CN109615380A - Method, apparatus, computer equipment and the storage medium of user identity authentication - Google Patents
Method, apparatus, computer equipment and the storage medium of user identity authentication Download PDFInfo
- Publication number
- CN109615380A CN109615380A CN201811255392.0A CN201811255392A CN109615380A CN 109615380 A CN109615380 A CN 109615380A CN 201811255392 A CN201811255392 A CN 201811255392A CN 109615380 A CN109615380 A CN 109615380A
- Authority
- CN
- China
- Prior art keywords
- financial institution
- user identity
- identity authentication
- certification
- log
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000010801 machine learning Methods 0.000 claims description 23
- 230000005540 biological transmission Effects 0.000 claims description 8
- 238000005516 engineering process Methods 0.000 abstract description 3
- 238000010200 validation analysis Methods 0.000 abstract description 2
- 238000012545 processing Methods 0.000 description 13
- 238000012015 optical character recognition Methods 0.000 description 7
- 238000004891 communication Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000005291 magnetic effect Effects 0.000 description 2
- 238000003032 molecular docking Methods 0.000 description 2
- 230000029305 taxis Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 230000003044 adaptive effect Effects 0.000 description 1
- 210000004027 cell Anatomy 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 1
- 239000010931 gold Substances 0.000 description 1
- 229910052737 gold Inorganic materials 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000000638 stimulation Effects 0.000 description 1
- 210000000352 storage cell Anatomy 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
- 230000003442 weekly effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/14—Payment architectures specially adapted for billing systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Abstract
The disclosure is directed to a kind of method for authenticating user identity and devices, belong to identity validation technology field, which comprises receive the user identity authentication request from financial institution server;User identity authentication request is transmitted to authentication module corresponding with the auth type, to carry out user identity authentication by the authentication module, certification log is generated, contains financial institution mark, the auth type, authenticated time in the certification log;User identity authentication result is sent to the financial institution server;Determine authentication and accounting rule corresponding with financial institution mark;Based on the financial institution mark in the certification log, the auth type, authenticated time, according to determining authentication and accounting rule, Xiang Suoshu financial institution server sends charging message.The poor efficiency of parted hair charging is avoided, and realizes separating for certification and charging, substantially increases treatment effeciency.
Description
Technical field
The present invention relates to identity validation technology fields, are financial institution's progress more particularly to proxy authenticating server is used for
Method, apparatus, computer equipment and the storage medium of user identity authentication.
Background technique
Existing financial institution (including insurance institution, banking institution, internet financial institution etc.), business (insurance
Business, stock exchange, financial management in the Internet etc.) much it is directed to do intelligent authentication for user, such as recognition of face certification, optical character are known
Not (OCR, Optical Character Recognition) identity card identification certification, voiceprint etc..In the prior art, often
Financial institution oneself, family is equipped with intelligent authentication server.In recent years, intelligent authentication is carried out respectively in order to save each financial institution
Repeated construction expense, be changed to by third party (certification authority) certificate server authenticate.But due to for every financial institution
The basic information collected when certification is different, and charging regulation is also different.Although being authenticated by a certificate server, the certification
It is also to establish independent subsystem for different financial institutions in server, is carried out for its peculiar essential information for needing to authenticate
Certification, and adapt to the charging of the charging regulation of the financial institution.It therefore, is still one by one in certificate server
It is being run for the subsystem of each financial institutional establishment.Therefore, as long as needing the swapping data with a new authority server,
The certificate server will be directed to this new authority server, customize new data interaction format, i.e. frame structure.For every
A other mechanisms for needing to exchange data remodify code or the new data interaction format of customization is pretty troublesome.
Summary of the invention
Based on this, subsystem effect is separately provided to solve to remain as each financial institution in certificate server in the related technology
The low technical problem of rate, it is that financial institution carries out user identity authentication that the present invention provides one kind for proxy authenticating server
Method, apparatus, computer equipment and storage medium.
In a first aspect, providing a kind of side for carrying out user identity authentication for financial institution for proxy authenticating server
Method, comprising:
The user identity authentication request from financial institution server is received, the user identity authentication request has certification
Type and financial institution mark;
User identity authentication request is transmitted to authentication module corresponding with the auth type, by the certification
Module carries out user identity authentication, generates certification log, contains financial institution mark, the certification in the certification log
Type, authenticated time;
User identity authentication result is sent to the financial institution server;
Determine authentication and accounting rule corresponding with financial institution mark;
Based on the financial institution mark in the certification log, the auth type, authenticated time, according to determining
Authentication and accounting rule, Xiang Suoshu financial institution server send charging message.
