有限公司 Method and system for real-name authentication based on face recognition
CN103944737A (en) * 2014-05-06 2014-07-23 中国联合网络通信集团有限公司 User identity authentication method, third-party authentication platform and operator authentication platform
CN105989263A (en) * 2015-01-30 2016-10-05 阿里巴巴集团控股有限公司 Method for authenticating identities, method for opening accounts, devices and systems
CN104994114A (en) * 2015-07-27 2015-10-21 尤磊 Identity authentication system and method based on electronic identification card
CN105701372A (en) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 Block chain identity construction and verification method
CN107241309A (en) * 2017-05-04 2017-10-10 上海斐讯数据通信技术有限公司 A kind of identity identifying method, authentication device and Verification System

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
P. ITHAYA RANI ET AL: "Robust real time face detection automatically from video sequence based on Haar features", 《IEEE》 *
孙霖 等: "人脸识别中视频回放假冒攻击的实时检测方法", 《电路与系统学报》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113472521A (en) * 2020-03-30 2021-10-01 山东浪潮质量链科技有限公司 Block chain-based real-name digital identity management method, signature device and verification device

Similar Documents

Publication Publication Date Title
US10652018B2 (en) Methods and apparatus for providing attestation of information using a centralized or distributed ledger
CN108876374B (en) Block chain network identity document authentication method and system
CN112487778A (en) Multi-user online signing system and method
CN108881253B (en) Block chain real name participation method and system
CN110098932B (en) Electronic document signing method based on safe electronic notarization technology
CN109039655A (en) Real name identity identifying method and device, identity block chain based on block chain
CN110457878A (en) A kind of identity identifying method based on block chain, apparatus and system
CN107025397B (en) Identity information acquisition method and device
US11531746B2 (en) Method for electronic signing of a document by a plurality of signatories
CN108830109A (en) E-seal application, client realization method, system and equipment, storage medium
Bernabe et al. ARIES: Evaluation of a reliable and privacy-preserving European identity management framework
CN109495490A (en) A kind of unified identity authentication method based on block chain
CN112000744A (en) Signature method and related equipment
CN110113244A (en) A kind of instant communicating system and method based on block chain technology
CN112002436B (en) Block chain-based medical question answering method, device and medium
CN108876375B (en) Block chain real name participation method and system
Kurmi et al. A survey of zero-knowledge proof for authentication
CN109344590A (en) User identity online verification method and user identity online verification system
CN106452784B (en) A kind of mutual card method of anonymity equity of digital asset primitive attribute
CN109635594A (en) Electronics execution of contract and the anti-counterfeit authentication method for signing process again
Sonon et al. Securing the User Registration Process in an IP Telephony System Using Blockchain and KYC Technologies
Patiyoot Patiyoot 2: Key Distribution, and Session Key for Authentication Protocol in Wireless Network
CN111835713A (en) Security authentication method, device and storage medium
Delaune et al. Description of some case studies

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 100191 1107c, 11 / F, Xueyuan international building, 1 Zhichun Road, Haidian District, Beijing

Applicant after: IALLCHAIN Co.,Ltd.

Address before: 100043 5158, 5 floor, 11 Shixing street, Shijingshan District, Beijing.

Applicant before: IALLCHAIN Co.,Ltd.

AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20220311