CN109344590A - User identity online verification method and user identity online verification system - Google Patents
User identity online verification method and user identity online verification system Download PDFInfo
- Publication number
- CN109344590A CN109344590A CN201811066318.4A CN201811066318A CN109344590A CN 109344590 A CN109344590 A CN 109344590A CN 201811066318 A CN201811066318 A CN 201811066318A CN 109344590 A CN109344590 A CN 109344590A
- Authority
- CN
- China
- Prior art keywords
- user
- real name
- identity
- time
- answer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/26—Government or public services
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Tourism & Hospitality (AREA)
- General Physics & Mathematics (AREA)
- Economics (AREA)
- Health & Medical Sciences (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Human Resources & Organizations (AREA)
- General Business, Economics & Management (AREA)
- General Health & Medical Sciences (AREA)
- Marketing (AREA)
- Educational Administration (AREA)
- Development Economics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Collating Specific Patterns (AREA)
Abstract
The invention belongs to block chain technical fields, are related to user identity online verification method and system.This method comprises: receiving the real name verification application proposed online to real name verification user;By to the identity information of real name verification user, real name verification application information local time stamp, signs and broadcast with the private key to real name verification user;Challenge is initiated to real name verification user online;The response video for carrying out response to challenge recorded and uploaded to real name verification user is received, video is responded and includes at least the identity document photograph to real name verification user, response time segment and respond answer;The content responded in video is identified, and is included the verifying to the timeliness, the authenticity of real name identity, the correctness of response answer for responding video;After the content responded in video after real name verification user is by verifying, generates and sign and broadcast to the identity information of real name verification user.This method and system enormously simplify the online identity confirmation process of user.
Description
Technical field
The invention belongs to block chain technical fields, and in particular to a kind of user identity online verification method and user identity exist
Line verifies system.
Background technique
Resident identification card is that citizen carries out social activities, is safeguarded citizens' lawful rights and interests, it was demonstrated that the legal certificate of citizenship,
It is closely bound up with everybody in daily life.
With the development of technology, electronic ID card is had also appeared at present, i.e., identifies individual citizens identity by head portrait
In the electronic certificate generated on mobile phone after biotechnological method comparison, it to be used for user identity identification.It is current only to pass through scene
It can confirm that user identity, therefore user must arrive general office of public security organ or public security organ's specified " trusted terminal " accepts and a little opens
It is logical, it handles more troublesome.
Correspondingly, other affairs based on electronic ID card, also generally require and handle at the scene, for example obtain from the Ministry of Public Security
Its identity information etc. signed.It is limited to the limitation of user time, place and working organ processing capacity, scene carries out body
Part certification is no longer satisfied the application in current people's daily life.
Therefore, how to simplify authentication and have become technical problem urgently to be resolved.
Summary of the invention
The technical problem to be solved by the present invention is to it is online to provide a kind of user identity for above-mentioned deficiency in the prior art
Verification method and user identity online verification system, sign to the identity information after confirmation, carry out without user to scene
Application enormously simplifies the online identity confirmation process of user.
Solving technical solution used by present invention problem is the user identity online verification method, comprising steps of
The real name verification application proposed online to real name verification user is received, includes at least institute in real name verification application information
State the identity information of the name and identification card number to real name verification user;
By the identity information to real name verification user, real name verification application information local time stamp, with described to reality
The private key of name verifying user is signed and is broadcasted;
Challenge is initiated to real name verification user to described online;
Receive the response video that response is carried out to the challenge recorded and uploaded to real name verification user, institute
It states and responds video including at least described to the identity document photograph of real name verification user, response time segment and response answer;
Content in the response video is identified, and is included to timeliness, the real name for responding video
The verifying of the authenticity, the correctness of response answer of identity;
After the content in the response video after real name verification user is by verifying, generation is described to test to real name
The identity information of card user sign and is broadcasted, identity information signature including at least to real name verification user identification card number,
Name, head portrait and public key.
Optionally, carrying out verifying to the timeliness for responding video includes:
It identifies and extracts the timestamp in the response video;
When calculating first between the time of the timestamp and the time for receiving the broadcast message for responding video
Between it is poor;
Judge poor at the first time whether allow in time difference threshold range first:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
Optionally, carrying out verifying to the timeliness for responding video includes:
Identify and extract the time of corresponding user identifier and time slice in the response video;
Calculate in the time real name verification solicitation message corresponding with the user identifier of the time slice when
Between between the second time difference;
Judge whether second time difference allows in time difference threshold range second:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
Optionally, carrying out verifying to the authenticity of the real name identity includes:
It identifies and extracts the head portrait image in the living body head portrait image and identity document photograph in the response video;
The living body head portrait image and the head portrait image in identity document photograph are compared, it is similar to calculate head portrait
Degree;
Judge the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
Optionally, the authenticity of the real name identity is verified further include:
It identifies and extracts name, identification card number in identity document photograph described in the response video;
By the name in name, the identification card number real name verification solicitation message corresponding with the user identifier, identity
Card number compares;Alternatively, by the identity document shine in name, identification card number is in local public security organ's identity information data
Library compares;
Judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
Optionally, carrying out verifying to the correctness for responding answer includes:
It identifies and extracts the response answer in the response video;
Inquire the corresponding system answer of the challenge;
The response answer and the system answer are compared;
Judge whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
Optionally, in the step of generating the identity information signature to real name verification user:
To it is described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations directly into
Row signature;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name,
And encryption head portrait and other identity informations are signed.
A kind of user identity online verification system, including Subscriber Interface Module SIM, service module, verifying challenge module and identification
Authentication module, in which:
The Subscriber Interface Module SIM is configured to receive the real name verification application proposed online to real name verification user, real name
It verifies described in being included at least in application information to the name of real name verification user and the identity information of identification card number;And it receives
The response video that response is carried out to the challenge recorded and uploaded to real name verification user, the response video is extremely
Few includes described to the identity document photograph of real name verification user, response time segment and response answer;
The service module is configured to the identity information to real name verification user, real name verification application information sheet
Ground timestamp is signed and is broadcasted with the private key to real name verification user;
And after the content in the response video after real name verification user is by verifying, generate it is described to
The identity information of real name verification user is signed and is broadcasted, and the identity information signature includes at least the identity to real name verification user
Card number, name, head portrait and public key;
Module is challenged in the verifying, is configured to initiate challenge to real name verification user to described online;
The identification authentication module is configured to identify the content in the response video, and is included to institute
State the verifying of the timeliness for responding video, the authenticity of real name identity, the correctness of response answer.
Optionally, the identification authentication module includes timeliness verifying submodule, and the timeliness verifies submodule packet
Include first time recognition unit, the first computing unit and the first judging unit, in which:
The first time recognition unit, for identification it is described respond video in timestamp;
First computing unit, the time for calculating the timestamp disappear with the broadcast for responding video is received
First time between the time of breath is poor;
First judging unit, poor whether in the first permission time difference threshold range at the first time for judging:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
Optionally, the identification authentication module includes timeliness verifying submodule, and the timeliness verifies submodule packet
Include the second time recognition unit, the second computing unit and second judgment unit, in which:
The second time recognition unit for identification and extracts corresponding user identifier and time in the response video
The time of segment;
Second computing unit, the time reality corresponding with the user identifier for calculating the time slice
The second time difference between time in name verifying solicitation message;
The second judgment unit, for judging second time difference whether in the second permission time difference threshold range
It is interior:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
Optionally, the identification authentication module includes authenticity verification submodule, the authenticity verification submodule packet
Include head portrait recognition unit, head portrait similarity calculated and identity judging unit, in which:
The head portrait recognition unit for identification and extracts the living body head portrait image in the response video and the identity
Head portrait image in certificate photo;
The head portrait similarity calculated, with the head portrait figure in shining the living body head portrait image and the identity document
As comparing, head portrait similarity is calculated;
The identity judging unit, for judging the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
Optionally, the authenticity verification submodule further includes name's recognition unit, name's comparison unit, in which:
Name's recognition unit, for identification and extract it is described response video described in identity document shine in name,
Identification card number;
Name's comparison unit is used for name, the identification card number real name verification corresponding with the user identifier
Name, identification card number in solicitation message compare;Alternatively, by the identity document shine in name, identification card number this
Ground public security organ identity information database compares;
The identity judging unit is also used to judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
Optionally, the identification authentication module includes verification of correctness submodule, the verification of correctness submodule packet
Include answer recognition unit, answer query unit, answer comparison unit and answer judging unit, in which:
The answer recognition unit for identification and extracts the response answer in the response video;
The answer query unit, for inquiring the corresponding system answer of the challenge;
The answer comparison unit, for comparing the response answer and the system answer;
The answer judging unit, for judging whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
Optionally, the service module includes identity information signature submodule, is configured that
To it is described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations directly into
Row signature;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name,
And encryption head portrait and other identity informations are signed.
The beneficial effects of the present invention are:
User identity online verification method and user identity online verification method system of the invention, it is special by sending
Meet the response video of certain rule and the online service platform for being connected into public security organ's offer carries out the verifying and confirmation of identity, it is right
Identity information after confirmation is signed, and is applied without user to scene, and the online identity confirmation of user is enormously simplified
Process.
Detailed description of the invention
Fig. 1 is the flow chart of user identity online verification method in the embodiment of the present invention;
Fig. 2 is the structural block diagram of user identity online verification system in the embodiment of the present invention;
Fig. 3 is the flow diagram of user's B online application subscriber authentication in the embodiment of the present invention;
In figure:
1- Subscriber Interface Module SIM;2- service module;3- verifying challenge module;4- identifies authentication module.
Specific embodiment
Technical solution in order to enable those skilled in the art to better understand the present invention, with reference to the accompanying drawing and specific embodiment party
Formula is described in further detail user identity online verification method of the present invention and user identity online verification system.
The present invention provides a kind of user identity online verification method and user identity online verification method system, passes through transmission
Special the responses video for meeting certain rule and the online service platform that public security organ's offer is provided carry out the verifying of identity with
Confirmation, sign to the identity information after confirmation, apply without user to scene, enormously simplify user in line body
Part confirmation process.