The financial institution mark based in the certification log, the certification in one of the embodiments,
Type, authenticated time, according to determining authentication and accounting rule, Xiang Suoshu financial institution server sends charging message, comprising:
It obtains authenticated time and falls certification log within a predetermined period of time;
For the certification log of acquisition, according to determining authentication and accounting rule, it is determining with it is described authenticate it is described in log
Financial institution identifies charging number corresponding with the auth type;
The summation for being directed to the charging number that financial institution's mark is determined within a predetermined period of time is added to charging
In message, Xiang Suoshu financial institution server is sent.
It in one of the embodiments, include level one choice and level two options in the certification log, level one choice includes
Financial institution's mark, the title of the auth type, the authenticated time, level two options are the specific taxes of level one choice
Value,
It is described to the financial institution server send charging message while also send charging list file, for indicate to
The detailed programs of financial institution's charging, the charging list file include boxhead and table body,
The transmission charging list file includes:
According to the level-one item in certification log, the boxhead of charging list file is generated;
According to the secondary items in certification log, the table body of charging list file is generated;
The charging list file of generation is sent to the financial institution server.
The user identity authentication request has the secondary items and the gold of auth type in one of the embodiments,
Melt the secondary items of authority identification,
The generation authenticates log
Secondary items in user identity authentication request are mapped as the secondary items in the certification log;
Secondary items in user identity authentication request are inputted into machine learning model, are exported by machine learning model
It authenticates in log to the corresponding level-one item of the secondary items.
The machine learning model is trained as follows in one of the embodiments:
Secondary items sample set is inputted into machine learning model, each secondary items that the secondary items sample set includes
Sample is equipped with the label of corresponding level-one item, the corresponding level-one item determined by machine learning model output, with
The label is compared, such as inconsistent, then adjusts the machine learning model, makes the judgement of the machine learning model output
Level-one item it is consistent with label.
The service class that the user identity authentication request is also used for user identity authentication in one of the embodiments,
Type;
The type of service being also used for containing family authentication in the certification log;
The charging message sent to the financial institution server is also based on the type of service contained in certification log.
Second aspect provides a kind of dress for carrying out user identity authentication for financial institution for proxy authenticating server
It sets, comprising:
Request reception unit, for receiving the user identity authentication request from financial institution server, user's body
There is part certification request auth type and the financial institution to identify;
Retransmission unit is requested, for user identity authentication request to be transmitted to certification corresponding with the auth type
Module generates certification log, contains the finance in the certification log to carry out user identity authentication by the authentication module
Authority identification, the auth type, authenticated time;
As a result transmission unit, for user identity authentication result to be sent to the financial institution server;
Rule determination unit, for determining authentication and accounting rule corresponding with financial institution mark;
Message sending unit, for being identified, the auth type, being recognized based on the financial institution in the certification log
The time is demonstrate,proved, according to determining authentication and accounting rule, Xiang Suoshu financial institution server sends charging message.
The third aspect provides a kind of computer equipment, including memory and processor, is stored with meter in the memory
Calculation machine readable instruction, when the computer-readable instruction is executed by the processor, so that processor execution is described above
The step of carrying out the method for user identity authentication for proxy authenticating server for financial institution.
Fourth aspect provides a kind of storage medium for being stored with computer-readable instruction, the computer-readable instruction
When being executed by one or more processors, so that one or more processors execute described above is for proxy authenticating server
Financial institution carries out the step of method of user identity authentication.
The technical scheme provided by this disclosed embodiment can include the following benefits:
It is above-mentioned to be set for proxy authenticating server for the method, apparatus of financial institution's progress user identity authentication, computer
Standby and storage medium is requested by receiving the user identity authentication from financial institution server, and the user identity authentication is asked
It asks with auth type and financial institution mark;User identity authentication request is transmitted to and the auth type pair
The authentication module answered generates certification log, contains in the certification log to carry out user identity authentication by the authentication module
Financial institution's mark, the auth type, authenticated time;User identity authentication result is sent to financial institution's clothes
Business device;Determine authentication and accounting rule corresponding with financial institution mark;Based on the financial machine in the certification log
Structure mark, the auth type, authenticated time, according to determining authentication and accounting rule, Xiang Suoshu financial institution server is sent
Charging message.To complete authentication and accounting process, the poor efficiency of parted hair charging is avoided.Moreover, each different types of certification
It separates, avoids the subsystem that the prior art is docked with each financial institution and require with recognition of face certification, OCR identity
The brings repeated construction such as identification card, voiceprint improves systematic collaboration treatment effeciency.The present invention only generates day in certification
Will, and charge information is generated by charging child servers from each log every predetermined period, separating for certification and charging is realized,
Substantially increase treatment effeciency.
It should be understood that the above general description and the following detailed description are merely exemplary, this can not be limited
It is open.
Detailed description of the invention
Fig. 1 is that the proxy authenticating server that is used for provided in one embodiment is that financial institution carries out user identity authentication
The implementation environment figure of method.
