CN109471782A - A kind of risk detecting system and risk checking method - Google Patents

A kind of risk detecting system and risk checking method Download PDF

Info

Publication number
CN109471782A
CN109471782A CN201811385791.9A CN201811385791A CN109471782A CN 109471782 A CN109471782 A CN 109471782A CN 201811385791 A CN201811385791 A CN 201811385791A CN 109471782 A CN109471782 A CN 109471782A
Authority
CN
China
Prior art keywords
risk
user
risk class
client
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811385791.9A
Other languages
Chinese (zh)
Inventor
张言超
高英明
赵军
蔡准
孙悦
郭晓鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Core Time Technology Co Ltd
Original Assignee
Beijing Core Time Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Core Time Technology Co Ltd filed Critical Beijing Core Time Technology Co Ltd
Priority to CN201811385791.9A priority Critical patent/CN109471782A/en
Publication of CN109471782A publication Critical patent/CN109471782A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/32Monitoring with visual or acoustical indication of the functioning of the machine
    • G06F11/324Display of status information
    • G06F11/327Alarm or error message display
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3438Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment monitoring of user actions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Software Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

This application provides a kind of risk detecting system and methods, wherein includes: server and client;The server is used to receive the user behavior information that the client is sent, and analyzes the user behavior information, determines the risk class of user behavior, and the risk class is sent to the client;The user behavior information is sent to the server for obtaining user behavior information by the client;The client is also used to receive the risk class that the server is sent, and executes preset operation according to the risk class.The embodiment of the present application judges automatically the current operation behavior of user with the presence or absence of risk, avoids existing the problem of can not carrying out risk supervision using unidirectional acquisition modes, intelligent and accuracy is preferable, and practicability is preferable.

Description

A kind of risk detecting system and risk checking method
Technical field
This application involves detection technique field is applied, in particular to a kind of risk detecting system and risk supervision Method.
Background technique
With the rapid development of science and technology, the application range of mobile phone has become extremely wide.In order to meet the need of user It asks, various mobile phone application softwares come into being, and bring great convenience to people's lives.
In order to determine that user, in the related technology would generally be using collecting method to dependency number to the operation behavior of software According to being recorded, that is, server can carry out the collected related data of cell phone client after user's software operation It arranges, and stores.
However, the risk generated with this also occurs therewith, and individual privacy is difficult to the extensive use of mobile phone application software It is protected, personal property is subject to lose.Collecting method in the related technology is as a kind of unidirectional data acquisition Mode is difficult to detect without having practicability above-mentioned risk.
Summary of the invention
In view of this, the embodiment of the present application is designed to provide a kind of risk detecting system and method, with by pair User behavior information is analyzed, and is judged automatically the current operation behavior of user with the presence or absence of risk, is avoided existing using single To acquisition modes the problem of can not carry out risk supervision, intelligent and accuracy is preferable, and practicability is preferable.
In a first aspect, the embodiment of the present application provides a kind of risk detecting system, comprising: server and client;
The server is used to receive the user behavior information that the client is sent, and to the user behavior information into Row analysis, determines the risk class of user behavior;And the risk class is sent to the client;
The user behavior information is sent to the server for obtaining user behavior information by the client; The client is also used to receive the risk class that the server is sent, and executes preset behaviour according to the risk class Make.
With reference to first aspect, the embodiment of the present application provides the first possible embodiment of first aspect, wherein
The client includes authentication module and operation module.
The first possible embodiment with reference to first aspect, the embodiment of the present application provide first aspect second can The embodiment of energy, wherein
It is described to include: according to the preset operation of risk class execution
When the risk class is rudimentary risk, the operation module is used to generate pop-up according to the risk class alert Accuse the page;
The operation module is used to be disappeared when the pop-up warning page receives user instruction according to the user instruction Except pop-up alerts the page, or the authentication module is jumped to according to the user instruction, user identity is authenticated.
The possible embodiment of with reference to first aspect the first, the embodiment of the present application provide the third of first aspect Possible embodiment, wherein
It is described to include: according to the preset operation of risk class execution
When the risk class is intermediate risk, the operation module is used to be jumped to according to the risk class described Authentication module, and ID authentication request is sent to the authentication module;
The authentication module, for carrying out authentication to user after receiving ID authentication request.
The possible embodiment of second with reference to first aspect or the third possible embodiment, the embodiment of the present application Provide the 4th kind of possible embodiment of first aspect, wherein
The client further includes Software Development Kit SDK;
It is described when jumping to authentication module and carrying out authentication, operation module for calling the interface function saved in SDK, The functional value exported according to the interface function, it is determined whether carry out authentication;
If not carrying out authentication, when carrying out the operation module again, continue to jump to the authentication module progress body Part certification.
The 5th kind of possible embodiment with reference to first aspect, the embodiment of the present application provide the third of first aspect Possible embodiment, wherein
It is described to include: according to the preset operation of risk class execution
When the risk class is advanced risk, the operation module intercepts user's operation row according to the risk class For, and the process of end operation module.
Second aspect, the embodiment of the present application also provide a kind of risk checking method, comprising:
Receive the user behavior information that client is sent;
The user behavior information is analyzed, determines the risk class of user behavior;
The risk class is sent to the client.
The third aspect, the embodiment of the present application also provide a kind of risk checking method, comprising:
Obtain user behavior information;
The user behavior information is sent to server;
The risk class that the server is sent is received, and preset operation is executed according to the risk class.
Fourth aspect, the embodiment of the present application also provide a kind of electronic equipment, comprising: processor, memory and bus, it is described Memory is stored with the executable machine readable instructions of the processor, when electronic equipment operation, the processor with it is described By bus communication between memory, the machine readable instructions execute above-mentioned second aspect when being executed by the processor, or The step of third aspect.
5th aspect, the embodiment of the present application also provide a kind of computer readable storage medium, the computer-readable storage medium Computer program is stored in matter, which executes above-mentioned second aspect or the third aspect when being run by processor Step.
A kind of risk detecting system provided by the embodiments of the present application and method receive client hair using server first The user behavior information sent, and analyzing the behavioural information of user, determines the risk class of user behavior, and by risk etc. Grade is sent to client, and client executes preset operation according to risk class, is used in the prior art using unidirectional obtain The mode of family behavior, and analysis can not be carried out to user behavior information and compared, the embodiment of the present application can be by user behavior Information is analyzed, and is judged automatically the current operation behavior of user with the presence or absence of risk, is avoided existing using unidirectional acquisition side Formula and the problem of risk supervision can not be carried out, intelligent and accuracy is preferable, and practicability is preferable.
Further, risk detecting system provided by the embodiments of the present application, can also be according to risk class according to risk class It generates the pop-up warning page or jumps to authentication module and user identity is authenticated, carry out identity when jumping to authentication module When certification, if according to saved in SDK interface function output functional value determine that user does not carry out authentication, when user again When secondary entrance operation module is operated, jumps to authentication module and carry out authentication, can be improved the accuracy rate of risk supervision.
To enable the above objects, features, and advantages of the application to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows a kind of structural schematic diagram of risk detecting system provided by the embodiment of the present application;
Fig. 2 shows a kind of flow charts of risk checking method provided by the embodiment of the present application;
Fig. 3 shows a kind of flow chart of risk checking method of another kind provided by the embodiment of the present application;
Fig. 4 shows a kind of structural schematic diagram of risk supervision device provided by the embodiment of the present application;
Fig. 5 shows a kind of structural schematic diagram of risk supervision device provided by the embodiment of the present application;
Fig. 6 shows the structural schematic diagram of a kind of electronic equipment provided by the embodiment of the present application.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application Middle attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only It is some embodiments of the present application, instead of all the embodiments.The application being usually described and illustrated herein in the accompanying drawings is real The component for applying example can be arranged and be designed with a variety of different configurations.Therefore, below to the application's provided in the accompanying drawings The detailed description of embodiment is not intended to limit claimed scope of the present application, but is merely representative of the selected reality of the application Apply example.Based on embodiments herein, those skilled in the art institute obtained without making creative work There are other embodiments, shall fall in the protection scope of this application.
Currently, in order to determine that user to the operation behavior of software, would generally use collecting method pair in the related technology Related data is recorded, that is, server can be to the collected dependency number of cell phone client after user's software operation It according to being arranged, and stores, for example, bury a little using in application program (Application, App), collects user's After behavior, after analyzing the behavior of user, any processing is not carried out to the result that analysis obtains, so that user is in account It can not be handled in time after stolen, cause user information to be stolen, property suffers a loss.
Therefore, collecting method in the related technology is difficult as a kind of unidirectional data acquiring mode to above-mentioned wind It is detected without having practicability danger.
For defect present in above scheme, be inventor being obtained after practicing and carefully studying as a result, Therefore, the discovery procedure of the above problem and the solution that hereinafter the application is proposed regarding to the issue above all should be The contribution that inventor makes the application during the application.
Below in conjunction with attached drawing in the application, the technical solution in the application is clearly and completely described, it is clear that Described embodiments are only a part of embodiments of the present application, instead of all the embodiments.Usually retouched in attached drawing here The component for the application for stating and showing can be arranged and be designed with a variety of different configurations.Therefore, below to mentioning in the accompanying drawings The detailed description of the embodiments herein of confession is not intended to limit claimed scope of the present application, but is merely representative of this The selected embodiment of application.Based on embodiments herein, those skilled in the art are in the premise for not making creative work Under every other embodiment obtained, shall fall in the protection scope of this application.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.
Based on the above reasons, this application provides a kind of risk detecting system and methods, can be by user behavior Information is analyzed, and is judged automatically the current operation behavior of user with the presence or absence of risk, is avoided existing using unidirectional acquisition side Formula and the problem of risk supervision can not be carried out, intelligent and accuracy is preferable, and practicability is preferable.
For convenient for understanding the present embodiment, first to a kind of risk detecting system disclosed in the embodiment of the present application into Row is discussed in detail.
Embodiment one
It is shown in Figure 1, for the structural schematic diagram for the risk detecting system that the embodiment of the present application one provides, comprising: service Device 101 and client 102;
The server 101 is used to receive the user behavior information that the client 102 is sent, and to the user behavior Information is analyzed, and determines the risk class of user behavior, and the risk class is sent to the client 102;
The user behavior information is sent to the service for obtaining user behavior information by the client 102 Device 101;The client 102 is also used to receive the risk class that the server 101 is sent, and is held according to the risk class The preset operation of row.
When specific implementation, when user behavior information can be the APP in user customer and be operated The corelation behaviour information of generation, for example, operation behavior of the user when carrying out transferred account service in certain Mobile banking;Client 102 User behavior information can be obtained, and user behavior information is sent to server 101.
In the embodiment of the present application one, the hardware letter of equipment where above-mentioned user behavior information can be user's operation client Breath, such as: ad identifier (Identifier For Advertising, IDFA), Wireless Fidelity (WIreless- Fidelity, Wi-Fi) the address Mac, screen resolution, device model etc. is also possible to software information, such as: each APP's The version of application program.
In addition, the behavioural information of user further includes the current geographical location etc. of the personal information such as user account, user.
After client 102 gets the behavioural information of user, user behavior information is sent to server 101, server 101 receive client 102 transmission user behavior information after, user behavior information can be analyzed, can be take with Preset information compares in server 101, such as: server 101 recognizes user after receiving user behavior information The equipment that often logs in of account and the equipment that is currently received the carrying of user behavior information it is whether same.According to user After behavioural information is analyzed, after the risk class for determining user's current operation, risk class is sent to client 102.
After client 102 receives risk class, preset operation can be executed according to risk class.Wherein, risk class Including devoid of risk, rudimentary risk, intermediate risk and advanced risk.
In addition, client includes two modules, operation module 1021 and authentication module 1022, operation module 1021 is to use In the APP for completing user's assigned work or task, authentication module 1022 is for the risky feelings of operation behavior in user Under condition, APP that user is authenticated.
Specifically, risk detecting system provided by the present application is executed especially by following manner according to the risk class pre- If operation:
First, when risk class be devoid of risk when, then the current operation behavior of user is safe, client 102 without appoint What is operated.
Second, risk detecting system provided by the embodiments of the present application passes through following sides when risk class is rudimentary risk Formula executes preset operation according to the risk class:
When the risk class is rudimentary risk, the operation module 1021 is used to generate bullet according to the risk class Window alerts the page.
The operation module 1021 is used to be referred to when the pop-up warning page receives user instruction according to the user It enables and eliminates the pop-up warning page, or the authentication module 1022 is jumped to according to the user instruction, user identity is recognized Card.
When specific implementation, when risk class is rudimentary risk, operation module 1021 can generate pop-up warning page Face, the risk of the operation behavior for prompting user current alert the page by pop-up, can obtain alerting page by pop-up Towards pop-up warning the page send user instruction, according to user instructions pop-up warning the page can eliminate automatically, be also possible to Operation module 1021 sends user instruction, and operation module 1021 jumps to authentication module 1022, authentication module according to user instructions 1022 couples of users carry out authentication.
Third, risk detecting system provided by the embodiments of the present application passes through following sides when risk class is intermediate risk Formula executes preset operation according to the risk class:
When the risk class is intermediate risk, the operation module 1021 according to the risk class for jumping to The authentication module 1022, and ID authentication request is sent to the authentication module 1022.
The authentication module 1022, for after receiving ID authentication request, according to corresponding in ID authentication request Identity information carries out authentication to user.
When specific implementation, when risk class is intermediate risk, operation module 1021 can jump directly to authenticate Module 1021, and to the request of authentication module initiation authentication, it is right when authentication module 1022 receives ID authentication request User carries out authentication.
Herein it is worth noting that, when needing authentication module 1022 to carry out authentication to user, Ke Yitong Cross face authentication, finger print identifying.
Specifically, authentication module 1022 provides face, sound, a variety of authentication modes such as fingerprint, according to risk class by exhibition Show different auth types, wherein it is also different according to risk class and user setting in the quantity of authentication mode, it can be with it In one can also once carry out multiple authentication modes, behaviour will be returned to there are two types of result regardless of setting authentication module 1022 Make module 1021, the cancellation operation of successful user risk is unaffected, and failure user can operate again, but operation can trigger again Risk subscribers operation is influenced by very big.
For example, the result that server 101 returns informs that this operational risk grade of user is intermediate risk, need to carry out people Face or voiceprint judge whether to be user's operation, it will there is pop-up, inform the risk of this operation of user, and Prompt is authenticated, and click goes certification that can jump to authentication module 1022, and obtains this letter authenticated from server 101 Breath, user will open the recognition of face page after selecting face authentication, user is prompted to carry out specified movement, after execution, The pictorial information of the user can be uploaded onto the server 101 with activation operation module 1021 and typing when authentication module 1022 Face information compares, and comparing result is returned and informs client 101, if certification is by that can return to the result of certification The Software Development Kit (Software Development Kit, SDK) that client 101 is arranged, SDK meeting invoking server connect Mouthful secondary-confirmation is carried out to this authentication result, it is all correct after user identification confirmations, user can continue after operation.
Specifically, client 101 in the risk detecting system that the embodiment of the present application one provides further include: Software Development Tools Wrap SDK;
It is described when jumping to authentication module and carrying out authentication, operation module for calling the interface function saved in SDK, The functional value exported according to the interface function, it is determined whether carry out authentication;
If not carrying out authentication, when being again introduced into the operation module, jumps to the authentication module progress identity and recognize Card.
When specific implementation, when needing to jump to the progress authentication of authentication module 1022, SDK can call service Device interface carries out secondary-confirmation to this authentication result, it is all correct after user identification confirmations, user can continue after operation. Wherein, it is provided with interface function in SDK, according to the functional value that interface function exports, can judges whether user has carried out identity Certification.
Such as: it jumps authentication module 1022 and is authenticated, but client is again introduced into operation module without authenticating manually 1021.Due to prompting frame disappear, client can continue before operation.For this operation, SDK is gone before taking prompting frame to click When certification disappears, the interface function in SDK can be called, as long as operation module 1021 monitors the function.Function setup Bool value User is judged either with or without authenticating, and when needing to authenticate, user does not authenticate to cross manually is entering APP (operation module 1021) user is forced to authenticate again when.
Fourth, the risk detecting system that the embodiment of the present application one provides, when risk class is advanced risk, by following Mode executes preset operation according to the risk class:
When the risk class is advanced risk, the operation module intercepts user's operation row according to the risk class For, and the process of end operation module.
When specific implementation, when risk class is advanced risk, the process of end operation module can be forced.
Based on the same inventive concept, risk supervision side corresponding with risk detecting system is additionally provided in the embodiment of the present application Method, since the principle that the device in the embodiment of the present application solves the problems, such as is similar to the above-mentioned risk detecting system of the embodiment of the present application, Therefore the implementation of device may refer to the implementation of method, and overlaps will not be repeated.
Embodiment two
Referring to shown in Fig. 2, for a kind of flow diagram for risk checking method that the embodiment of the present application two provides, the side Method includes step S201-S203;Wherein,
S201: the user behavior information that client is sent is received;
S202: the user behavior information is analyzed, determines the risk class of user behavior;
S203: Xiang Suoshu client sends the risk class.
The user behavior information that the embodiment of the present application is sent by receiving client, can carry out the behavioural information of user Analysis, obtains the risk class of user's current operation behavior, and risk class is sent to client, so that client is according to wind The dangerous grade operation behavior current to user makes risk warning, guarantees the information security of user.
Embodiment three
Referring to shown in Fig. 3, for a kind of flow diagram for risk checking method that the embodiment of the present application three provides, the side Method includes step S301-S303;Wherein,
S301: user behavior information is obtained;
S302: the user behavior information is sent to server;
S303: the risk class that the server is sent is received, and preset operation is executed according to the risk class.
User behavior information is sent to server by obtaining user behavior information by the embodiment of the present application, so that clothes Being engaged in device can be according to the risk class of user behavior information analysis user's current operation behavior, and is executed and preset according to risk class Operation, guarantee the safety of user information.
A kind of possible embodiment, the embodiment of the present application three provide a kind of risk checking method in, the client Including authentication module and operation module.
A kind of possible embodiment, the embodiment of the present application three provide a kind of risk checking method in, it is described according to institute Stating the preset operation of risk class execution includes:
When the risk class is rudimentary risk, the operation module is used to generate pop-up according to the risk class alert Accuse the page;
The operation module is used to be disappeared when the pop-up warning page receives user instruction according to the user instruction Except pop-up alerts the page, or the authentication module is jumped to according to the user instruction, user identity is authenticated.
A kind of possible embodiment, the embodiment of the present application three provide a kind of risk checking method in, it is described according to institute Stating the preset operation of risk class execution includes:
When the risk class is intermediate risk, the operation module is used to be jumped to according to the risk class described Authentication module, and ID authentication request is sent to the authentication module;
The authentication module, for carrying out authentication to user after receiving ID authentication request.
A kind of possible embodiment, the embodiment of the present application three provide a kind of risk checking method in, the client It further include Software Development Kit SDK;
It is described when jumping to authentication module and carrying out authentication, operation module for calling the interface function saved in SDK, The functional value exported according to the interface function, it is determined whether carry out authentication;
If not carrying out authentication, when being again introduced into the operation module, jumps to the authentication module progress identity and recognize Card.
A kind of possible embodiment, the embodiment of the present application three provide a kind of risk checking method in, it is described according to institute Stating the preset operation of risk class execution includes:
When the risk class is advanced risk, the operation module intercepts user's operation row according to the risk class For, and the process of end operation module.
Based on the same inventive concept, risk supervision dress corresponding with risk detecting system is additionally provided in the embodiment of the present application It sets, since the principle that the device in the embodiment of the present application solves the problems, such as is similar to the above-mentioned risk detecting system of the embodiment of the present application, Therefore the implementation of device may refer to the implementation of method, and overlaps will not be repeated.
Example IV
Shown in Figure 4, the embodiment of the present application four also provides a kind of risk supervision device, comprising: information receiving module 401, level determination module 402, grade sending module 403;Wherein,
Information receiving module 401, for receiving the user behavior information of client transmission.
Level determination module 402 determines the risk etc. of user behavior for analyzing the user behavior information Grade.
Grade sending module 403, for sending the risk class to the client.
Embodiment five
Shown in Figure 5, the embodiment of the present application five also provides a kind of risk supervision device, comprising: data obtaining module 501, information sending module 502, execution module 503;Wherein,
Data obtaining module 501, for obtaining user behavior information;
Information sending module 502, for the user behavior information to be sent to server;
Execution module 503, the risk class sent for receiving the server, and executed in advance according to the risk class If operation.
A kind of possible embodiment, the embodiment of the present application five provide a kind of risk supervision device in, the client Including authentication module and operation module.
A kind of possible embodiment, the embodiment of the present application five provide a kind of risk supervision device in, the execution mould Block 503 executes preset operation according to the risk class using following manner
When the risk class is rudimentary risk, the operation module is used to generate pop-up according to the risk class alert Accuse the page;
The operation module is used to be disappeared when the pop-up warning page receives user instruction according to the user instruction Except pop-up alerts the page, or the authentication module is jumped to according to the user instruction, user identity is authenticated.
A kind of possible embodiment, the embodiment of the present application five provide a kind of risk supervision device in, the execution mould Block 503 executes preset operation according to the risk class using following manner
When the risk class is intermediate risk, the operation module is used to be jumped to according to the risk class described Authentication module, and ID authentication request is sent to the authentication module;
The authentication module, for carrying out authentication to user after receiving ID authentication request.
A kind of possible embodiment, the embodiment of the present application five provide a kind of risk supervision device in, the client It further include Software Development Kit SDK;
It is described when jumping to authentication module and carrying out authentication, operation module for calling the interface function saved in SDK, The functional value exported according to the interface function, it is determined whether carry out authentication;
If not carrying out authentication, when being again introduced into the operation module, jumps to the authentication module progress identity and recognize Card.
A kind of possible embodiment, the embodiment of the present application five provide a kind of risk supervision device in, the execution mould Block 503 executes preset operation according to the risk class using following manner
When the risk class is advanced risk, the operation module intercepts user's operation row according to the risk class For, and the process of end operation module.
Shown in Figure 6, the embodiment of the present application also provides a kind of electronic equipment, which includes processor 601, storage Device 602 and bus 603, memory 602 are stored with the executable machine readable instructions of processor 601, processor 601 and memory It is communicated between 602 by bus 603, wherein above-mentioned processor 601 realizes above-mentioned risk supervision when executing above-mentioned computer program The step of method.
Specifically, above-mentioned memory 602 and processor 601 can be general memory and processor, do not do have here Body limits, and when the computer program of 601 run memory 602 of processor storage, is able to carry out above-mentioned risk checking method, energy Above-mentioned risk checking method is enough executed, to solve the problems, such as in the prior art not detecting risk, and then is reached certainly The dynamic current operation behavior for judging user is with the presence or absence of risk, and intelligent and accuracy is preferable, the preferable effect of practicability.
The embodiment of the present application also provides a kind of computer readable storage medium, stored on the computer readable storage medium There is computer program, which executes above-described embodiment risk checking method when being run by processor the step of.
Specifically, which can be general storage medium, such as mobile disk, hard disk, on the storage medium Computer program when being run, be able to carry out above-mentioned risk checking method, thus solve in the prior art can not to risk into The problem of row detection, and then reach the current operation behavior for judging automatically user with the presence or absence of risk, intelligent and accuracy is equal Preferably, the preferable effect of practicability.
The computer program product of a kind of risk detecting system and method provided by the embodiment of the present application, including storage The computer readable storage medium of program code, the instruction that said program code includes can be used for executing previous methods embodiment Described in method, specific implementation can be found in embodiment of the method, details are not described herein.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description It with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.In the application In provided several embodiments, it should be understood that disclosed systems, devices and methods, it can be real by another way It is existing.The apparatus embodiments described above are merely exemplary, for example, the division of the unit, only a kind of logic function It can divide, there may be another division manner in actual implementation, in another example, multiple units or components can combine or can collect At another system is arrived, or some features can be ignored or not executed.Another point, shown or discussed mutual coupling Conjunction or direct-coupling or communication connection can be the indirect coupling or communication connection by some communication interfaces, device or unit, It can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.
It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in the executable non-volatile computer-readable storage medium of a processor.Based on this understanding, the application Technical solution substantially the part of the part that contributes to existing technology or the technical solution can be with software in other words The form of product embodies, which is stored in a storage medium, including some instructions use so that One computer equipment (can be personal computer, server or the network equipment etc.) executes each embodiment institute of the application State all or part of the steps of method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. is various to deposit Store up the medium of program code.
Finally, it should be noted that embodiment described above, the only specific embodiment of the application, to illustrate the application Technical solution, rather than its limitations, the protection scope of the application is not limited thereto, although with reference to the foregoing embodiments to this Shen It please be described in detail, those skilled in the art should understand that: anyone skilled in the art Within the technical scope of the present application, it can still modify to technical solution documented by previous embodiment or can be light It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make The essence of corresponding technical solution is detached from the spirit and scope of the embodiment of the present application technical solution, should all cover the protection in the application Within the scope of.Therefore, the protection scope of the application shall be subject to the protection scope of the claim.

Claims (10)

1. a kind of risk detecting system characterized by comprising server and client;
The server is used to receive the user behavior information that the client is sent, and divides the user behavior information Analysis, determines the risk class of user behavior, and the risk class is sent to the client;
The user behavior information is sent to the server for obtaining user behavior information by the client;It is described Client is also used to receive the risk class that the server is sent, and executes preset operation according to the risk class.
2. system according to claim 1, which is characterized in that the client includes authentication module and operation module.
3. system according to claim 2, which is characterized in that described to execute preset operation packet according to the risk class It includes:
When the risk class is rudimentary risk, the operation module, which is used to generate pop-up according to the risk class, alerts page Face;
The operation module is used to eliminate bullet according to the user instruction when the pop-up warning page receives user instruction Window alerts the page, or jumps to the authentication module according to the user instruction, authenticates to user identity.
4. system according to claim 2, which is characterized in that described to execute preset operation packet according to the risk class It includes:
When the risk class is intermediate risk, the operation module is used to jump to the certification according to the risk class Module, and ID authentication request is sent to the authentication module;
The authentication module, for carrying out authentication to user after receiving ID authentication request.
5. system according to claim 3 or 4, which is characterized in that the client further includes Software Development Kit SDK;
It is described when jumping to authentication module and carrying out authentication, operation module for calling the interface function saved in SDK, according to The functional value of the interface function output, it is determined whether carry out authentication;
If not carrying out authentication, when being again introduced into the operation module, jumps to the authentication module and carry out authentication.
6. system according to claim 2, which is characterized in that described to execute preset operation packet according to the risk class It includes:
When the risk class is advanced risk, the operation module intercepts user's operation behavior according to the risk class, And the process of end operation module.
7. a kind of risk checking method characterized by comprising
Receive the user behavior information that client is sent;
The user behavior information is analyzed, determines the risk class of user behavior;
The risk class is sent to the client.
8. a kind of risk checking method characterized by comprising
Obtain user behavior information;
The user behavior information is sent to server;
The risk class that the server is sent is received, and preset operation is executed according to the risk class.
9. a kind of electronic equipment characterized by comprising processor, memory and bus, the memory are stored with the place The executable machine readable instructions of device are managed, when electronic equipment operation, pass through bus between the processor and the memory Communication executes the risk supervision side as described in claim 7 or 8 is any when the machine readable instructions are executed by the processor The step of method.
10. a kind of computer readable storage medium, which is characterized in that be stored with computer journey on the computer readable storage medium Sequence, the step of risk checking method as described in claim 7 or 8 is any is executed when which is run by processor.
CN201811385791.9A 2018-11-20 2018-11-20 A kind of risk detecting system and risk checking method Pending CN109471782A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811385791.9A CN109471782A (en) 2018-11-20 2018-11-20 A kind of risk detecting system and risk checking method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811385791.9A CN109471782A (en) 2018-11-20 2018-11-20 A kind of risk detecting system and risk checking method

Publications (1)

Publication Number Publication Date
CN109471782A true CN109471782A (en) 2019-03-15

Family

ID=65673935

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811385791.9A Pending CN109471782A (en) 2018-11-20 2018-11-20 A kind of risk detecting system and risk checking method

Country Status (1)

Country Link
CN (1) CN109471782A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110321696A (en) * 2019-07-01 2019-10-11 阿里巴巴集团控股有限公司 Account safety guard method and system based on small routine
CN110515975A (en) * 2019-07-17 2019-11-29 阿里巴巴集团控股有限公司 Risk detecting system, method and device
CN110675263A (en) * 2019-09-27 2020-01-10 支付宝(杭州)信息技术有限公司 Risk identification method and device for transaction data
CN110766842A (en) * 2019-10-28 2020-02-07 广州博衍智能科技有限公司 Passing equipment control method and device, machine readable medium and equipment
CN111786936A (en) * 2019-11-27 2020-10-16 北京沃东天骏信息技术有限公司 Method and device for authentication
US10846383B2 (en) 2019-07-01 2020-11-24 Advanced New Technologies Co., Ltd. Applet-based account security protection method and system
WO2021036455A1 (en) * 2019-08-29 2021-03-04 苏宁云计算有限公司 Link-based risk user identification method and device
CN112463266A (en) * 2020-12-11 2021-03-09 微医云(杭州)控股有限公司 Execution policy generation method and device, electronic equipment and storage medium
CN112836612A (en) * 2021-01-26 2021-05-25 支付宝(杭州)信息技术有限公司 Method, device and system for user real-name authentication
CN113872921A (en) * 2020-06-30 2021-12-31 腾讯科技(深圳)有限公司 Webpage detection method, device, equipment and computer readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101073219A (en) * 2003-09-12 2007-11-14 Rsa安全公司 System and method for risk based authentication
CN107230084A (en) * 2017-05-03 2017-10-03 同济大学 A kind of user behavior authentication method and system based on big data
CN107645482A (en) * 2016-07-22 2018-01-30 阿里巴巴集团控股有限公司 A kind of risk control method and device for business operation

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101073219A (en) * 2003-09-12 2007-11-14 Rsa安全公司 System and method for risk based authentication
CN107645482A (en) * 2016-07-22 2018-01-30 阿里巴巴集团控股有限公司 A kind of risk control method and device for business operation
CN107230084A (en) * 2017-05-03 2017-10-03 同济大学 A kind of user behavior authentication method and system based on big data

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110321696A (en) * 2019-07-01 2019-10-11 阿里巴巴集团控股有限公司 Account safety guard method and system based on small routine
US10846383B2 (en) 2019-07-01 2020-11-24 Advanced New Technologies Co., Ltd. Applet-based account security protection method and system
CN110515975A (en) * 2019-07-17 2019-11-29 阿里巴巴集团控股有限公司 Risk detecting system, method and device
WO2021036455A1 (en) * 2019-08-29 2021-03-04 苏宁云计算有限公司 Link-based risk user identification method and device
CN110675263A (en) * 2019-09-27 2020-01-10 支付宝(杭州)信息技术有限公司 Risk identification method and device for transaction data
CN110675263B (en) * 2019-09-27 2022-06-03 支付宝(杭州)信息技术有限公司 Risk identification method and device for transaction data
CN110766842A (en) * 2019-10-28 2020-02-07 广州博衍智能科技有限公司 Passing equipment control method and device, machine readable medium and equipment
CN111786936A (en) * 2019-11-27 2020-10-16 北京沃东天骏信息技术有限公司 Method and device for authentication
CN113872921A (en) * 2020-06-30 2021-12-31 腾讯科技(深圳)有限公司 Webpage detection method, device, equipment and computer readable storage medium
CN113872921B (en) * 2020-06-30 2024-01-26 腾讯科技(深圳)有限公司 Webpage detection method, device, equipment and computer readable storage medium
CN112463266A (en) * 2020-12-11 2021-03-09 微医云(杭州)控股有限公司 Execution policy generation method and device, electronic equipment and storage medium
CN112836612A (en) * 2021-01-26 2021-05-25 支付宝(杭州)信息技术有限公司 Method, device and system for user real-name authentication

Similar Documents

Publication Publication Date Title
CN109471782A (en) A kind of risk detecting system and risk checking method
US9667613B1 (en) Detecting mobile device emulation
CN109766700A (en) Access control method and device, the storage medium, electronic device of file
KR100966073B1 (en) Apparatus and method for managing terminal users
CN109165514A (en) A kind of risk checking method
US10284561B2 (en) Method and server for providing image captcha
CN110149298A (en) A kind of method and apparatus for kidnapping detection
CN108052818B (en) Application starting method and device, storage medium and electronic equipment
CN106888204B (en) Implicit identity authentication method based on natural interaction
CN105245489B (en) Verification method and device
CN110418344A (en) A kind of method and device that equipment identities mark generates
CN108200282B (en) Application starting method and device, storage medium and electronic equipment
CN109067645B (en) Network element equipment connected with NFV virtual security gateway
CN103916856B (en) Establish method, user equipment and the access point of wireless communication
CN105827578B (en) Method and device for processing keystroke characteristic data
CN110162959A (en) Data processing method and device based on device-fingerprint
CN110020531A (en) Internet of things equipment risk checking method and device
CN104184730B (en) Access processing method and device, electronic equipment
CN112463266A (en) Execution policy generation method and device, electronic equipment and storage medium
CN109413004A (en) Verification method, device and equipment
CN116342133A (en) Face brushing payment method, system, equipment and medium for self-service terminal
CN107967363B (en) Data processing method and device and electronic equipment
CN116089920A (en) Sensitive field early warning method, system, computer equipment and medium
CN104717641B (en) A kind of digital signature generation method and SIM card based on SIM card
CN109246002B (en) Deep security gateway and network element equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190315

RJ01 Rejection of invention patent application after publication