As shown in Figure 1, in the present embodiment user identity online verification method comprising steps of
Step S1): receive the real name verification application that proposes online to real name verification user, in real name verification application information extremely
It less include the identity information of the name and identification card number to real name verification user
Step S2): by the identity information of real name verification user, real name verification application information local time stamp, to reality
The private key of name verifying user is signed and is broadcasted.
Step S3): challenge is initiated to real name verification user online.
Step S4): the response video for carrying out response to challenge recorded and uploaded to real name verification user is received, is returned
Video is answered to include at least the identity document photograph to real name verification user, response time segment and respond answer.
Step S5): the content responded in video is identified, and is included to timeliness, the real name for responding video
The verifying of the authenticity, the correctness of response answer of identity.
In this step, which is suitable for public security organ's offer user identity online verification clothes
Business, receives the real name verification application of user.Knowledge in the user identity online verification method, for user response video
Not and verifying is emphasis, and the present embodiment is done from the timeliness, the authenticity of real name identity, the correctness of response answer for responding video
Multi-faceted consideration and audit, it is ensured that the confidence level of user identity.
Wherein, carrying out verifying to the timeliness for responding video includes:
It identifies and extracts the timestamp responded in video;
Calculate timestamp time and receive respond video broadcast message time between first time it is poor;
Judge poor at the first time whether allow in time difference threshold range first:
If at the first time it is poor first allow time difference threshold range in, continue next step, continue in other words to return
The content in video is answered to be identified and verified;
If poor at the first time do not allow in time difference threshold range first, stopping continues to verify.
Alternatively, to respond video timeliness carry out verifying include:
It identifies and extracts the time for responding corresponding user identifier and time slice in video;
Calculate the between the time in the time real name verification solicitation message corresponding with user identifier of time slice
Two time differences;
Judge whether the second time difference allowed in time difference threshold range second:
If the second time difference second allow time difference threshold range in, continue next step, continue in other words to return
The content in video is answered to be identified and verified;
If the second time difference did not allowed in time difference threshold range second, stopping continues to verify.
Carrying out verifying to the authenticity of real name identity includes:
It identifies and extracts the head portrait image responded in living body head portrait image and identity document photograph in video;
Living body head portrait image and the head portrait image in identity document photograph are compared, head portrait similarity is calculated;
Judge head portrait similarity whether in third threshold range:
If head portrait similarity in third threshold range, continues next step, continue in other words in response video
Content is identified and is verified;
If head portrait similarity, not in third threshold range, stopping continues to verify.
Further, the authenticity of real name identity is verified further include:
It identifies and extracts name, the identification card number responded in video in identity document photograph;
Name, identification card number in name, identification card number real name verification solicitation message corresponding with user identifier is carried out
Comparison;Alternatively, by identity document shine in name, identification card number compares in local public security organ's identity information database;
Judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step, continue in other words to respond video in content carry out identification and
Verifying;
If comparing result is inconsistent, stopping continues to verify.
Carrying out verifying to the correctness for responding answer includes:
It identifies and extracts the response answer responded in video;
Inquire the corresponding system answer of challenge;
Answer will be responded to compare with system answer;
Judge whether response answer is correct:
If respond answer it is correct, continue next step, continue in other words to respond video in content carry out identification and
Verifying;
If it is incorrect to respond answer, stopping continues to verify.
Step S6): after the content responded in video after real name verification user is by verifying, generates and used to real name verification
The identity information at family is signed and is broadcasted, and identity information signature includes at least identification card number, name, head portrait to real name verification user
And public key.
In the multi-faceted first sentence to the timeliness, the authenticity of real name identity, the correctness of response answer of responding video
Core and after all passing through, identity information signature of the generation to real name verification user the step of in:
Identification card number, name, head portrait, client public key and other identity informations for treating real name verification user are directly signed
Name;
Alternatively, by after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and
Encryption head portrait and other identity informations are signed.
Correspondingly, as shown in Fig. 2, the present embodiment also provides a kind of user identity online verification system comprising Yong Hujie
Mouth mold block 1, service module 2, verifying challenge module 3 and identification authentication module 4, in which:
Subscriber Interface Module SIM 1 is configured to propose real name verification application online on service platform to real name verification user, real
It includes at least in name verifying application information to the name of real name verification user and the identity information of identification card number;And for reality
Name verifying user, which records and uploads response video, carries out response to challenge, responds video and includes at least to real name verification user
Identity document shine, response time segment and respond answer;
Service module 2 is configured to identity information, real name verification application information local zone time to real name verification user
Stamp, is signed and is broadcasted with the private key to real name verification user;
And it after the content responded in video after real name verification user is by verifying, generates to real name verification user
Identity information sign and broadcast, identity information signature include at least to the identification card number of real name verification user, name, head portrait and
Public key;
Verifying challenge module 3 is configured to initiate challenge to real name verification user online;
It identifies authentication module 4, is configured to identify the content responded in video, and included to response video
The verifying of timeliness, the authenticity of real name identity, the correctness of response answer.
Wherein, identification authentication module 4 includes that timeliness verifies submodule, and it includes knowing at the first time that timeliness, which verifies submodule,
Other unit, the first computing unit and the first judging unit, in which:
First time recognition unit responds the timestamp in video for identification;
First computing unit, for calculate the time in timestamp with receive the broadcast message for responding video time it
Between first time it is poor;
First judging unit, poor whether in the first permission time difference threshold range at the first time for judging:
If at the first time it is poor first allow time difference threshold range in, continue next step, continue in other words to return
The content in video is answered to be identified and verified;
If poor at the first time do not allow in time difference threshold range first, stopping continues to verify.
Identify that authentication module 4 includes that timeliness verifies submodule, it includes that the identification of the second time is single that timeliness, which verifies submodule,
Member, the second computing unit and second judgment unit, in which:
Second time recognition unit, for identification and extract respond corresponding user identifier and time slice in video when
Between;
Second computing unit, for calculating the time real name verification solicitation message corresponding with user identifier in time slice
In time between the second time difference;
Second judgment unit, for judging for the second time difference whether in the second permission time difference threshold range:
If the second time difference second allow time difference threshold range in, continue next step, continue in other words to return
The content in video is answered to be identified and verified;
If the second time difference did not allowed in time difference threshold range second, stopping continues to verify.
Identify that authentication module 4 includes authenticity verification submodule, authenticity verification submodule includes head portrait recognition unit, head
As similarity calculated and identity judging unit, in which:
Head portrait recognition unit for identification and extracts the head responded in living body head portrait image and identity document photograph in video
As image;
Head portrait similarity calculated is compared with by living body head portrait image and the head portrait image in identity document photograph,
Calculate head portrait similarity;
Identity judging unit, for judging head portrait similarity whether in third threshold range:
If head portrait similarity in third threshold range, continues next step, continue in other words in response video
Content is identified and is verified;
If head portrait similarity, not in third threshold range, stopping continues to verify.
Further, authenticity verification submodule further includes name's recognition unit, name's comparison unit, in which:
Name's recognition unit for identification and extracts name, the identification card number responded in video in identity document photograph;
Name's comparison unit, for will be in name, identification card number real name verification solicitation message corresponding with user identifier
Name, identification card number compare;Alternatively, by identity document shine in name, identification card number believes in local public security organ's identity
Breath database compares;
Identity judging unit is also used to judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step, continue in other words to respond video in content carry out identification and
Verifying;
If comparing result is inconsistent, stopping continues to verify.
Identify that authentication module 4 includes verification of correctness submodule, verification of correctness submodule includes answer recognition unit, answers
Case query unit, answer comparison unit and answer judging unit, in which:
Answer recognition unit for identification and extracts the response answer responded in video;
Answer query unit, for inquiring the corresponding system answer of inquiry challenge;
Answer comparison unit is compared for that will respond answer with system answer;
Answer judging unit, for judging whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
In identification 4 pairs of authentication module response timeliness of video, the authenticity of real name identity, the correctness for responding answer
After multi-faceted audit all passes through, it can be signed by service module 2 to identity information.Wherein, service module 2 is believed including identity
Breath signature submodule, is configured that
Identification card number, name, head portrait, client public key and other identity informations for treating real name verification user are directly signed
Name;
Alternatively, by after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and
Encryption head portrait and other identity informations are signed.
Above-mentioned user identity online verification system can be considered the service platform for being based on block chain (Blockchain), use
One of node is first registered as before family use certificate function.While succeeding in registration, user obtains a pair of public
Key and private key.Block chain is a kind of chained record knot for being sequentially in time combined into data block in such a way that sequence is connected
Structure, and guarantee that data therein can not be distorted and can not be forged in a manner of cryptography.
Below with reference to above-mentioned user identity online verification method and user identity online verification system, (service is flat in other words
Platform), as shown in figure 3, technical solution of the present invention is specifically addressed by the example that user B carries out online verification:
Step S1): receive the real name verification application proposed online on service platform to real name verification user, real name verification
It includes at least in application information to the name of real name verification user and the identity information of identification card number.
Real name verification application is initiated online to Subscriber Interface Module SIM 1 of the real name verification user on service platform, and real name is tested
The identity information included at least in application information to real name verification user is demonstrate,proved, wants to apply to real name verification user such as certain user B
Real name verification then inputs the identity informations such as name, identification card number in service platform first online.
Real name verification application information further include: the local time stamp applied to the user identifier of real name verification user, initiation
With the public key to real name verification user.User identifier therein is automatically generated by service platform, also according to real name verification user
Application time generate timestamp.Service platform also automatically generates corresponding a pair of of public key and private key when user's registration.
Step S2): by the identity information of real name verification user, real name verification application information local time stamp, to reality
The private key of name verifying user is signed and is broadcasted.
The service module 2 of service platform by when the identity information of real name verification user, when the local of real name verification user
Between stab and signed with the private key to real name verification user.I.e. by the use of the name of user B, the identification card number of user B, user B
The public key of family mark, user B, the private of user B of the information such as local time stamp TIME1 of user's B real name verification application information
Key is signed and is broadcasted.Other users in service platform or service platform, with the public key of user B to after to its private key encryption
Information is decrypted.
Based on block chain framework, the work of service platform carries out on backstage.
Step S3): service platform initiates challenge to real name verification user online.
In this step, such as the verifying of service platform challenges module 3 and initiates a challenge by certain mode, first
First, which is the answer that all participants necessarily know;Secondly, in order to avoid Replay Attack, current challenges problem
It is not repeated with pervious challenge.The challenge, which is supplied to, carries out response to real name verification user recorded video.
Step S4): the response video for carrying out response to challenge recorded and uploaded to real name verification user is received, is returned
Video is answered to include at least the identity document photograph to real name verification user, response time segment and respond answer
To the real-time record that real name verification user query service platform currently returns, finds current newest real name and test
The challenge A of card records one section of response video for challenge A and carries out response.Wherein, the type of challenge can be with
Are as follows: one section of word please be read, perhaps inquires current time or known other problems, here without limitation.
It is corresponding, some, which is simulated, in order to avoid malicious node waits for that real name verification user resets some response video,
Response video is used and is first stated, the mode of rear video verifying is signed again after being verified.Wherein pass through " identity card in statement
According to " prove " whom is ", respond in video " testimony of a witness unification ", after statement, service platform just obtains the public key signature of user, after
The continuous signature for responding video must be consistent with statement, therefore intermediate malicious node can not carry out responding video playback attack.
Solution video and the time slice comprising reading aloud current date are included at least in the response video.Answer therein
The problem of must including user's real name verification problem in video, illustrates and answers;Time slice is preferably accurate to minute, either
The image of one time electronic watch including date and current specific moment.It optionally, can also include proof of identification, it should
Proof of identification can be identity card or passport, it is desirable that can be clearly apparent head portrait and name, identification card number etc., can not also wrap certainly
Content containing this item.
Step S5): service platform receives the response video messaging to real name verification user, verifies to real name identity.
Service platform identification 4 pairs of authentication module respond videos in contents carry out intelligent recognitions, to respond video when
Effect property, the authenticity of real name identity, the correctness of response answer are verified respectively.
Service platform carries out the identification of intelligence to response video, and carrying out verifying to real name identity includes that can carry out or divide parallel
The four kinds of modes not carried out independently successively, specific as follows:
For the timeliness for responding video, a kind of mode is that timeliness verifying submodule is calculated and identified in responding video
To timestamp and receive the response video broadcasting message time time difference, judge the time difference whether first allow when
Between in poor threshold range.To the timestamp that identifies in responding video and the time for receiving the response video broadcasting message when
Between difference whether first allow time difference threshold range in, it can be determined that the timeliness for responding video avoids forging recording in advance
Respond video.For responding the time of video, in the case where current time identification is not known, with returning for the real name verification problem
Video is answered to upload to the issuing time in network as judgment basis.If the poor first time is to allow time difference threshold value first
In range, then need to be continued to verify real name identity;If poor at the first time do not allow in time difference threshold range first,
Then fail to real name authentication, without subsequent step.First permission time difference threshold range is difficult to according to challenge
Degree, video length or network upload state correlation, and it can be one hour or so that first, which allows time difference threshold range for example,.
For the timeliness for responding video, another way is that timeliness verifies submodule computing services platform for the response
Corresponding user identifier extracts video in fact, inquires the real name verification Shen of non-video corresponding with the user identifier of the user B
Please message, take out the time therein, calculate non-video real name verification solicitation message time and respond video in include time
The time difference of segment, judge whether the time difference allows in time difference threshold range second.If second time difference is second
Allow then to need to be continued to verify real name identity in time difference threshold range;If second time difference does not allow second
In time difference threshold range, then the text version real name verification application and video version real name verification application be considered in vain, without
Subsequent step.For a variety of reasons, user registers in service platform and applies many times not in a period, by right
Application time difference is verified, and can more accurately judge the matching of user identity, and first allows time difference threshold range for example
It can be two hours or so.
For the authenticity of real name identity, authenticity verification submodule carries out image recognition to the response video, identifies back
Answer the living body head portrait image in video, and by the living body head portrait image in the living body head portrait image and identity card in the response video
Contrasting detection judges head portrait similarity.If the head portrait contrasting detection similarity degree is more than certain threshold value, head portrait contrasting detection is logical
It crosses, if not passing through, authentication failed.
Then, the authenticity verification submodule of service platform further extract respond video in identity card in name,
Identification card number is compared with name, the identification card number in the previous message, if name and identification card number contrasting detection pass through,
It carries out in next step;If not passing through, authentication failed.Optionally, service platform can also with will respond the head portrait in video, Yi Jishen
Part card information is compared with the information in local public security organ ID card information database.Correspondingly, if calling the database pair
Than that can not include the segment that clear identity card shines in the response video that then user provides.
For the correctness for responding answer, the verification of correctness submodule of service platform will respond answer and be pre-stored in system
In the corresponding answer of challenge be compared.That is, service platform M extracts the real name verification for including in the response video
The problem of answer, checking real name validation problem compares in the answer responded in video, and system of real name certification passes through if consistent.
The sequence of above each link verification process can convert, only need to respond the timeliness of video, real name identity it is true
Reality, respond answer correctness confirmed one by one respectively, here without limitation.
Step S6): after the content responded in video after real name verification user is by verifying, generates and used to real name verification
The identity information at family is signed and is broadcasted, and identity information signature includes at least identification card number, name, head portrait to real name verification user
And public key.
In this step, service platform is included at least to the identity information signature sent to real name verification: identification card number, surname
Name, head portrait, client public key etc..A kind of mode is, identification card number, name, head portrait, client public key and other identity informations etc. are straight
Tap into capable signature;Another way is, generates the head portrait encrypted after key and other to identification card number, name, and with name
Identity information is signed.
User identity online verification method and user identity online verification method system in the present invention exist for public security organ
Line justification user identity provides a kind of effective mechanism, by sending the special response video for meeting certain rule and being connected into
The online service platform that public security organ provides carries out the verifying and confirmation of identity, signs to the identity information after confirmation, nothing
It needs user to apply to scene, enormously simplifies the online identity confirmation process of user.
It is understood that the principle that embodiment of above is intended to be merely illustrative of the present and the exemplary implementation that uses
Mode, however the present invention is not limited thereto.For those skilled in the art, essence of the invention is not being departed from
In the case where mind and essence, various changes and modifications can be made therein, these variations and modifications are also considered as protection scope of the present invention.
Claims (14)
1. a kind of user identity online verification method, which is characterized in that comprising steps of
Receive the real name verification application that proposes online to real name verification user, included at least in real name verification application information it is described to
The name of real name verification user and the identity information of identification card number;
By the identity information to real name verification user, real name verification application information local time stamp, tested with described to real name
The private key of card user is signed and is broadcasted;
Challenge is initiated to real name verification user to described online;
The response video that response is carried out to the challenge recorded and uploaded to real name verification user described in receiving, described time
Video is answered to include at least described to the identity document photograph of real name verification user, response time segment and response answer;
Content in the response video is identified, and is included to timeliness, the real name identity for responding video
Authenticity, respond answer correctness verifying;
After the content in the response video after real name verification user is by verifying, generate described to real name verification use
The identity information at family is signed and is broadcasted, identity information signature include at least to the identification card number of real name verification user, name,
Head portrait and public key.
2. user identity online verification method according to claim 1, which is characterized in that the timeliness for responding video
Property carry out verifying include:
It identifies and extracts the timestamp in the response video;
The first time calculated between the time of the timestamp and the time for receiving the broadcast message for responding video is poor;
Judge poor at the first time whether allow in time difference threshold range first:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
3. user identity online verification method according to claim 1, which is characterized in that the timeliness for responding video
Property carry out verifying include:
Identify and extract the time of corresponding user identifier and time slice in the response video;
Calculate time in the time real name verification solicitation message corresponding with the user identifier of the time slice it
Between the second time difference;
Judge whether second time difference allows in time difference threshold range second:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
4. user identity online verification method according to claim 1, which is characterized in that the true of the real name identity
Property carry out verifying include:
It identifies and extracts the head portrait image in the living body head portrait image and identity document photograph in the response video;
The living body head portrait image and the head portrait image in identity document photograph are compared, head portrait similarity is calculated;
Judge the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
5. user identity online verification method according to claim 4, which is characterized in that the true of the real name identity
Property is verified further include:
It identifies and extracts name, identification card number in identity document photograph described in the response video;
By name, the identification card number in name, the identification card number real name verification solicitation message corresponding with the user identifier
It compares;Alternatively, by the identity document shine in name, identification card number local public security organ's identity information database into
Row comparison;
Judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
6. user identity online verification method according to claim 1, which is characterized in that respond the correct of answer to described
Property carry out verifying include:
It identifies and extracts the response answer in the response video;
Inquire the corresponding system answer of the challenge;
The response answer and the system answer are compared;
Judge whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
7. user identity online verification method according to claim 1, which is characterized in that generate described to real name verification use
In the step of identity information signature at family:
It is directly signed to described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations
Name;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and
Encryption head portrait and other identity informations are signed.
8. a kind of user identity online verification system, which is characterized in that including Subscriber Interface Module SIM, service module, verifying challenge
Module and identification authentication module, in which:
The Subscriber Interface Module SIM is configured to receive the real name verification application proposed online to real name verification user, real name verification
It is included at least in application information described to the name of real name verification user and the identity information of identification card number;And described in reception
That records and upload to real name verification user carries out the response video of response to the challenge, and the response video at least wraps
It includes described to the identity document photograph of real name verification user, response time segment and response answer;
The service module is configured to described when the identity information of real name verification user, real name verification application information local
Between stab, sign and broadcast with the private key to real name verification user;
And after the content in the response video after real name verification user is by verifying, generate described to real name
The identity information of verifying user is signed and is broadcasted, and the identity information signature includes at least the identity card to real name verification user
Number, name, head portrait and public key;
Module is challenged in the verifying, is configured to initiate challenge to real name verification user to described online;
The identification authentication module is configured to identify the content in the response video, and is included to described time
Answer the verifying of the timeliness of video, the authenticity of real name identity, the correctness of response answer.
9. user identity online verification system according to claim 8, which is characterized in that the identification authentication module includes
Timeliness verifies submodule, and the timeliness verifying submodule includes first time recognition unit, the first computing unit and first
Judging unit, in which:
The first time recognition unit, for identification it is described respond video in timestamp;
First computing unit, for calculating the time of the timestamp and the broadcast message for receiving the response video
First time between time is poor;
First judging unit, poor whether in the first permission time difference threshold range at the first time for judging:
If the first time is poor in the first permission time difference threshold range, continue next step;
If the first time is poor not in the first permission time difference threshold range, stopping continues to verify.
10. user identity online verification system according to claim 8, which is characterized in that the identification authentication module packet
Include timeliness verifying submodule, timeliness verifying submodule includes the second time recognition unit, the second computing unit and the
Two judging units, in which:
The second time recognition unit for identification and extracts corresponding user identifier and time slice in the response video
Time;
Second computing unit, the time real name corresponding with the user identifier for calculating the time slice are tested
Demonstrate,prove the second time difference between the time in solicitation message;
The second judgment unit, for judging second time difference whether in the second permission time difference threshold range:
If second time difference allows to continue next step in time difference threshold range described second;
If second time difference does not allow in time difference threshold range described second, stopping continues to verify.
11. user identity online verification system according to claim 8, which is characterized in that the identification authentication module packet
Include authenticity verification submodule, the authenticity verification submodule include head portrait recognition unit, head portrait similarity calculated and
Identity judging unit, in which:
The head portrait recognition unit for identification and extracts living body head portrait image and the identity document in the response video
Head portrait image according in;
The head portrait similarity calculated, with the head portrait image in shining the living body head portrait image and the identity document into
Row comparison, calculates head portrait similarity;
The identity judging unit, for judging the head portrait similarity whether in third threshold range:
If the head portrait similarity continues next step in third threshold range;
If the head portrait similarity, not in third threshold range, stopping continues to verify.
12. user identity online verification system according to claim 11, which is characterized in that the authenticity verification submodule
Block further includes name's recognition unit, name's comparison unit, in which:
Name's recognition unit for identification and extracts the name in identity document photograph described in the response video, identity
Card number;
Name's comparison unit is used for name, the identification card number real name verification application corresponding with the user identifier
Name, identification card number in message compare;Alternatively, by the identity document shine in name, identification card number is in local public affairs
Peace organ's identity information database compares;
The identity judging unit is also used to judge whether name, the comparing result of identification card number are consistent:
If comparing result is consistent, continue next step;
If comparing result is inconsistent, stopping continues to verify.
13. user identity online verification system according to claim 8, which is characterized in that the identification authentication module packet
Verification of correctness submodule is included, the verification of correctness submodule includes answer recognition unit, answer query unit, answer comparison
Unit and answer judging unit, in which:
The answer recognition unit for identification and extracts the response answer in the response video;
The answer query unit, for inquiring the corresponding system answer of the challenge;
The answer comparison unit, for comparing the response answer and the system answer;
The answer judging unit, for judging whether response answer is correct:
If it is correct to respond answer, continue next step;
If it is incorrect to respond answer, stopping continues to verify.
14. user identity online verification system according to claim 8, which is characterized in that the service module includes body
Part Information Signature submodule, is configured that
It is directly signed to described to the identification card number of real name verification user, name, head portrait, client public key and other identity informations
Name;
Alternatively, by it is described after the head portrait of real name verification user with name generate key after encrypt, to identification card number, name and
Encryption head portrait and other identity informations are signed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811066318.4A CN109344590A (en) | 2018-09-13 | 2018-09-13 | User identity online verification method and user identity online verification system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811066318.4A CN109344590A (en) | 2018-09-13 | 2018-09-13 | User identity online verification method and user identity online verification system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109344590A true CN109344590A (en) | 2019-02-15 |
Family
ID=65305399
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811066318.4A Pending CN109344590A (en) | 2018-09-13 | 2018-09-13 | User identity online verification method and user identity online verification system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109344590A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113472521A (en) * | 2020-03-30 | 2021-10-01 | 山东浪潮质量链科技有限公司 | Block chain-based real-name digital identity management method, signature device and verification device |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102622707A (en) * | 2012-02-15 | 2012-08-01 | 孙大利 | Self-service account opening system and self-service account opening method thereof |
CN103634120A (en) * | 2013-12-18 | 2014-03-12 | 上海市数字证书认证中心有限公司 | Method and system for real-name authentication based on face recognition |
CN103944737A (en) * | 2014-05-06 | 2014-07-23 | 中国联合网络通信集团有限公司 | User identity authentication method, third-party authentication platform and operator authentication platform |
US8902045B1 (en) * | 2011-12-23 | 2014-12-02 | Emc Corporation | Controlling access to a computerized resource based on authentication using pulse data |
CN104994114A (en) * | 2015-07-27 | 2015-10-21 | 尤磊 | Identity authentication system and method based on electronic identification card |
US20160148651A1 (en) * | 2011-02-18 | 2016-05-26 | Google Inc. | Facial detection, recognition and bookmarking in videos |
CN105701372A (en) * | 2015-12-18 | 2016-06-22 | 布比(北京)网络技术有限公司 | Block chain identity construction and verification method |
CN105989263A (en) * | 2015-01-30 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method for authenticating identities, method for opening accounts, devices and systems |
CN107241309A (en) * | 2017-05-04 | 2017-10-10 | 上海斐讯数据通信技术有限公司 | A kind of identity identifying method, authentication device and Verification System |
-
2018
- 2018-09-13 CN CN201811066318.4A patent/CN109344590A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160148651A1 (en) * | 2011-02-18 | 2016-05-26 | Google Inc. | Facial detection, recognition and bookmarking in videos |
US8902045B1 (en) * | 2011-12-23 | 2014-12-02 | Emc Corporation | Controlling access to a computerized resource based on authentication using pulse data |
CN102622707A (en) * | 2012-02-15 | 2012-08-01 | 孙大利 | Self-service account opening system and self-service account opening method thereof |
CN103634120A (en) * | 2013-12-18 | 2014-03-12 | 上海市数字证书认证中心有限公司 | Method and system for real-name authentication based on face recognition |
CN103944737A (en) * | 2014-05-06 | 2014-07-23 | 中国联合网络通信集团有限公司 | User identity authentication method, third-party authentication platform and operator authentication platform |
CN105989263A (en) * | 2015-01-30 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method for authenticating identities, method for opening accounts, devices and systems |
CN104994114A (en) * | 2015-07-27 | 2015-10-21 | 尤磊 | Identity authentication system and method based on electronic identification card |
CN105701372A (en) * | 2015-12-18 | 2016-06-22 | 布比(北京)网络技术有限公司 | Block chain identity construction and verification method |
CN107241309A (en) * | 2017-05-04 | 2017-10-10 | 上海斐讯数据通信技术有限公司 | A kind of identity identifying method, authentication device and Verification System |
Non-Patent Citations (2)
Title |
---|
P. ITHAYA RANI ET AL: "Robust real time face detection automatically from video sequence based on Haar features", 《IEEE》 * |
孙霖 等: "人脸识别中视频回放假冒攻击的实时检测方法", 《电路与系统学报》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113472521A (en) * | 2020-03-30 | 2021-10-01 | 山东浪潮质量链科技有限公司 | Block chain-based real-name digital identity management method, signature device and verification device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10652018B2 (en) | Methods and apparatus for providing attestation of information using a centralized or distributed ledger | |
CN108876374B (en) | Block chain network identity document authentication method and system | |
CN112487778A (en) | Multi-user online signing system and method | |
CN108881253B (en) | Block chain real name participation method and system | |
CN110098932B (en) | Electronic document signing method based on safe electronic notarization technology | |
CN109039655A (en) | Real name identity identifying method and device, identity block chain based on block chain | |
CN110457878A (en) | A kind of identity identifying method based on block chain, apparatus and system | |
CN107025397B (en) | Identity information acquisition method and device | |
US11531746B2 (en) | Method for electronic signing of a document by a plurality of signatories | |
CN108830109A (en) | E-seal application, client realization method, system and equipment, storage medium | |
Bernabe et al. | ARIES: Evaluation of a reliable and privacy-preserving European identity management framework | |
CN109495490A (en) | A kind of unified identity authentication method based on block chain | |
CN112000744A (en) | Signature method and related equipment | |
CN110113244A (en) | A kind of instant communicating system and method based on block chain technology | |
CN112002436B (en) | Block chain-based medical question answering method, device and medium | |
CN108876375B (en) | Block chain real name participation method and system | |
Kurmi et al. | A survey of zero-knowledge proof for authentication | |
CN109344590A (en) | User identity online verification method and user identity online verification system | |
CN106452784B (en) | A kind of mutual card method of anonymity equity of digital asset primitive attribute | |
CN109635594A (en) | Electronics execution of contract and the anti-counterfeit authentication method for signing process again | |
Sonon et al. | Securing the User Registration Process in an IP Telephony System Using Blockchain and KYC Technologies | |
Patiyoot | Patiyoot 2: Key Distribution, and Session Key for Authentication Protocol in Wireless Network | |
CN111835713A (en) | Security authentication method, device and storage medium | |
Delaune et al. | Description of some case studies |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 100191 1107c, 11 / F, Xueyuan international building, 1 Zhichun Road, Haidian District, Beijing Applicant after: IALLCHAIN Co.,Ltd. Address before: 100043 5158, 5 floor, 11 Shixing street, Shijingshan District, Beijing. Applicant before: IALLCHAIN Co.,Ltd. |
|
AD01 | Patent right deemed abandoned | ||
AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20220311 |