Fig. 2 is that a kind of proxy authenticating server that is used for shown according to an exemplary embodiment is that financial institution carries out user
The flow chart of identity authentication method.
Fig. 3 is to carry out user identity for proxy authenticating server shown in corresponding embodiment according to fig. 2 for financial institution
A kind of specific implementation flow chart of step S150 in the method for certification.
Fig. 4 is to carry out user identity for proxy authenticating server shown in corresponding embodiment according to fig. 2 for financial institution
A kind of specific implementation flow chart of step S120 in the method for certification.
Fig. 5 schematically shows one kind and carries out user identity for proxy authenticating server for realizing above-mentioned for financial institution
The electronic equipment example block diagram of the method for certification.
Fig. 6 schematically shows one kind and carries out user identity for proxy authenticating server for realizing above-mentioned for financial institution
The computer readable storage medium of the method for certification.
Fig. 7 is that a kind of proxy authenticating server that is used for shown according to an exemplary embodiment is that financial institution carries out user
The block diagram of the device of authentication.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
Fig. 1 is that the proxy authenticating server that is used for provided in one embodiment is that financial institution carries out user identity authentication
The implementation environment figure of method, as shown in Figure 1, in the implementation environment, including proxy authenticating server 100 and connected to it
Multiple financial institution servers 200.The proxy authenticating server 100 includes front interface 101, recognition of face authentication module
102, OCR authentication module 103, voiceprint module 104, accounting module 105.
Proxy authenticating server 100 is to be integrated with the server of a variety of different authentication modules and accounting module, such as collect
At recognition of face authentication module, OCR authentication module, voiceprint module server.The multiple financial institution server
200 from different financial institutions and can have multiple, and connect respectively with the proxy authenticating server 100.The agency
Certificate server 100 receives the user identity authentication request from financial institution server, the user identity authentication request tool
There are auth type and financial institution mark;User identity authentication request is transmitted to corresponding with the auth type
Authentication module generates certification log, contains in the certification log described to carry out user identity authentication by the authentication module
Financial institution's mark, the auth type, authenticated time;User identity authentication result is sent to the financial institution services
Device;Determine authentication and accounting rule corresponding with financial institution mark;Based on the financial institution in the certification log
Mark, the auth type, authenticated time, according to determining authentication and accounting rule, Xiang Suoshu financial institution server sends meter
Take message.
It should be noted that the proxy authenticating server 100 and multiple financial institution servers 200 can be desk-top meter
Calculation machine server, huge computer servers, Cloud Server, server cluster etc., however, it is not limited to this.Proxy authentication service
Device 100 and multiple financial institution servers 200 can be attached by wired, wireless or other communication connection modes,
The present invention is herein with no restrictions.
As shown in Fig. 2, in one embodiment it is proposed that a kind of for proxy authenticating server is that financial institution is used
Family identity authentication method, it is described to be answered for the method that proxy authenticating server is financial institution's progress user identity authentication
For can specifically include following steps in above-mentioned proxy authenticating server:
Step S110, receives the user identity authentication request from financial institution server, and the user identity authentication is asked
It asks with auth type and financial institution mark;
User identity authentication request is transmitted to authentication module corresponding with the auth type by step S120, with
User identity authentication is carried out by the authentication module, certification log is generated, is marked in the certification log containing the financial institution
Know, the auth type, authenticated time;
User identity authentication result is sent to the financial institution server by step S130;
Step S140 determines authentication and accounting rule corresponding with financial institution mark;
Step S150 is identified, the auth type, authenticated time based on the financial institution in the certification log,
According to determining authentication and accounting rule, Xiang Suoshu financial institution server sends charging message.
Wherein, the auth type is, for example, the auth types such as face authentication, OCR certification, voiceprint.The finance machine
Structure mark illustrates requesting party's (requesting the agency of certification) of the certification request.The authentication module, that is, the agency
Authentication module included in certificate server 100, i.e. recognition of face authentication module 102, OCR authentication module 103, voiceprint
Module 104.The authenticated time is the time that the proxy authenticating server is authenticated.The charging regulation can be because of
The difference of requesting party and different, such as the request for company A, charging regulation are recognition of face of every progresss, 0.1 yuan of receipts;
Request for B company, charging regulation are then recognition of face in monthly 1,000,000 times or less 100,000 yuan of unified charging, are monthly exceeded
1000000 portions pers add 0.03 yuan.This addresses the problem be originally that subsystem bring is separately provided in each server
The problem of inefficiency.
Optionally, it is that financial institution being used that Fig. 3, which is the proxy authenticating server that is used for according to fig. 2 shown in corresponding embodiment,
The datail description of step S150 in the identity authentication method of family, it is described to carry out user for proxy authenticating server for financial institution
In identity authentication method, step S150 be may comprise steps of:
Step S151 obtains authenticated time and falls certification log within a predetermined period of time;
Step S152, for the certification log of acquisition, according to determining authentication and accounting rule, the determining and certification log
In the financial institution identify corresponding with auth type charging number;
Step S153 adds the summation for being directed to the charging number that financial institution's mark is determined within a predetermined period of time
It is added in charging message, Xiang Suoshu financial institution server is sent.
Wherein, the predetermined amount of time be, for example, daily, weekly, per ten days, monthly.Which reduces the number of payment,
Improve the efficiency of data transmission.
It in one exemplary embodiment, include level one choice and level two options in the certification log, level one choice includes
Financial institution's mark, the title of the auth type, the authenticated time, level two options are the specific taxes of level one choice
Value.
It is described to the financial institution server send charging message while also send charging list file, for indicate to
The detailed programs of financial institution's charging, the charging list file include boxhead and table body,
The transmission charging list file includes:
According to the level-one item in certification log, the boxhead of charging list file is generated;
According to the secondary items in certification log, the table body of charging list file is generated;
The charging list file of generation is sent to the financial institution server.
For the level one choice and level two options, for example, level one choice is client, level two options are safety life insurances, then
It is recorded as " client: safety life insurance ".If a log is " client: safety life insurance;Interface: recognition of face ";Time: 2018
May 27 11:37:48 ", then the log be safety life insurance on May 27th, 2018 11:37:48 one user to insure entrusted
The recognition of face certification that support certificate server is done.
Since in the database of each financial institution oneself, data only store into the dedicated format of oneself database, and
And the record of charging is needed for one comprising option be all different.For example, the record in the database of A bank is adopted
With " A bank;Recognition of face;May in 2018 11:37:48 " on the 27th form.It is also used to the request that certificate server is sent
" A bank;Recognition of face;May in 2018 11:37:48 " on the 27th form, have financial institution's identification field, and a number of B bank
According to the record in library using " on May 27th, 2018 11:37:48;The form of recognition of face ".It is asked to what certificate server was sent
It asks also using " on May 27th, 2018 11:37:48;The form of recognition of face ".It does not have financial institution's identification field, with A bank
Form disunity.In addition, the format due to their own request may not contain level one choice, it can not be to each financial machine
The request of structure carries out unified log processing after certification.Therefore after above-mentioned steps, the data format of each financial institution is obtained
Unification has been arrived, has facilitated proxy authenticating server to carry out unified log processing, realizes each financial institution data format and charging
The good docking of server data format, improves authentication efficiency.
The report of the generation can be inquired for each financial institution.Although in the database of each financial institution oneself
The data format of middle storage is not identical, but by way of above-mentioned level one choice and level two options, can be with unified shape
Formula is stored in the database of charging child servers, realizes charging subdata base storage format and each financial institution stores format
Smooth docking.
Optionally, it is that financial institution being used that Fig. 4, which is the proxy authenticating server that is used for according to fig. 2 shown in corresponding embodiment,
The datail description of step S120 in the identity authentication method of family, it is described to carry out user for proxy authenticating server for financial institution
In identity authentication method, the user identity authentication request has the secondary items and financial institution mark of auth type
Secondary items, generation certification log includes:
Secondary items in user identity authentication request are mapped as the second level in the certification log by step S121
Project;
Secondary items in user identity authentication request are inputted machine learning model, by engineering by step S122
It practises in the log of model authentication output to the corresponding level-one item of the secondary items.
In one exemplary embodiment, the machine learning model trains as follows:
Secondary items sample set is inputted into machine learning model, each secondary items that the secondary items sample set includes
Sample is equipped with the label of corresponding level-one item, the corresponding level-one item determined by machine learning model output, with
The label is compared, such as inconsistent, then adjusts the machine learning model, makes the judgement of the machine learning model output
Level-one item it is consistent with label.
The mode of learning of the machine learning model are as follows: constantly change the connection of network under the stimulation of extraneous input sample
Weight.The essence of study is to carry out dynamic adjustment to each connection weight.Since once the corresponding level one choice of each sample is it is known that machine
Device learning model applies operation according to each connection weight, to each sample, and obtained level one choice is not inconsistent with known, with regard to automatic
Each connection weight is adjusted, until obtained level one choice is consistent with previously known.In this way, just having trained machine learning mould
Type.Then, the level two options in financial institution's certification request are inputted into machine learning model, just obtains corresponding level-one choosing
?.
In one exemplary embodiment, the service class that the user identity authentication request is also used for user identity authentication
Type;
The type of service being also used for containing family authentication in the certification log;
The charging message sent to the financial institution server is also based on the type of service contained in certification log.
Wherein, the type of service is, for example, to insure, do bank card, loan etc..
As shown in fig. 7, in one embodiment, providing one kind for proxy authenticating server is that financial institution is used
The device of family authentication, it is described to collect for the device that proxy authenticating server is financial institution's progress user identity authentication
It is sent out in above-mentioned proxy authenticating server, can specifically include request reception unit 110, request retransmission unit 120, result
Send unit 130, rule determination unit 140, message sending unit 150.
Request reception unit 110, for receiving the user identity authentication request from financial institution server, the user
There is ID authentication request auth type and the financial institution to identify;
Retransmission unit 120 is requested, it is corresponding with the auth type for being transmitted to user identity authentication request
Authentication module generates certification log, contains in the certification log described to carry out user identity authentication by the authentication module
Financial institution's mark, the auth type, authenticated time;
As a result transmission unit 130, for user identity authentication result to be sent to the financial institution server;
Rule determination unit 140, for determining authentication and accounting rule corresponding with financial institution mark;
Message sending unit 150, for based on financial institution mark, the certification class in the certification log
Type, authenticated time, according to determining authentication and accounting rule, Xiang Suoshu financial institution server sends charging message.
The function of modules and the realization process of effect are specifically detailed in above-mentioned for proxy authentication service in above-mentioned apparatus
Device corresponds to the realization process of step in the method for financial institution's progress user identity authentication, details are not described herein.
It should be noted that although being referred to several modules or list for acting the equipment executed in the above detailed description
Member, but this division is not enforceable.In fact, according to embodiment of the present disclosure, it is above-described two or more
Module or the feature and function of unit can embody in a module or unit.Conversely, an above-described mould
The feature and function of block or unit can be to be embodied by multiple modules or unit with further division.
In addition, although describing each step of method in the disclosure in the accompanying drawings with particular order, this does not really want
These steps must be executed in this particular order by asking or implying, or having to carry out step shown in whole could realize
Desired result.Additional or alternative, it is convenient to omit multiple steps are merged into a step and executed by certain steps, and/
Or a step is decomposed into execution of multiple steps etc..
Through the above description of the embodiments, those skilled in the art is it can be readily appreciated that example described herein is implemented
Mode can also be realized by software realization in such a way that software is in conjunction with necessary hardware.Therefore, according to the disclosure
The technical solution of embodiment can be embodied in the form of software products, which can store non-volatile at one
Property storage medium (can be CD-ROM, USB flash disk, mobile hard disk etc.) in or network on, including some instructions are so that a calculating
Equipment (can be personal computer, server, mobile terminal or network equipment etc.) is executed according to disclosure embodiment
Method.
In an exemplary embodiment of the disclosure, a kind of electronic equipment that can be realized the above method is additionally provided.
Person of ordinary skill in the field it is understood that various aspects of the invention can be implemented as system, method or
Program product.Therefore, various aspects of the invention can be embodied in the following forms, it may be assumed that complete hardware embodiment, complete
The embodiment combined in terms of full Software Implementation (including firmware, microcode etc.) or hardware and software, can unite here
Referred to as circuit, " module " or " system ".
The electronic equipment 500 of this embodiment according to the present invention is described referring to Fig. 5.The electronics that Fig. 5 is shown
Equipment 500 is only an example, should not function to the embodiment of the present invention and use scope bring any restrictions.
As shown in figure 5, electronic equipment 500 is showed in the form of universal computing device.The component of electronic equipment 500 can wrap
It includes but is not limited to: at least one above-mentioned processing unit 510, at least one above-mentioned storage unit 520, the different system components of connection
The bus 530 of (including storage unit 520 and processing unit 510).
Wherein, the storage unit is stored with program code, and said program code can be held by the processing unit 510
Row, so that various according to the present invention described in the execution of the processing unit 510 above-mentioned " illustrative methods " part of this specification
The step of illustrative embodiments.For example, the processing unit 510 can execute step S110 as shown in fig. 1, receives and
It is requested from the user identity authentication of financial institution server, the user identity authentication request has auth type and the finance
Authority identification;User identity authentication request is transmitted to authentication module corresponding with the auth type by step S120, with
User identity authentication is carried out by the authentication module, certification log is generated, is marked in the certification log containing the financial institution
Know, the auth type, authenticated time;User identity authentication result is sent to the financial institution server by step S130;
Step S140 determines authentication and accounting rule corresponding with financial institution mark;Step S150, based in the certification log
Financial institution mark, the auth type, authenticated time, according to determining authentication and accounting rule, to the financial machine
Structure server sends charging message.
Storage unit 520 may include the readable medium of volatile memory cell form, such as Random Access Storage Unit
(RAM) 5201 and/or cache memory unit 5202, it can further include read-only memory unit (ROM) 5203.
Storage unit 520 can also include program/utility with one group of (at least one) program module 5205
5204, such program module 5205 includes but is not limited to: operating system, one or more application program, other program moulds
It may include the realization of network environment in block and program data, each of these examples or certain combination.
Bus 530 can be to indicate one of a few class bus structures or a variety of, including storage unit bus or storage
Cell controller, peripheral bus, graphics acceleration port, processing unit use any bus structures in a variety of bus structures
Local bus.
Electronic equipment 500 can also be with one or more external equipments 700 (such as keyboard, sensing equipment, bluetooth equipment
Deng) communication, can also be enabled a user to one or more equipment interact with the electronic equipment 500 communicate, and/or with make
Any equipment (such as the router, modulation /demodulation that the electronic equipment 500 can be communicated with one or more of the other calculating equipment
Device etc.) communication.This communication can be carried out by input/output (I/O) interface 550.Also, electronic equipment 500 can be with
By network adapter 560 and one or more network (such as local area network (LAN), wide area network (WAN) and/or public network,
Such as internet) communication.As shown, network adapter 560 is communicated by bus 530 with other modules of electronic equipment 500.
It should be understood that although not shown in the drawings, other hardware and/or software module can not used in conjunction with electronic equipment 500, including but not
Be limited to: microcode, device driver, redundant processing unit, external disk drive array, RAID system, tape drive and
Data backup storage system etc..
Through the above description of the embodiments, those skilled in the art is it can be readily appreciated that example described herein is implemented
Mode can also be realized by software realization in such a way that software is in conjunction with necessary hardware.Therefore, according to the disclosure
The technical solution of embodiment can be embodied in the form of software products, which can store non-volatile at one
Property storage medium (can be CD-ROM, USB flash disk, mobile hard disk etc.) in or network on, including some instructions are so that a calculating
Equipment (can be personal computer, server, terminal installation or network equipment etc.) is executed according to disclosure embodiment
Method.
In an exemplary embodiment of the disclosure, a kind of computer readable storage medium is additionally provided, energy is stored thereon with
Enough realize the program product of this specification above method.In some possible embodiments, various aspects of the invention may be used also
In the form of being embodied as a kind of program product comprising program code, when described program product is run on the terminal device, institute
Program code is stated for executing the terminal device described in above-mentioned " illustrative methods " part of this specification according to this hair
The step of bright various illustrative embodiments.
Refering to what is shown in Fig. 6, describing the program product for realizing the above method of embodiment according to the present invention
600, can using portable compact disc read only memory (CD-ROM) and including program code, and can in terminal device,
Such as it is run on PC.However, program product of the invention is without being limited thereto, in this document, readable storage medium storing program for executing can be with
To be any include or the tangible medium of storage program, the program can be commanded execution system, device or device use or
It is in connection.
Described program product can be using any combination of one or more readable mediums.Readable medium can be readable letter
Number medium or readable storage medium storing program for executing.Readable storage medium storing program for executing for example can be but be not limited to electricity, magnetic, optical, electromagnetic, infrared ray or
System, device or the device of semiconductor, or any above combination.The more specific example of readable storage medium storing program for executing is (non exhaustive
List) include: electrical connection with one or more conducting wires, portable disc, hard disk, random access memory (RAM), read-only
Memory (ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc read only memory
(CD-ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.
Computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal,
In carry readable program code.The data-signal of this propagation can take various forms, including but not limited to electromagnetic signal,
Optical signal or above-mentioned any appropriate combination.Readable signal medium can also be any readable Jie other than readable storage medium storing program for executing
Matter, the readable medium can send, propagate or transmit for by instruction execution system, device or device use or and its
The program of combined use.
The program code for including on readable medium can transmit with any suitable medium, including but not limited to wirelessly, have
Line, optical cable, RF etc. or above-mentioned any appropriate combination.
The program for executing operation of the present invention can be write with any combination of one or more programming languages
Code, described program design language include object oriented program language-Java, C++ etc., further include conventional
Procedural programming language-such as " C " language or similar programming language.Program code can be fully in user
It calculates and executes in equipment, partly executes on a user device, being executed as an independent software package, partially in user's calculating
Upper side point is executed on a remote computing or is executed in remote computing device or server completely.It is being related to far
Journey calculates in the situation of equipment, and remote computing device can pass through the network of any kind, including local area network (LAN) or wide area network
(WAN), it is connected to user calculating equipment, or, it may be connected to external computing device (such as utilize ISP
To be connected by internet).
In addition, above-mentioned attached drawing is only the schematic theory of processing included by method according to an exemplary embodiment of the present invention
It is bright, rather than limit purpose.It can be readily appreciated that the time that above-mentioned processing shown in the drawings did not indicated or limited these processing is suitable
Sequence.In addition, be also easy to understand, these processing, which can be, for example either synchronously or asynchronously to be executed in multiple modules.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the disclosure
His embodiment.This application is intended to cover any variations, uses, or adaptations of the disclosure, these modifications, purposes or
Adaptive change follow the general principles of this disclosure and including the undocumented common knowledge in the art of the disclosure or
Conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the disclosure are by claim
It points out.
Claims (9)
1. a kind of method for carrying out user identity authentication for proxy authenticating server for financial institution, which is characterized in that described
Proxy authenticating server has the authentication module corresponding to different types of user identity authentication, the method includes;
The user identity authentication request from financial institution server is received, the user identity authentication request has auth type
It is identified with the financial institution;
User identity authentication request is transmitted to authentication module corresponding with the auth type, by the authentication module
User identity authentication is carried out, certification log is generated, contains financial institution mark, the certification class in the certification log
Type, authenticated time;
User identity authentication result is sent to the financial institution server;
Determine authentication and accounting rule corresponding with financial institution mark;
Based on the financial institution mark in the certification log, the auth type, authenticated time, according to determining certification
Charging regulation, Xiang Suoshu financial institution server send charging message.
2. the method as described in claim 1, which is characterized in that the financial institution mark based in the certification log
Know, the auth type, authenticated time, according to determining authentication and accounting rule, Xiang Suoshu financial institution server sends charging
Message, comprising:
It obtains authenticated time and falls certification log within a predetermined period of time;
For the certification log of acquisition, according to determining authentication and accounting rule, the determining finance with the certification log
Authority identification and the corresponding charging number of the auth type;
The summation for being directed to the charging number that financial institution's mark is determined within a predetermined period of time is added to charging message
In, Xiang Suoshu financial institution server is sent.
3. the method as described in claim 1, which is characterized in that in the certification log include level one choice and level two options,
Level one choice includes financial institution's mark, the title of the auth type, the authenticated time, and level two options are level-one choosings
The specific assignment of item,
Charging list file is also sent while the transmission charging message to the financial institution server, for indicating to described
The detailed programs of financial institution's charging, the charging list file include boxhead and table body,
The transmission charging list file includes:
According to the level-one item in certification log, the boxhead of charging list file is generated;
According to the secondary items in certification log, the table body of charging list file is generated;
The charging list file of generation is sent to the financial institution server.
4. the method as described in claim 1, which is characterized in that the user identity authentication request has the second level of auth type
The secondary items of project and financial institution mark,
The generation authenticates log
Secondary items in user identity authentication request are mapped as the secondary items in the certification log;
Secondary items in user identity authentication request are inputted into machine learning model, by machine learning model authentication output
To the corresponding level-one item of the secondary items in log.
5. method as claimed in claim 4, which is characterized in that the machine learning model is trained as follows:
Secondary items sample set is inputted into machine learning model, each secondary items sample that the secondary items sample set includes
It is equipped with the label of corresponding level-one item, the corresponding level-one item determined by machine learning model output is and described
Label is compared, such as inconsistent, then adjusts the machine learning model, makes the one of the judgement of the machine learning model output
Grade project is consistent with label.
6. the method as described in claim 1, which is characterized in that the user identity authentication request also has user identity authentication
For type of service;
The type of service being also used for containing family authentication in the certification log;
The charging message sent to the financial institution server is also based on the type of service contained in certification log.
7. a kind of device for carrying out user identity authentication for financial institution for proxy authenticating server, which is characterized in that described
Device includes:
Request reception unit, for receiving the user identity authentication request from financial institution server, the user identity is recognized
There is auth type and the financial institution to identify for card request;
Retransmission unit is requested, for user identity authentication request to be transmitted to certification mould corresponding with the auth type
Block generates certification log, contains the financial machine in the certification log to carry out user identity authentication by the authentication module
Structure mark, the auth type, authenticated time;
As a result transmission unit, for user identity authentication result to be sent to the financial institution server;
Rule determination unit, for determining authentication and accounting rule corresponding with financial institution mark;
Message sending unit, when for based on the financial institution mark authenticated in log, the auth type, certification
Between, according to determining authentication and accounting rule, Xiang Suoshu financial institution server sends charging message.
8. a kind of computer equipment, including memory and processor, it is stored with computer-readable instruction in the memory, it is described
When computer-readable instruction is executed by the processor, so that the processor is executed as described in any one of claims 1 to 6
Method.
9. a kind of storage medium for being stored with computer-readable instruction, the computer-readable instruction is by one or more processors
When execution, so that one or more processors execute such as method described in any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811255392.0A CN109615380A (en) | 2018-10-26 | 2018-10-26 | Method, apparatus, computer equipment and the storage medium of user identity authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811255392.0A CN109615380A (en) | 2018-10-26 | 2018-10-26 | Method, apparatus, computer equipment and the storage medium of user identity authentication |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109615380A true CN109615380A (en) | 2019-04-12 |
Family
ID=66002816
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811255392.0A Pending CN109615380A (en) | 2018-10-26 | 2018-10-26 | Method, apparatus, computer equipment and the storage medium of user identity authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109615380A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11816195B2 (en) * | 2019-08-14 | 2023-11-14 | Nec Corporation | Information processing apparatus, information processing method, and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090328178A1 (en) * | 2008-06-27 | 2009-12-31 | Microsoft Corporation | Techniques to perform federated authentication |
| CN103854180A (en) * | 2012-12-05 | 2014-06-11 | 中国银联股份有限公司 | Credit voucher generating method and system, and application authorization method and system |
| CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
| US20150379516A1 (en) * | 2014-06-25 | 2015-12-31 | Moneygram International, Inc. | Method and Apparatus for Performing Authentication Services |
| CN107079034A (en) * | 2016-11-15 | 2017-08-18 | 深圳达闼科技控股有限公司 | A kind of identity authentication method, terminal device, certificate server and electronic equipment |
| CN107846408A (en) * | 2017-11-17 | 2018-03-27 | 北京汉王智远科技有限公司 | Identity authorization system and method based on cloud platform |
| CN108462710A (en) * | 2018-03-20 | 2018-08-28 | 新华三技术有限公司 | Authentication authority method, device, certificate server and machine readable storage medium |
-
2018
- 2018-10-26 CN CN201811255392.0A patent/CN109615380A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090328178A1 (en) * | 2008-06-27 | 2009-12-31 | Microsoft Corporation | Techniques to perform federated authentication |
| CN103854180A (en) * | 2012-12-05 | 2014-06-11 | 中国银联股份有限公司 | Credit voucher generating method and system, and application authorization method and system |
| US20150379516A1 (en) * | 2014-06-25 | 2015-12-31 | Moneygram International, Inc. | Method and Apparatus for Performing Authentication Services |
| CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
| CN107079034A (en) * | 2016-11-15 | 2017-08-18 | 深圳达闼科技控股有限公司 | A kind of identity authentication method, terminal device, certificate server and electronic equipment |
| CN107846408A (en) * | 2017-11-17 | 2018-03-27 | 北京汉王智远科技有限公司 | Identity authorization system and method based on cloud platform |
| CN108462710A (en) * | 2018-03-20 | 2018-08-28 | 新华三技术有限公司 | Authentication authority method, device, certificate server and machine readable storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 李馥娟;王群;: "云计算环境中的身份认证模型", 数学的实践与认识, no. 06 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11816195B2 (en) * | 2019-08-14 | 2023-11-14 | Nec Corporation | Information processing apparatus, information processing method, and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11595374B2 (en) | Secure permissioning of access to user accounts, including secure deauthorization of access to user accounts | |
| US20210350340A1 (en) | Secure updating of allocations to user accounts | |
| US20200167798A1 (en) | Customizing customer onboarding for a service with machine learning models | |
| US20190147430A1 (en) | Customizing payment sessions with machine learning models | |
| US20170200137A1 (en) | Combined security for electronic transfers | |
| US9940614B2 (en) | Syncing two separate authentication channels to the same account or data using a token or the like | |
| US20180191685A1 (en) | Recurring transfer notifications and secure transfers | |
| US11785010B2 (en) | Method and system for authentication via location monitoring | |
| AU2017286891B2 (en) | Communicating in chat sessions using chat bots to access payment accounts | |
| US20220327537A1 (en) | Detailing secure service provider transactions | |
| CN104618322A (en) | Data processing method and device based on instant communication tool | |
| CN109615380A (en) | Method, apparatus, computer equipment and the storage medium of user identity authentication | |
| CN109614780A (en) | Biological information certifying method and device, storage medium, electronic equipment | |
| CN109688190A (en) | Transmit method, apparatus, computer equipment and the storage medium of finance data | |
| US20170270519A1 (en) | Enabling a secure card on file option for electronic merchant applications | |
| US11900357B2 (en) | EMV secure chip communications | |
| US20240135337A1 (en) | Secure updating of allocations to user accounts | |
| US20220405732A1 (en) | Systems and methods for providing embedded banking services | |
| CN112632022A (en) | Object storage method and device, computer-readable storage medium and electronic equipment | |
| CN115965371A (en) | Payment marking method, device and system based on digital currency sub-wallet | |
| JP2023005954A (en) | Program, system, and method | |
| CN116128619A (en) | Service processing method, device, computer equipment and storage medium | |
| KR20120025741A (en) | The system which manages a customer security | |
| KR20090047404A (en) | System for financial transaction |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| CB02 | Change of applicant information |
Address after: 201, room 518000, building A, No. 1, front Bay Road, Qianhai Shenzhen Guangdong Shenzhen Hong Kong cooperation zone (Qianhai business secretary) Applicant after: Shenzhen one ledger Intelligent Technology Co., Ltd. Address before: 518000 Guangdong city of Shenzhen province Qianhai Shenzhen Hong Kong cooperation zone before Bay Road No. 1 building 201 room A Applicant before: Shenzhen one ledger Intelligent Technology Co., Ltd. |
|
| CB02 | Change of applicant information | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |