CN109600340B - Operation authorization method, device, terminal and server - Google Patents
Operation authorization method, device, terminal and server Download PDFInfo
- Publication number
- CN109600340B CN109600340B CN201710920117.5A CN201710920117A CN109600340B CN 109600340 B CN109600340 B CN 109600340B CN 201710920117 A CN201710920117 A CN 201710920117A CN 109600340 B CN109600340 B CN 109600340B
- Authority
- CN
- China
- Prior art keywords
- terminal
- information
- authorization
- server
- additional verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The invention discloses an operation authorization method, an operation authorization providing method and operation authorization equipment, and belongs to the technical field of networks. The method and the device can acquire the additional authentication information provided on the second terminal before formal authorization when the second terminal requests the first terminal to authorize the appointed operation of the first terminal, and can verify that the two terminals are in a very close distance in a physical space because the additional authentication information is acquired based on a short-distance communication mode and is limited by the distance between the terminals, and can not be forged in advance because the additional authentication information is temporarily provided by the server, so that the login security can be ensured through the additional authentication mode.
Description
Technical Field
The present invention relates to the field of network technologies, and in particular, to an operation authorization method, an operation authorization device, a terminal, and a server.
Background
With the development of network technology, many application scenarios involve an operation authorization process, for example, taking a login scenario as an example, if a user wants to log in a client of an instant messaging application on a certain terminal, a code scanning login function can be triggered on the terminal, so that a two-dimensional code for logging in can be displayed on the terminal, and then a scanning function of a corresponding client on a mobile phone of the user is turned on to scan the two-dimensional code, so that a user account and the like are authorized to log in the terminal, and the whole login process is completed. The same process can be applied to other processes involving operation authorization.
However, the security of the existing operation authorization scheme is based on that the user personally confirms the authorization near the login device, i.e., "scan the two-dimensional code through the mobile phone" and assume that the user is near the login device ". At present, a common number stealing means is that a number stealing person obtains a login two-dimensional code on own login equipment through means of copying, screen capturing and the like, then sends the login two-dimensional code to a victim through instant messaging software, and then tricks the victim to scan the two-dimensional code for authorization. Once the user confirms the authorization, the number embezzler logs in the account of the victim on the own device, so that the existing authorization operation method is poor in account security.
Disclosure of Invention
In order to solve the problems in the prior art, embodiments of the present invention provide an operation authorization method, an apparatus, a terminal, and a server. The technical scheme is as follows:
in a first aspect, an operation authorization method is provided, which is applied to a first terminal, and includes:
obtaining an authorization request provided by a second terminal through a first near field communication mode, and sending terminal information of a first terminal to a server;
acquiring additional verification information provided by the second terminal through a second near field communication mode based on a secondary verification request acquired from the server, and transmitting the additional verification information to the server;
displaying an authorization confirmation page acquired from the server, and authorizing the second terminal based on the authorization confirmation page;
the first close range communication mode and the second close range communication mode are the same or different.
In a first aspect, an operation authorization method is provided, which is applied to a second terminal, and the method includes:
when receiving a specified operation instruction, providing an authorization request through a first near field communication mode;
providing additional verification information through a second close-range communication mode based on the additional verification information acquired from the server;
and when the authorization certificate is acquired from the server, performing specified operation based on the authorization certificate.
In a first aspect, an operation authorization method is provided, which is applied to a server, and the method includes:
sending an authorization request to a second terminal based on a request of the second terminal, wherein the authorization request is provided as a first near field communication mode;
acquiring additional verification information when terminal information of a first terminal is received;
sending the additional verification information to the second terminal;
when information to be verified sent by the first terminal is received and the information to be verified is matched with the additional verification information, sending an authorization confirmation page to the first terminal;
and when the confirmation information of the first terminal is received, sending an authorization certificate to the second terminal.
In one aspect, an operation authorization apparatus is provided, which is applied to a first terminal, and includes:
the acquisition module is used for acquiring the authorization request provided by the second terminal through a first near field communication mode;
the sending module is used for sending the terminal information of the first terminal to a server;
the acquisition module is further used for acquiring additional authentication information provided by the second terminal through a second near field communication mode based on the secondary authentication request acquired from the server;
the sending module is further configured to send the additional verification information to the server;
the display module is used for displaying the authorization confirmation page acquired from the server;
an authorization module, configured to authorize the second terminal based on the authorization confirmation page;
the first close range communication mode and the second close range communication mode are the same or different.
In one aspect, an operation authorization apparatus is provided, which is applied to a second terminal, and includes:
the providing module is used for providing an authorization request through a first near field communication mode when receiving a specified operation instruction;
the providing module is further used for providing the additional verification information through a second near field communication mode based on the additional verification information acquired from the server;
and the operation module is used for carrying out specified operation based on the authorization certificate when the authorization certificate is acquired from the server.
In one aspect, an operation authorization apparatus is provided, the apparatus being applied to a server, and the apparatus including:
the device comprises a sending module, a receiving module and a sending module, wherein the sending module is used for sending an authorization request to a second terminal based on a request of the second terminal, and the authorization request is provided as a first near field communication mode;
the receiving module is used for receiving the terminal information of the first terminal;
the acquisition module is used for acquiring additional verification information when receiving the terminal information of the first terminal;
the sending module is further configured to send the additional verification information to the second terminal;
the receiving module is also used for receiving information to be verified sent by the first terminal;
the sending module is further configured to send an authorization confirmation page to the first terminal when receiving to-be-verified information sent by the first terminal and the to-be-verified information is matched with the additional verification information;
the sending module is further configured to send an authorization credential to the second terminal when receiving the confirmation information of the first terminal.
In one aspect, a terminal is provided that includes a processor and a memory, wherein the memory is configured to store a computer program; the processor is configured to execute the program stored in the memory to implement the method steps of any one of the first aspect and the second aspect.
In one aspect, a server is provided, comprising a processor and a memory, wherein the memory is used for storing a computer program; the processor is configured to execute the program stored in the memory to implement the method steps of the third aspect.
In any of the above aspects, the designated operation may be a login operation, that is, when the second terminal wants to log in a certain application, a login with a better security can be implemented through an additional authentication process.
According to the method provided by the embodiment of the invention, when the second terminal requests the first terminal to authorize the appointed operation of the first terminal, the additional verification information provided by the second terminal is acquired before formal authorization, because the acquisition of the additional verification information is performed based on a short-distance communication mode and is limited by the distance between the terminals, the two terminals can be verified to be in a very close distance in a physical space, and because the additional verification information is temporarily provided by the server and cannot be forged in advance, the login safety can be ensured by the additional verification mode.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic diagram of an implementation environment of an operation authorization method according to an embodiment of the present invention;
fig. 2 is a flowchart of an operation authorization method according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of interfaces displayed by the first terminal and the second terminal during operation authorization;
FIG. 4 is a schematic diagram of additional authentication information provided by an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of an operation authorization apparatus according to an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of an operation authorization apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an operation authorization apparatus according to an embodiment of the present invention;
fig. 8 is a block diagram illustrating a terminal 800 in accordance with an example embodiment;
fig. 9 is a block diagram illustrating a server 900 in accordance with an example embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
Fig. 1 is a schematic diagram of an implementation environment of an operation authorization method according to an embodiment of the present invention. In this implementation environment, a first terminal 101, a second terminal 102 and a server 103 are included.
The first terminal 101 may be installed with a first client of an application, the second terminal 102 may also be installed with a second client of the application, the first client and the second client may be clients of the same version or clients of different versions, for example, the first client may be a mobile phone version client, and the second client may be a PC version client. In addition, the second terminal may also open the web portal of the server by using the browser client, so as to log in, and the specific operation mode is the same as the above-mentioned login based on the two clients, which is not described herein again. Of course, the terminal may also have functions such as acoustic wave transceiving and NFC functions. The acoustic wave transmission and reception may refer to transmission and reception of an acoustic signal or transmission and reception of an electromagnetic wave signal. The sound signal may be any frequency sound signal that can be collected by the terminal, such as ultrasonic waves. The sound signals can be played through a loudspeaker of the terminal, the collection of the sound signals can be carried out through a microphone of the terminal, and the collection and transmission of the electromagnetic wave signals can be carried out through an antenna of the terminal.
The server 103 may be a server providing services for the first client and the second client, and the server 103 may further have a corresponding web portal for the terminal to access a web page.
In the embodiment of the present invention, when the server provides an authorization request (for example, a login request) for the second terminal, the authorization request is provided based on the first close-range communication method, and at this time, the first terminal may acquire the authorization request provided by the second terminal by using the first close-range communication method. When the server provides the additional verification information for the second terminal, the additional verification information can be provided based on a second near field communication mode, at this time, the first terminal can acquire the additional verification information provided by the second terminal by adopting the second near field communication mode, and the first near field communication mode and the second near field communication mode can be the same mode or different modes. Specifically, the first close-range communication mode and the second close-range communication mode are both one or a combination of more of graphic code scanning, sound wave or near field communication NFC.
The operation authorization provided by the embodiment of the invention refers to the authorization of a specified operation, such as any one of the authorization of a login operation, the authorization of a payment operation, the authorization of a transfer operation and the like, which needs to be performed based on certain information. Taking authorization of the login operation as an example, the authorization information is information such as a user account and a password, or encrypted information or a characteristic value generated based on the user account and the password, and the authorization of the payment operation and the transfer as an example, the authorization information may be a card number or an account identifier and a password, or encrypted information or a characteristic value generated based on the account identifier and the password, and the like, which is not specifically limited in the embodiment of the present invention.
Fig. 2 is a flowchart of an operation authorization method according to an embodiment of the present invention. In the embodiment of the present invention, only by taking the example that the designated operation is the login operation, and the first short-distance communication method and the second short-distance communication method are graphic code scanning, the implementation of the method may be performed based on the implementation environment in fig. 1, with reference to fig. 2, where the method includes:
201. the second terminal sends a login request to the server, wherein the login request is used for requesting to login the server on the second terminal.
For the second terminal, when the second terminal user wants to log in the server, a login request may be sent to the server, where the login request carries the terminal information of the second terminal. For example, the terminal information may be a terminal Identifier to inform the server which terminal wants to log in, and of course, the terminal information may further include any one or more of a network address of the terminal (i.e., an IP (Internet Protocol), geographic location information (e.g., latitude and longitude information), and connected wireless network information (e.g., an SSID (Service Set Identifier) of a wireless network).
In practical scenarios, the server may provide multiple login manners, such as a login manner based on user information (e.g., account password login), a login manner based on a short message authentication code (e.g., short message authentication login), or a login manner based on login user information of another terminal (e.g., scanning two-dimensional code login). If the second terminal user selects to log in based on the login mode of other terminals, the login request can also carry the identification information of the login mode selected by the second terminal, so that the server can process based on the identification information.
It should be noted that the second terminal may perform the above operation through a client corresponding to the server, or may perform the above operation through a web portal of the server, which is not limited in the embodiment of the present invention.
202. The server receives the login request and generates a graphic code of the login request, wherein the graphic code can be at least used for requesting the terminal information of the first terminal.
The graphic code may be a bar code, such as a one-dimensional code, a two-dimensional code, or the like, capable of carrying information. The server may generate the graphic code based on designated code information, which may be a piece of code information for requesting terminal information of the first terminal. In one possible implementation, the specific code information may also be used to instruct the first terminal to upload its account information (e.g., account number and password).
203. The server sends the graphic code to the second terminal.
204. And when the second terminal receives the graphic code, displaying the graphic code.
When receiving the graphic code, the second terminal displays the graphic code in a designated area of the second terminal, and displays operation prompt information at the same time, wherein the operation prompt information can be information for prompting a user how to operate. For example, the operation prompt message "please open the mobile phone client for scanning" may be displayed below the graphic code.
Referring to fig. 3 (a), a two-dimensional code provided by the server when the second terminal wants to perform scanning two-dimensional code registration is displayed.
205. The first terminal scans the graphic code provided by the second terminal and at least sends the terminal information of the first terminal to the server.
When the first terminal scans the graphic code displayed on the second terminal, the appointed code information carried by the graphic code can be obtained, and the terminal information of the first terminal is called by executing the appointed code information. Further, after the first terminal scans, the first terminal may further obtain authorization information of the first terminal, where the authorization information may refer to information required by a specified operation, such as an account and a password of a user; or an account name and a payment password of the user, etc.
Referring to fig. 3 (c), a scan area displayed on the screen when the first terminal starts the two-dimensional code scanning function is displayed.
Of course, in the above steps 202 to 205, the server provides the authorization request for the second terminal based on the graphic code, but in an actual scenario, the server may also provide the authorization request based on the sound wave or NFC, and when the authorization request is provided based on the sound wave, the above steps 202 to 205 may be replaced by: the server generates an authorization request in the form of a sound wave, which the server sends to the second terminal. And when the second terminal receives the authorization request in the form of the sound wave, playing the authorization request. The first terminal collects an authorization request played by the second terminal so as to obtain the authorization request, and sends terminal information of the first terminal to the server based on the authorization request. When the NFC-based format is provided, the above steps 202 to 205 may be replaced by: the server generates an authorization request, which is sent to the second terminal by the server. When the second terminal receives the authorization request, the authorization request is provided through the NFC chip. The first terminal acquires the authorization request through interaction between the NFC chip configured on the first terminal and the NFC chip configured on the second terminal, and sends the terminal information of the first terminal to the server based on the authorization request. In addition, the above-mentioned providing based on the graphic code scanning, the acoustic wave mode, the NFC and the like may also be performed in combination with at least two near field communication modes, and the same principle as that of providing additional verification information based on the second near field communication mode is followed, which is not described herein again.
Of course, if it is necessary to send the authorization information when sending the terminal information, in the above alternative step, the authorization information of the first terminal may also be sent to the server when sending the terminal information in the same manner.
206. And the server receives the terminal information of the first terminal and verifies the login request according to the terminal information of the first terminal and the terminal information of the second terminal.
If the terminal information of the first terminal and the terminal information of the second terminal both contain information capable of indicating a geographical location, such as a network address or geographical location information or connected wireless network information, the server may preliminarily determine whether the login request has an authorized login risk according to the terminal information of the two terminals through the following authentication process (1).
(1) And judging whether the geographical position relation between the first terminal and the second terminal meets the preset requirement or not.
If it is determined that the relative geographic locations of the two terminals are less than the preset distance, it is considered that there is no authorized login risk, and the additional authentication procedure may not be performed, whereas if it is determined that the relative geographic locations of the two terminals are greater than or equal to the preset distance, it is considered that there is an authorized login risk, and the subsequent step 207 may be performed.
In a possible implementation, when the first terminal sends the terminal information of the first terminal, the first terminal also sends the authorization information of the first terminal to the server, the server may preliminarily determine whether the login request has an authorized login risk based on the received authorization information of the first terminal, the terminal information, and the terminal information of the second terminal, and when it is determined that the login request has the authorized login risk, step 207 is executed.
The specific verification process may include at least one of the following verification processes (2) to (3):
(2) the second terminal is a common login terminal not for this user.
And if the terminal identifier of the second terminal is different from the terminal identifier of the common login terminal, the second terminal can be determined to be not the common login terminal of the user and have authorized login risks, and if the terminal identifier of the second terminal is the same as the terminal identifier of the common login terminal, the second terminal can be determined to be the common login terminal of the user.
(3) Whether the second terminal belongs to a blacklist device.
And inquiring a blacklist according to the terminal identification and/or the network address of the second terminal, and if the terminal identification is in the blacklist or the network address is in the blacklist, determining that the second terminal belongs to blacklist equipment and the authorized login risk exists.
For the verification processes (1) to (3), the preliminary verification may be performed based on only one verification process, or may be performed based on two or more verification processes, and when the preliminary verification is performed based on two or more verification processes, and when it is determined that there is an authorized login risk in the verification result of any one verification process, a subsequent verification process based on additional verification information may be performed. The embodiment of the invention does not limit the specific verification sequence.
Of course, the preliminary verification may also include verification of the login time, for example, based on the login time of the first terminal and the historical login habit time of the first terminal, it is determined whether the login time is within the time period of the historical login habit time, if not, it is determined that there is an authorized login risk, step 207 is executed, and if within the time period, the additional verification may be omitted. The historical login habit time can be a time period in which the login frequency is greater than a preset frequency or the login frequency is greater than the preset frequency when the user logs in within the historical time.
Specifically, if the first terminal supports GPS positioning, the geographic location information (e.g., latitude and longitude information) of the first terminal may be acquired by the GPS positioning system and sent to the server, or if the first terminal may acquire the wireless network information connected at this time, the wireless network information may also be sent to the server. It should be noted that what kind of information is specifically acquired and sent may be determined according to the capability of the terminal itself, that is, the first terminal may acquire at least one of the geographic location information and the wireless network information connected to the terminal, and send the acquired information to the server.
It should be noted that, when sending the authorization information, the authorization information may be sent together with the terminal information, or may be sent separately from the terminal information.
In one possible implementation, when the verification determines that the current operation is suspicious, the server may send to the first terminal indication information for instructing the first terminal to maintain a scanning state for scanning additional verification information received by a subsequent second terminal.
Of course, the server performs the preliminary authentication on the login request in step 206, and determines whether to perform step 207 based on the authentication result of the preliminary authentication, and in an actual scenario, the preliminary authentication of step 206 may not be performed, but step 207 may be directly performed to add an additional authentication process, so as to reduce the authorization risk.
207. And when the current operation is determined to be suspicious through verification, the server acquires additional verification information.
When the server receives the terminal information sent by the first terminal, it can be known that the second terminal wants to log in based on the user information of the first terminal, and in order to further guarantee the login security, additional authentication information for further authentication can be acquired.
In one possible implementation, when the first terminal transmits the terminal information and the authorization information of the first terminal, the server may randomly acquire the additional authentication information, or may acquire the additional authentication information based on the authorization information and/or the terminal information of the first terminal. The acquiring process may specifically include any one or a combination of the following steps:
step 1: an image associated with the authorization information is acquired. The image related to the authorization information may be a user avatar image, any image uploaded by the user, and the like. Taking the user avatar image as an example, the server may obtain the user avatar image corresponding to the authorization information from the user registration information according to the received authorization information.
Step 2: character information associated with the authorization information is obtained. The character information related to the authorization information may be any one of a user nickname and user registration information. Taking the nickname of the user as an example, the server may obtain the nickname of the user corresponding to the authorization information from the user registration information according to the received authorization information.
And step 3: and acquiring random data information. The server may also use randomly generated character information as additional authentication information. The specific random algorithm may adopt any random algorithm, and the character information may be used to refer to any kind or combination of several kinds of characters, numbers, letters, symbols, and the like. For example, the random data information may be a two-dimensional code of authentication information, a watermark texture, or an authentication code.
And 4, step 4: a specified audio clip is obtained. The server may also generate an audio, which may be a text message, or may be a piece of music or a song.
It should be noted that, in an actual scenario, when acquiring the additional verification information, the additional verification information may be performed in combination with any one or any several of the above steps 1 to 4, that is, the acquired additional verification information may include one or more of an image related to the authorization information, character information related to the authorization information, random data information, and a specified audio segment. For example, the additional authentication information may include the user avatar image, and for another example, the additional authentication information may include the user avatar image and a user nickname, and for another example, as shown in fig. 4, the additional authentication information may further include the user avatar image, the user nickname, and random data information.
In one possible implementation, when the first terminal transmits only the terminal information of the first terminal, the server may randomly acquire the additional authentication information or acquire the additional authentication information based on the terminal information of the first terminal. For example, characters in the terminal identifier of the first terminal are scrambled or added with scrambling codes to obtain the additional authentication information.
208. The server sends the additional authentication information to the second terminal.
209. The second terminal displays the additional authentication information when receiving the additional authentication information.
When the second terminal receives the additional verification information, the display interface can be refreshed to display the additional verification information, and operation prompt information can be displayed on the additional verification information to prompt a user how to operate. When the additional authentication information further includes a designated audio clip, the second terminal may also play the designated audio clip while displaying other information in the additional authentication information.
Referring to fig. 3 (b), a schematic diagram of the additional authentication information received by the second terminal is shown.
210. And the first terminal scans the image displayed on the second terminal under the condition of keeping the original scanning state to obtain the additional verification information. The original scanning state is a state in which the first terminal scans the graphic code provided by the second terminal in step 205.
For the first terminal, the scanning state may be maintained after the user information and the login information are sent, or the scanning state may be maintained based on an indication of the indication information after the indication information fed back by the server is received after the user information and the login information are sent. Of course, the step 210 may also close the scanning state and use any other short-range communication method to obtain the additional verification information.
If the short-range communication method adopted in step 205 is a method other than graphic code scanning, the original state may be the state of keeping the short-range communication method adopted in step 205 open, and of course, steps 205 and 210 do not need to adopt the same short-range communication method, so step 210 may also switch to a short-range communication method other than the original short-range communication method to acquire the additional authentication information. For example, if the step 205 is performed in a sonic mode, the step 210 may continuously acquire sonic waves or may switch to scanning the graphic code.
Specifically, the scanning process may be: and shooting the additional verification information displayed on the first terminal through the shooting module to obtain a shot picture, wherein the shot picture comprises the additional verification information. In this case, the captured picture may be used as the additional authentication information as it is, or the additional authentication information may be obtained by analyzing the captured picture by the first terminal.
In another embodiment, the scanning process may further include: and scanning the image displayed on the first terminal through the shooting module to obtain the additional verification information. The scanning process is the same as the scanning process in step 205, and may be to acquire an image and perform image analysis to obtain additional verification information.
The first terminal keeps the scanning state and continuously scans the display interface of the second terminal, so that the additional verification information can be acquired through scanning when the additional verification information is displayed on the second terminal.
Of course, when the additional verification information further includes the specified audio clip, the microphone of the first terminal collects the sound signal to obtain the specified audio clip being played by the first terminal. This kind of verification that adopts sound collection to carry out can enrich the verification mode, and because sound propagation distance itself is limited, consequently, can confirm through sound collection that first terminal and second terminal are located the certain distance, further confirm that the operation user is same, improve the assurance of its security.
Referring to fig. 3 (d), a scan area displayed on the screen when the first terminal maintains a scan state after scanning the two-dimensional code is displayed.
The steps 209 and 210 are described by taking as an example that the additional authentication information is obtained by the second terminal in the form of the graphic code, and the first terminal obtains the additional authentication information in the form of the graphic code scanning, but in an actual scenario, the steps 209 and 210 may be replaced by the following steps: when the second terminal receives the additional verification information, the additional verification information is converted into a sound wave form, and the additional verification information is played through a loudspeaker; or, the second terminal, upon receiving the additional authentication information in the form of sound waves, plays the additional authentication information through a speaker. The first terminal collects additional verification information in the form of sound waves sent by the second terminal through a microphone to obtain the additional verification information. Alternatively, the above steps 209 and 210 may be replaced by the following steps: and when receiving the additional verification information, the second terminal provides the additional verification information through the NFC chip. The first terminal acquires the additional authentication information through interaction between the NFC chip configured on the first terminal and the NFC chip configured on the second terminal.
Of course, the above-mentioned providing based on the graphic code scanning, the sound wave mode, the NFC and the like may also be performed in combination with at least two near field communication modes, for example, when the second terminal receives the additional verification information, the additional verification information is provided in a form of playing through a speaker and displaying the graphic code on a display screen. The first terminal collects additional verification information in the form of sound waves sent by the second terminal through a microphone, and scans an image displayed on the second terminal to obtain the additional verification information. It should be noted that, when at least two near field communication modes are adopted to provide the additional verification information, the same additional verification information can be provided based on each near field communication mode, so that the finally obtained additional verification information can be verified mutually, and the accuracy of the obtained additional verification information is ensured, or the parts with inaccuracy can be checked mutually to make up for the deficiency. Of course, a part of the additional authentication information can be provided based on each near field communication method, so that when the part of the additional authentication information is obtained respectively, the parts can be spliced to obtain complete additional authentication information, the distance between the two terminals can be ensured to be close enough to meet the requirements of the at least two near field communication methods on the distance, and the safety can be further improved.
In an actual scenario, the near field communication mode involved when the server provides the authorization request for the second terminal and the near field communication mode involved when the server provides the additional verification information for the second terminal may be the same communication mode or different communication modes, which is not limited in the embodiment of the present invention.
211. The first terminal sends the additional authentication information to the server.
Optionally, the first terminal may send the specified audio clip and other content with the additional verification information to the server, and may further analyze the obtained specified audio clip to obtain the text verification information of the specified audio clip; and adding the character verification information into the additional verification information, and sending the additional verification information to the server.
212. When the server receives to-be-verified information sent by the first terminal and the to-be-verified information is matched with the additional verification information, an authorization confirmation page is sent to the first terminal and used for authorizing the specified operation on the first terminal.
When receiving the to-be-verified information sent by the first terminal, the server may determine whether the to-be-verified information matches with the additional verification information previously acquired by the server, where the matching may mean that the two pieces of information are completely the same, or that the similarity between the pieces of information is greater than a preset similarity, and when determining the matching, it indicates that the login of the second terminal is legal at this time. Because the additional verification information is generated temporarily, an attacker cannot acquire the additional verification information in advance, so that the relationship between the first terminal and the second terminal can be reflected in the additional verification process, and the aim of better safety is fulfilled.
213. And when receiving the authorization confirmation page, the first terminal displays the authorization confirmation page.
The authorization confirmation page may be provided with an authorization item, which may be login authorization, payment authorization, etc., and an authorization confirmation key, where the first terminal user confirms whether to authorize the authorization item of the second terminal according to the use requirement of the first terminal user. The first terminal of the embodiment of the invention displays the authorization confirmation page after at least two times of scanning and at least two times of verification, thereby greatly improving the safety of the whole login process. Referring to fig. 3 (e), a schematic diagram of a display of the authorization confirmation page received by the first terminal is shown.
214. When the confirmation operation of the authorization confirmation page is detected on the first terminal, the first terminal sends an authorization confirmation instruction to the server.
The confirmation operation may be a trigger operation performed on an authorization confirmation key of the authorization confirmation page, where the trigger operation may be a click operation or an operation indicated by another authorization confirmation page, and this is not specifically limited in the embodiment of the present invention.
The above steps 213 to 214 are procedures in which the first terminal displays the authorization confirmation page acquired from the server, and authorizes the second terminal based on the authorization confirmation page. If the first terminal does not send the authorization information to the server when sending the terminal information, the first terminal may send the authorization information of the first terminal to the server when sending the authorization confirmation instruction to the server, so as to implement a subsequent authorization process.
215. And when receiving the authorization confirmation instruction, the server sends a login authorization certificate to the second terminal, wherein the login authorization certificate is used for indicating that the second terminal has successfully logged in on the server based on the user information of the first terminal.
216. And the second terminal receives the login authorization certificate and performs data interaction with the server based on the login authorization certificate.
For the second terminal, after receiving the login authorization credential, when sending the operation request to the server, the second terminal may carry the login authorization credential to prove that the second terminal is in a login state, and when receiving the operation request carrying the login authorization credential, the server may serve the second terminal based on the user information indicated by the login authorization credential.
It should be noted that, the embodiment shown in fig. 2 is described by taking a login operation as an example, and in an actual scenario, the designated operation to be authorized may also have other types, and at this time, the authorization credential issued by the server may be other types of authorization credentials, for example, for a payment operation, the authorization credential may be a payment authorization credential, and other types of designated operations are the same, and are not described herein again. Any one of the designated operations may be performed following the flow of the above steps 201 to 216, and of course, the authorization flow of different designated operations is allowed to have a change in details, for example, some steps other than the additional verification flow are added or subtracted, which is not limited in this embodiment of the present invention.
According to the method provided by the embodiment of the invention, when the second terminal requests the first terminal to authorize the appointed operation of the first terminal, the additional verification information provided by the second terminal is acquired before formal authorization, because the acquisition of the additional verification information is performed based on a short-distance communication mode and is limited by the distance between the terminals, the two terminals can be verified to be in a very close distance in a physical space, and because the additional verification information is temporarily provided by the server and cannot be forged in advance, the login safety can be ensured by the additional verification mode. Furthermore, a plurality of close range communication modes are provided, so that applicable scenes are richer, and the practicability and the reliability of the function are greatly improved.
Fig. 5 is a schematic structural diagram of an operation authorization apparatus according to an embodiment of the present invention. The device is applied to a first terminal, and comprises:
an obtaining module 501, configured to obtain an authorization request provided by a second terminal through a first near field communication;
a sending module 502, configured to send terminal information of the first terminal to a server;
the obtaining module 501 is further configured to obtain additional verification information provided by the second terminal through a second near field communication method based on the secondary verification request obtained from the server;
the sending module 502 is further configured to send the additional verification information to the server;
a display module 503, configured to display an authorization confirmation page obtained from the server;
an authorization module 504, configured to authorize the second terminal based on the authorization confirmation page;
the first close range communication mode and the second close range communication mode are the same or different.
In one possible implementation manner, the first close-range communication manner and the second close-range communication manner are both one or a combination of multiple types of graphic code scanning, acoustic waves or near field communication NFC.
In a possible implementation manner, the sending module 502 is further configured to send the authorization information of the first terminal to the server when sending the terminal information of the first terminal.
In a possible implementation manner, the authorization module 504 is configured to send the authorization information of the first terminal to the server when receiving an authorization confirmation instruction of the authorization confirmation page.
In one possible implementation, the additional authentication information includes: a combination of one or more of a user avatar image, a user nickname, and random characters.
In one possible implementation, the specified operation is a login operation.
Fig. 6 is a schematic structural diagram of an operation authorization apparatus according to an embodiment of the present invention. The device is applied to a second terminal, and comprises:
a providing module 601, configured to provide an authorization request in a first near field communication manner when receiving a specified operation instruction;
the providing module 601 is further configured to provide additional verification information through a second near field communication method based on the additional verification information acquired from the server;
an operation module 602, configured to perform a specified operation based on the authorization credential when the authorization credential is obtained from the server.
In a possible implementation manner, the providing module 601 is configured to send the terminal information of the second terminal to a server when receiving a specified operation instruction; and obtaining the authorization request from the server, and providing the authorization request through the first near field communication mode.
Fig. 7 is a schematic structural diagram of an operation authorization apparatus according to an embodiment of the present invention. The device is applied to the server, and the device comprises:
a sending module 701, configured to send an authorization request to a second terminal based on a request of the second terminal, where the authorization request is provided in a first near field communication manner;
a receiving module 702, configured to receive terminal information of a first terminal;
an obtaining module 703, configured to obtain additional verification information when receiving terminal information of the first terminal;
the sending module 701 is further configured to send the additional verification information to the second terminal;
the receiving module 702 is further configured to receive information to be verified sent by the first terminal;
the sending module 701 is further configured to send an authorization confirmation page to the first terminal when receiving to-be-verified information sent by the first terminal and the to-be-verified information matches the additional verification information;
the sending module 701 is further configured to send an authorization credential to the second terminal when receiving the confirmation information of the first terminal.
In a possible manner, the obtaining module 703 is configured to obtain the additional authentication information when it is determined that the request of the second terminal is at an authorization risk.
It should be noted that: the operation authorization apparatus provided in the above embodiment is only illustrated by the division of the above functional modules when authorizing the operation, and in practical applications, the above function allocation may be completed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules to complete all or part of the above described functions. In addition, the operation authorization apparatus and the operation authorization method provided by the above embodiments belong to the same concept, and specific implementation processes thereof are detailed in the method embodiments and are not described herein again.
The present embodiment provides a terminal, which can be used to execute the operation authorization method provided in the above embodiments. Referring to fig. 8, the terminal 800 includes:
the terminal 800 may include components such as an RF (Radio Frequency) circuit 110, a memory 120 including one or more computer-readable storage media, an input unit 130, a display unit 140, a sensor 150, an audio circuit 160, a WiFi (Wireless Fidelity) module 170, a processor 180 including one or more processing cores, and a power supply 190. Those skilled in the art will appreciate that the terminal structure shown in fig. 8 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components. Wherein:
the RF circuit 110 may be used for receiving and transmitting signals during information transmission and reception or during a call, and in particular, receives downlink information from a base station and then sends the received downlink information to the one or more processors 180 for processing; in addition, data relating to uplink is transmitted to the base station. In general, the RF circuitry 110 includes, but is not limited to, an antenna, at least one Amplifier, a tuner, one or more oscillators, a Subscriber Identity Module (SIM) card, a transceiver, a coupler, an LNA (Low Noise Amplifier), a duplexer, and the like. In addition, the RF circuitry 110 may also communicate with networks and other devices via wireless communications. The wireless communication may use any communication standard or protocol, including but not limited to GSM (Global System for Mobile communications), GPRS (General Packet Radio Service), CDMA (Code Division Multiple Access), WCDMA (Wideband Code Division Multiple Access), LTE (Long Term Evolution), email, SMS (Short messaging Service), and the like.
The memory 120 may be used to store software programs and modules, and the processor 180 executes various functional applications and data processing by operating the software programs and modules stored in the memory 120. The memory 120 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the terminal 800, and the like. Further, the memory 120 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 120 may further include a memory controller to provide the processor 180 and the input unit 130 with access to the memory 120.
The input unit 130 may be used to receive input numeric or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control. In particular, the input unit 130 may include a touch-sensitive surface 131 as well as other input devices 132. The touch-sensitive surface 131, also referred to as a touch display screen or a touch pad, may collect touch operations by a user on or near the touch-sensitive surface 131 (e.g., operations by a user on or near the touch-sensitive surface 131 using a finger, a stylus, or any other suitable object or attachment), and drive the corresponding connection device according to a predetermined program. Alternatively, the touch sensitive surface 131 may comprise two parts, a touch detection means and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 180, and can receive and execute commands sent by the processor 180. Additionally, the touch-sensitive surface 131 may be implemented using various types of resistive, capacitive, infrared, and surface acoustic waves. In addition to the touch-sensitive surface 131, the input unit 130 may also include other input devices 132. In particular, other input devices 132 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The display unit 140 may be used to display information input by or provided to a user and various graphical user interfaces of the terminal 800, which may be made up of graphics, text, icons, video, and any combination thereof. The Display unit 140 may include a Display panel 141, and optionally, the Display panel 141 may be configured in the form of an LCD (Liquid Crystal Display), an OLED (Organic Light-Emitting Diode), or the like. Further, the touch-sensitive surface 131 may cover the display panel 141, and when a touch operation is detected on or near the touch-sensitive surface 131, the touch operation is transmitted to the processor 180 to determine the type of the touch event, and then the processor 180 provides a corresponding visual output on the display panel 141 according to the type of the touch event. Although in FIG. 8, touch-sensitive surface 131 and display panel 141 are shown as two separate components to implement input and output functions, in some embodiments, touch-sensitive surface 131 may be integrated with display panel 141 to implement input and output functions.
The terminal 800 can also include at least one sensor 150, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor that may adjust the brightness of the display panel 141 according to the brightness of ambient light, and a proximity sensor that may turn off the display panel 141 and/or a backlight when the terminal 800 is moved to the ear. As one of the motion sensors, the gravity acceleration sensor can detect the magnitude of acceleration in each direction (generally, three axes), can detect the magnitude and direction of gravity when the mobile phone is stationary, and can be used for applications of recognizing the posture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), vibration recognition related functions (such as pedometer and tapping), and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured on the terminal 800, further description is omitted here.
WiFi belongs to a short-distance wireless transmission technology, and the terminal 800 can help a user send and receive e-mails, browse web pages, access streaming media, and the like through the WiFi module 170, and provides wireless broadband internet access for the user. Although fig. 8 shows the WiFi module 170, it is understood that it does not belong to the essential constitution of the terminal 800, and may be omitted entirely as needed within the scope not changing the essence of the invention.
The processor 180 is a control center of the terminal 800, connects various parts of the entire mobile phone using various interfaces and lines, and performs various functions of the terminal 800 and processes data by operating or executing software programs and/or modules stored in the memory 120 and calling data stored in the memory 120, thereby performing overall monitoring of the mobile phone. Optionally, processor 180 may include one or more processing cores; preferably, the processor 180 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 180.
The terminal 800 further includes a power supply 190 (e.g., a battery) for powering the various components, which may preferably be logically coupled to the processor 180 via a power management system to manage charging, discharging, and power consumption management functions via the power management system. The power supply 190 may also include any component including one or more of a dc or ac power source, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
Although not shown, the terminal 800 may further include a camera, a bluetooth module, etc., which will not be described herein. Specifically, in this embodiment, the display unit of the terminal is a touch screen display, and the terminal further includes a memory, where the memory is used to store a computer program and is configured to execute the program stored in the memory by the processor, so as to implement the method steps of the first terminal or the second terminal in the foregoing embodiment.
Fig. 9 is a block diagram illustrating a server 900 in accordance with an example embodiment. Referring to fig. 9, the server 900 comprises a processor 922 and a memory resource represented by a memory 932 for storing instructions executable by the processing component 922, e.g. a computer program, further the processor 922 is configured to execute the program stored on the memory for performing the server-side method steps of the above-described operation authorization method.
The server 900 may also include a power component 926 configured to perform power management of the server 900, a wired or wireless network interface 950 configured to connect the server 900 to a network, and an input/output (I/O) interface 958. The Server 900 may operate based on an operating system stored in a memory 932, such as a Windows ServerTM,Mac OS XTM,UnixTM,LinuxTM,FreeBSDTMOr the like.
The embodiment of the present invention further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the steps of the operation authorization method of the first terminal, the second terminal or the server are implemented.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (16)
1. An operation authorization method, applied to a first terminal, the method comprising:
obtaining an authorization request provided by a second terminal through a first near field communication mode, and sending terminal information of a first terminal to a server;
acquiring additional verification information provided by the second terminal through a second near field communication mode based on a secondary verification request acquired from the server, sending the additional verification information to the server, and sending an authorization confirmation page to the first terminal by the server when the server receives the additional verification information sent by the first terminal and the additional verification information is matched with the additional verification information sent to the second terminal by the server;
displaying the authorization confirmation page acquired from the server, and authorizing the second terminal based on the authorization confirmation page;
the first close range communication mode and the second close range communication mode are the same or different.
2. The method according to claim 1, wherein the first close-range communication mode and the second close-range communication mode are both one or more of graphic code scanning, acoustic wave or Near Field Communication (NFC) combination.
3. The method of claim 1, further comprising: and when the terminal information of the first terminal is sent, sending the authorization information of the first terminal to the server.
4. The method of claim 1, wherein the authorizing the second terminal based on the authorization confirmation page comprises:
and when an authorization confirmation instruction of the authorization confirmation page is received, sending the authorization information of the first terminal to the server.
5. The method of claim 1, wherein the additional authentication information comprises: a combination of one or more of a user avatar image, a user nickname, and random characters.
6. An operation authorization method, applied to a second terminal, the method comprising:
when receiving a specified operation instruction, providing an authorization request for a first terminal through a first near field communication mode;
providing additional verification information for the first terminal in a second near field communication mode based on the additional verification information acquired from the server, and when the server receives to-be-verified information sent by the first terminal and the to-be-verified information is matched with the additional verification information, sending an authorization confirmation page to the first terminal by the server;
and when the authorization certificate is acquired from the server, performing specified operation based on the authorization certificate.
7. The method of claim 6, wherein the specified operation is a login operation.
8. The method of claim 6, wherein providing the authorization request through the first short-range communication method when the specific operation instruction is received comprises:
when receiving a specified operation instruction, sending the terminal information of the second terminal to a server;
and obtaining the authorization request from the server, and providing the authorization request through the first near field communication mode.
9. An operation authorization method, applied to a server, the method comprising:
sending an authorization request to a second terminal based on a request of the second terminal, wherein the authorization request is provided as a first near field communication mode;
acquiring additional verification information when terminal information of a first terminal is received;
sending the additional verification information to the second terminal;
when information to be verified sent by the first terminal is received and the information to be verified is matched with the additional verification information, an authorization confirmation page is sent to the first terminal, wherein the information to be verified is the additional verification information which is obtained by the first terminal from the second terminal and sent by the server;
and when the confirmation information of the first terminal is received, sending an authorization certificate to the second terminal.
10. The method of claim 9, wherein obtaining additional authentication information upon receiving the terminal information of the first terminal comprises:
and when the request of the second terminal is determined to have authorization risk, acquiring the additional verification information.
11. An operation authorization apparatus, applied to a first terminal, the apparatus comprising:
the acquisition module is used for acquiring the authorization request provided by the second terminal through a first near field communication mode;
the sending module is used for sending the terminal information of the first terminal to a server;
the acquisition module is further used for acquiring additional authentication information provided by the second terminal through a second near field communication mode based on the secondary authentication request acquired from the server;
the sending module is further configured to send the additional verification information to the server, and when the server receives the additional verification information sent by the first terminal and the additional verification information matches with additional verification information sent by the server to a second terminal, the server sends an authorization confirmation page to the first terminal;
the display module is used for displaying the authorization confirmation page acquired from the server;
an authorization module, configured to authorize the second terminal based on the authorization confirmation page;
the first close range communication mode and the second close range communication mode are the same or different.
12. An operation authorization apparatus, applied to a second terminal, the apparatus comprising:
the providing module is used for providing the first terminal with an authorization request in a first near field communication mode when receiving a specified operation instruction;
the providing module is further used for providing additional verification information to the first terminal in a second near field communication mode based on the additional verification information acquired from the server, and when the server receives the information to be verified sent by the first terminal and the information to be verified is matched with the additional verification information, the server sends an authorization confirmation page to the first terminal;
and the operation module is used for carrying out specified operation based on the authorization certificate when the authorization certificate is acquired from the server.
13. An operation authorization apparatus, wherein the apparatus is applied to a server, the apparatus comprising:
the device comprises a sending module, a receiving module and a sending module, wherein the sending module is used for sending an authorization request to a second terminal based on a request of the second terminal, and the authorization request is provided as a first near field communication mode;
the receiving module is used for receiving the terminal information of the first terminal;
the acquisition module is used for acquiring additional verification information when receiving the terminal information of the first terminal;
the sending module is further configured to send the additional verification information to the second terminal;
the receiving module is also used for receiving information to be verified sent by the first terminal;
the sending module is further configured to send an authorization confirmation page to the first terminal when receiving to-be-verified information sent by the first terminal and the to-be-verified information is matched with the additional verification information, where the to-be-verified information is the additional verification information issued by the server and acquired by the first terminal from the second terminal;
the sending module is further configured to send an authorization credential to the second terminal when receiving the confirmation information of the first terminal.
14. A terminal comprising a processor and a memory, wherein the memory is configured to store a computer program; the processor, configured to execute the program stored in the memory, implements the method steps of any one of claims 1 to 8.
15. A server comprising a processor and a memory, wherein the memory is configured to store a computer program; the processor, configured to execute the program stored in the memory, implements the method steps of any one of claims 9 to 10.
16. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method of one of the preceding claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710920117.5A CN109600340B (en) | 2017-09-30 | 2017-09-30 | Operation authorization method, device, terminal and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710920117.5A CN109600340B (en) | 2017-09-30 | 2017-09-30 | Operation authorization method, device, terminal and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109600340A CN109600340A (en) | 2019-04-09 |
| CN109600340B true CN109600340B (en) | 2021-04-16 |
Family
ID=65956555
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710920117.5A Active CN109600340B (en) | 2017-09-30 | 2017-09-30 | Operation authorization method, device, terminal and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109600340B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113407161B (en) * | 2021-06-04 | 2023-12-22 | 中船奥蓝托无锡软件技术有限公司 | Collaborative research and development management system for complex equipment |
| CN113938283B (en) * | 2021-10-14 | 2023-12-12 | 南京大全电气研究院有限公司 | Code scanning login method, system, device, electronic equipment and storage medium |
| CN115102771B (en) * | 2022-06-25 | 2023-08-22 | 平安银行股份有限公司 | Data processing method, terminal device, system, device and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103685311A (en) * | 2013-12-27 | 2014-03-26 | 网易(杭州)网络有限公司 | Log-in validation method and device |
| CN104378344A (en) * | 2014-05-26 | 2015-02-25 | 腾讯科技(深圳)有限公司 | Log-in information transmission method, code scanning method and device and background server |
| CN104869127A (en) * | 2015-06-24 | 2015-08-26 | 郑州悉知信息技术有限公司 | Website login method, code-scanning client and server |
| CN105306202A (en) * | 2014-06-24 | 2016-02-03 | 腾讯科技(深圳)有限公司 | Identity verification method and device, server |
| CN106209763A (en) * | 2016-05-27 | 2016-12-07 | 北京畅游天下网络技术有限公司 | A kind of login method and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571803B (en) * | 2012-01-19 | 2016-04-27 | 北京远鉴科技有限公司 | A kind of graphic based Quick Response Code protection account, prevent order from distorting and the method and system of phishing attack |
-
2017
- 2017-09-30 CN CN201710920117.5A patent/CN109600340B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103685311A (en) * | 2013-12-27 | 2014-03-26 | 网易(杭州)网络有限公司 | Log-in validation method and device |
| CN104378344A (en) * | 2014-05-26 | 2015-02-25 | 腾讯科技(深圳)有限公司 | Log-in information transmission method, code scanning method and device and background server |
| CN105306202A (en) * | 2014-06-24 | 2016-02-03 | 腾讯科技(深圳)有限公司 | Identity verification method and device, server |
| CN104869127A (en) * | 2015-06-24 | 2015-08-26 | 郑州悉知信息技术有限公司 | Website login method, code-scanning client and server |
| CN106209763A (en) * | 2016-05-27 | 2016-12-07 | 北京畅游天下网络技术有限公司 | A kind of login method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109600340A (en) | 2019-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105933904B (en) | Network connection method and device | |
| CN109600223B (en) | Verification method, activation method, device, equipment and storage medium | |
| US11057376B2 (en) | Method, apparatus, and system for controlling intelligent device, and storage medium | |
| US11488234B2 (en) | Method, apparatus, and system for processing order information | |
| WO2017118412A1 (en) | Method, apparatus and system for updating key | |
| CN107071775B (en) | Mobile terminal and method and device for redirecting access to base station | |
| CN106776124B (en) | Data backup method and device | |
| CN108256853B (en) | Payment method and mobile terminal | |
| CN110417543B (en) | Data encryption method, device and storage medium | |
| WO2018121086A1 (en) | Method for connecting to hidden ap, and terminal device | |
| CN111062026B (en) | Verification information sharing method and electronic equipment | |
| CN108234124B (en) | Identity verification method, device and system | |
| CN111478849B (en) | Service access method, device and storage medium | |
| CN110622571B (en) | Network connection method, device and terminal | |
| CN107154935B (en) | Service request method and device | |
| CN106550361B (en) | Data transmission method, equipment and computer readable storage medium | |
| CN108901020B (en) | Network access method, mobile terminal and server | |
| CN109688147A (en) | Using login method, device, terminal, server, system and storage medium | |
| CN109600340B (en) | Operation authorization method, device, terminal and server | |
| CN111756696A (en) | Login method of application program, first electronic device and second electronic device | |
| WO2021078215A1 (en) | Method for cross-terminal switching of cloud game and related device | |
| CN111357245B (en) | Information searching method, terminal, network equipment and system | |
| CN107995151B (en) | Login verification method, device and system | |
| CN109039989B (en) | Address resolution protocol spoofing detection method, host and computer-readable storage medium | |
| CN108460251B (en) | Method, device and system for running application program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |