CN109741070B - Account management method and device based on network certificate - Google Patents
Account management method and device based on network certificate Download PDFInfo
- Publication number
- CN109741070B CN109741070B CN201811632612.7A CN201811632612A CN109741070B CN 109741070 B CN109741070 B CN 109741070B CN 201811632612 A CN201811632612 A CN 201811632612A CN 109741070 B CN109741070 B CN 109741070B
- Authority
- CN
- China
- Prior art keywords
- user
- electronic accounts
- operation request
- network
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 56
- 238000000034 method Methods 0.000 claims abstract description 37
- 238000012546 transfer Methods 0.000 claims description 46
- 238000012545 processing Methods 0.000 claims description 15
- 238000012795 verification Methods 0.000 claims description 14
- 238000004891 communication Methods 0.000 claims description 11
- 238000005516 engineering process Methods 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 4
- 238000012790 confirmation Methods 0.000 claims description 4
- 230000003993 interaction Effects 0.000 claims 1
- 230000007246 mechanism Effects 0.000 description 10
- 230000006870 function Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000013523 data management Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 3
- 230000003542 behavioural effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 239000003795 chemical substances by application Substances 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000001815 facial effect Effects 0.000 description 1
- 230000005021 gait Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
- 238000013515 script Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The embodiment of the application discloses an account management method based on a network certificate and a related device. Authenticating M electronic accounts of a user according to a network authentication name of the user, wherein the network authentication comprises biological characteristics and an identity identification code of the user and is used for identifying the user, and M is an integer greater than 0; determining an operation request for at least one of the M electronic accounts under the condition that the real-name authentication of the M electronic accounts passes, wherein the operation request comprises the biological characteristics and the identity identification codes of the requesting user; checking whether the operation request is valid or not according to the network card, the biological characteristics and the identity of the requesting user; and under the condition that the operation request is confirmed to be invalid, prohibiting the operation on the electronic account corresponding to the operation request. The method provided by the embodiment of the application effectively avoids tedious operations of the user among different electronic accounts, and is convenient for managing the electronic account information of the user.
Description
Technical Field
The present disclosure relates to the field of account management in networks, and in particular, to a method and an apparatus for managing accounts based on network credentials.
Background
Along with the rapid development of the Internet, rich and diversified data management channels are induced, so that the information management industry can develop rapidly, and the information data management of more drama diversification is realized; the information data management mode comprises the following steps: funds management, personal information management, program development management, confidential information management, and the like. However, diversified information data management is not only cumbersome for users but also presents management risks, such as funding security risks. The diversified management mode and the multi-channel verification mode, especially the content of the account to which the user belongs is changed only by means of identity card number real-name authentication, so that the user information storage is scattered and potential safety hazards exist.
Taking fund management as an example, due to the diversification of fund management institutions and payment institutions in the current market, the fund storage of users is scattered and payment channels are diversified; however, the collection account of the merchant is generally an account of a mainstream funds management mechanism, such as a payment treasury or a WeChat, so that a payment user may not use a payment account intended by the user to conduct a transaction, and a certain complication exists in switching between different accounts. There is no complicated operation for the user, and there is no concern that the merchant cannot collect money. Besides the money assets, the method can also perform unified management on the fixed assets, other assets and the like, and is convenient for fund evaluation, asset monitoring and the like.
Therefore, how to avoid tedious operations and effectively manage the electronic account of the user is a problem that needs to be solved in the present application.
Disclosure of Invention
In view of the foregoing, the present application has been developed to provide a method and apparatus for network card-based account management that overcome or at least partially solve the foregoing problems.
In a first aspect, an embodiment of the present application provides a network certificate based account management method, including:
authenticating M electronic accounts of a user according to a network authentication name of the user, wherein the network authentication comprises biological characteristics and an identity identification code of the user and is used for identifying the user, and M is an integer greater than 0;
determining an operation request for at least one of the M electronic accounts under the condition that the real-name authentication of the M electronic accounts passes, wherein the operation request comprises the biological characteristics and the identity identification codes of the requesting user;
checking whether the operation request is valid or not according to the network card, the biological characteristics and the identity of the requesting user;
and under the condition that the operation request is confirmed to be invalid, prohibiting the operation on the electronic account corresponding to the operation request.
In one possible implementation manner, before the authenticating the M electronic accounts of the user according to the network certificate of the user, the method further includes:
acquiring N electronic accounts of the user, wherein N is an integer greater than M;
and determining the M electronic accounts with the network verification name authentication function opened in the N electronic accounts.
In one possible implementation, the method further includes:
and storing the network certificate of the user and the operation records of the M electronic accounts by using a blockchain technology.
In one possible implementation, the method further includes:
evaluating the information security degree of the M electronic accounts by using the stored network certificate of the user and the operation records of the M electronic accounts;
and under the condition that the information security degree of the M electronic accounts is low, updating the identification codes of the network certificates.
In one possible implementation, the operation request includes one or more of an account information acquisition request, a transfer operation request, and a funds transfer request for any one of the M electronic accounts.
In one possible implementation, the operation request includes a funds transfer request for any one of the M electronic accounts; the method further comprises the steps of:
according to the auditing rules of the fund flow, auditing the fund sources corresponding to the fund transfer request;
and if the auditing result is illegal, intercepting the fund transfer request.
In one possible implementation manner, the determining the operation request for at least one electronic account of the M electronic accounts if the M electronic accounts pass real-name authentication includes:
receiving a transfer operation request of the user;
and determining a transfer operation request for one of the M electronic accounts according to the using frequency of the M electronic accounts or a transfer sequence of the preset M electronic accounts.
By implementing the embodiment of the application, the electronic account (such as a fund account) under the user name is authenticated based on the legal and valid user network certificate; when a user performs funds transfer, transfer-out or other operations on any one of the funds accounts, the identity of an operation executor and the legality of the operation are verified through the biological characteristics and the identity identification codes of the user contained in the network certificate, a unified funds management channel is provided for the funds management of M funds accounts, the flow direction of the funds is monitored, and the safety of the funds is ensured. And the fund management is diversified while the use is convenient for users. In summary, the account management method based on the network certificate effectively manages the electronic account of the user, avoids complicated operation, and ensures the safety and the high efficiency of fund flow in the aspect of asset management.
In a second aspect, an embodiment of the present application provides an account management device based on a network certificate, including:
an authentication unit, configured to authenticate M electronic accounts of a user according to a network authentication name of the user, where M is an integer greater than 0, and the network authentication includes a biometric feature and an identity identification code of the user, and is used for identity identification of the user;
a confirmation unit, configured to determine an operation request for at least one of the M electronic accounts, where the operation request includes a biometric feature and an identification code of a requesting user, when the M electronic accounts pass real-name authentication;
the verification unit is used for verifying the validity of the operation request according to the network certificate, the biological characteristics of the request user and the identity identification code;
and the limiting unit is used for prohibiting the operation of the electronic account corresponding to the operation request when the operation request is confirmed to be invalid.
In one possible implementation, the apparatus further includes:
the statistics unit is used for acquiring N electronic accounts of the user before the authentication unit is used for authenticating the M electronic accounts of the user according to the network certificate of the user, wherein N is an integer larger than M; and determining the M electronic accounts with the network verification name authentication function opened in the N electronic accounts.
In one possible implementation, the apparatus further includes:
and the storage unit is used for storing the network certificate of the user and the operation records of the M electronic accounts by using a blockchain technology.
In one possible implementation, the apparatus further includes:
the supervision unit is used for evaluating the information security degree of the M electronic accounts by using the stored network certificate of the user and the operation records of the M electronic accounts; and under the condition that the information security degree of the M electronic accounts is low, updating the identification codes of the network certificates.
In one possible implementation, the operation request includes one or more of an account information acquisition request, a transfer operation request, and a funds transfer request for any one of the M electronic accounts.
In one possible implementation, the operation request includes a funds transfer request for any one of the M electronic accounts; the apparatus further comprises:
the auditing unit is used for auditing the fund sources corresponding to the fund transfer request according to the auditing rules of the fund flow; and if the auditing result is illegal, intercepting the fund transfer request.
In one possible implementation manner, the determining the operation request for at least one electronic account of the M electronic accounts if the M electronic accounts pass real-name authentication includes:
a selection unit for receiving a transfer operation request of the user; and determining a transfer operation request for one of the M electronic accounts according to the using frequency of the M electronic accounts or a transfer sequence of the preset M electronic accounts.
In a third aspect, embodiments of the present application provide a computer-readable storage medium storing program instructions that, when executed by a processor, perform the method of the first aspect, which is not described herein.
In a fourth aspect, an embodiment of the present application provides a network certificate based account management device, including a storage unit, a communication unit, and a processing unit, where the storage unit is configured to store a data processing code, and the communication unit is configured to interact information with an external device; the processing means are configured to invoke program code for performing the method according to the first aspect, which is not described in detail here.
In a fifth aspect, embodiments of the present application further provide a computer program, where the computer program may include program instructions, which when executed by a computer, enable the computer to perform a method including the method described in the first aspect, which is not described herein.
Drawings
In order to more clearly describe the technical solutions in the embodiments or the background of the present application, the following description will describe the drawings that are required to be used in the embodiments or the background of the present application.
Fig. 1 is a network certificate-based account management architecture provided in an embodiment of the present application;
FIG. 2 is a flow chart of account management based on network credentials provided in an embodiment of the present application;
fig. 3 is a network certificate-based account management application scenario provided in an embodiment of the present application;
FIG. 4 is a schematic diagram of an account management device based on a network certificate according to an embodiment of the present application;
fig. 5 is a network certificate-based account management device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
The terms "comprising" and "having" and any variations thereof in the description and claims of the present application and in the drawings are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the present application. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments.
As used in this application, the terms "server," "unit," "system," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, or software in execution. For example, a server may be, but is not limited to being, a processor, a data processing platform, a computing device, a computer, two or more computers, or the like.
First, some terms in this application are explained for easy understanding by those skilled in the art.
(1) The resident identity card network function certificate, called network card for short, is a certificate issued by the trusted identity authentication platform (CTID) authentication of the first institute of public security of the people's republic of China, and is an electronic certificate generated on a mobile phone after comparing the personal identities of the citizens through the biotechnological means of face recognition, and is used for user identity recognition. Commonly used are time stamped two-dimensional codes or bar codes.
(2) Biological feature recognition technology refers to technology for performing personal identification by using physiological features (fingerprint, iris, facial phase, DNA, etc.) or behavioral features (gait, keystroke habit, etc.) inherent to a human body through a computer; biological characteristics include physiological characteristics and behavioral characteristics.
(3) The block chain consists of a data layer, a network layer, a consensus layer, an incentive layer, a contract layer and an application layer. The data layer encapsulates the underlying data blocks and related basic data such as data encryption and time stamps and basic algorithms; the network layer comprises a distributed networking mechanism, a data transmission mechanism, a data verification mechanism and the like; the consensus layer mainly encapsulates various consensus algorithms of the network node; the incentive layer integrates economic factors into a blockchain technology system and mainly comprises an issuing mechanism, an allocation mechanism and the like of economic incentives; the contract layer mainly encapsulates various scripts, algorithms and intelligent contracts, and is the basis of programmable characteristics of the block chain; the application layer encapsulates various application scenarios and cases of the blockchain.
Next, a description will be given of an account management architecture based on a network license according to an embodiment of the present application. Referring to fig. 1, fig. 1 is a schematic diagram of an account management architecture based on a network certificate according to an embodiment of the present application, including: server and terminal. Wherein,
the server can be a server group or a server, and is, for example, a service device which can rapidly acquire, process, analyze and extract valuable, massive and diversified data and brings various convenience to third parties based on the interactive data. In this embodiment of the present application, the server may be an execution body, and execute the method described in the foregoing first aspect, for example: authenticating M electronic accounts of a user according to a network authentication name of the user, wherein the network authentication comprises biological characteristics and an identity identification code of the user and is used for identifying the user, and M is an integer greater than 0; determining an operation request for at least one of the M electronic accounts under the condition that the real-name authentication of the M electronic accounts passes, wherein the operation request comprises the biological characteristics and the identity identification codes of the requesting user; checking whether the operation request is valid or not according to the network card, the biological characteristics and the identity of the requesting user; and under the condition that the operation request is confirmed to be invalid, prohibiting the operation on the electronic account corresponding to the operation request.
The terminal can be a device at the outermost periphery of the network in the computer network, and can also be used for inputting information, outputting processing results and the like. May also be referred to as a system, subscriber unit, subscriber station, mobile station, remote terminal, mobile device, user terminal, mobile terminal, wireless communication device, user agent, user device, plug-in mountable service device, or User Equipment (UE). For example, the terminal may be a cellular telephone, a mobile telephone, a cordless telephone, a smart watch, a wearable device, a tablet device, a session initiation protocol (session initiation protocol, SIP) phone, a wireless local loop (wireless local loop, WLL) station, a personal digital assistant (personal digital assistant, PDA), a wireless communication enabled handheld device, a computing device, an in-vehicle communication module, a smart meter, or other processing device connected to a wireless modem. In this embodiment of the present application, the terminal is a device running a related application or a web page of the electronic funds account, and the user may use the electronic funds account of the user (it may be understood that the user uses the related application, the client or the web page of the terminal) to perform operations such as processing funds. The terminals include a plurality of individual terminals, such as terminal a, terminal B, and terminal C, representing a plurality of terminals corresponding to a plurality of users managed by the server, where each terminal may manage a plurality of electronic funds accounts through a client or application. The embodiment of the application does not limit the number and the type of the electronic funds accounts owned by the user; each user has a unique network certificate, and the user's electronic account is authenticated based on the network certificate name.
It is understood that the illustration of fig. 1 is merely an exemplary implementation in the examples of the present application. The system architecture in the embodiments of the present application may include, but is not limited to, the above system architecture.
The technical problems set forth in the present application are specifically analyzed and resolved in the following in conjunction with the system architecture and the embodiments of the network card-based account management method provided in the present application.
Referring to fig. 2, fig. 2 is a schematic diagram of a network card-based account management flow provided in an embodiment of the present application, which can be applied to the system architecture in fig. 1, and will be described below with reference to fig. 2 from a single side of a server. The method may include step S203-step S207. Optionally, step S201, step S202, and step S207 may also be included.
Step S201: and acquiring N electronic accounts of the user.
Specifically, the server acquires information of N electronic accounts through uploading data of the electronic accounts by a user; the embodiment of the application does not limit the way of acquiring the N electronic accounts of the user. N is an integer greater than M. For example, a certain user has a plurality of electronic accounts, and information of the plurality of electronic accounts owned by the user is acquired. Taking the electronic account as a fund account for example, acquiring fund account information of the user, wherein the fund account information comprises the affiliated institution information of the fund account, personal information of an owner of the fund account and the like.
Step S202: and determining the M electronic accounts with the network verification name authentication function opened in the N electronic accounts.
Specifically, M electronic accounts which can open or realize the network verification name authentication function are determined in N electronic accounts of the user. For example, in an application scenario of a funds account, statistics may verify the funds account paid based on a network certificate, opening a corresponding payment channel.
Step S203: and authenticating M electronic accounts of the user according to the network authentication name of the user.
Specifically, the user information of the M electronic accounts is authenticated according to the network certificate information of the user to be consistent with the user information of the network certificate. The network certificate of the user is a certificate issued by a trusted identity authentication platform (CTID) authentication of a first institute of public security of the people's republic of China, and is an electronic certificate generated on a mobile phone after the personal identities of the citizens are compared through a biotechnological means of face recognition and used for user identity recognition. Commonly used are time stamped two-dimensional codes or bar codes. The network card comprises the biological characteristics and the identity identification code of the user and is used for identifying the identity of the user, and M is an integer greater than 0.
In one possible implementation manner, the M electronic accounts of the user network verification name authentication are in butt joint with a third party management platform of the user network verification name authentication, so that unified management of the M electronic accounts by the third party management platform is achieved. Taking a fund account as an example, the fund account with real-name authentication can be bound on an online shopping platform (such as Beijing dong, taobao and the like); in the case of consumer payments, transactions are conducted directly through the funding account of the binding platform.
Step S204: and determining an operation request for at least one electronic account in the M electronic accounts under the condition that the real-name authentication of the M electronic accounts is passed.
Specifically, at least one electronic account in M electronic accounts authenticated by real name is selected for information operation; for example, the real-name authenticated fund account transfers the fund of the user according to the specific content of the payment operation request after verifying the validity of the payment operation under the condition that the user has the payment requirement. The operation request includes a biometric and an identification code of the requesting user.
In one possible implementation, the operation request includes one or more of an account information acquisition request, a transfer operation request, and a funds transfer request for any one of the M electronic accounts.
In one possible implementation, the operation request includes a funds transfer request for any one of the M electronic accounts; the method further comprises the steps of: according to the auditing rules of the fund flow, auditing the fund sources corresponding to the fund transfer request; and if the auditing result is illegal, intercepting the fund transfer request. For example, the fund sources, the transfer mode and the like are audited through preset fund flow auditing rules, so that the fund flow is effectively monitored, and the account safety and the transaction legitimacy are ensured.
In one possible implementation manner, the determining the operation request for at least one electronic account of the M electronic accounts if the M electronic accounts pass real-name authentication includes: receiving a transfer operation request of the user; and determining a transfer operation request for one of the M electronic accounts according to the using frequency of the M electronic accounts or a transfer sequence of the preset M electronic accounts. For example, when shopping, the user selects a certain fund account to pay, selects an account to pay preferentially according to a preset payment priority sequence or the use frequency of alternative fund accounts for a plurality of fund accounts of the user, and then performs subsequent payment verification and payment operation.
Step S205: and checking whether the operation request is valid or not according to the network card, the biological characteristics and the identity identification code of the requesting user.
Specifically, the authentication page of the network card is identified according to the identity identification code, whether the biological characteristics of the request user are matched with the biological characteristics stored by the network card is judged, and after the identification code is not wrong and is matched with the biological characteristics of the user, the operation request is verified to be effective, and the account content is changed. Taking a fund account as an example, during payment, a network identification code of a request operator for issuing a payment operation request and biological characteristics of the operator, such as fingerprint or voice of a user, are verified after the network identification code is scanned.
Step S206: and under the condition that the operation request is confirmed to be invalid, prohibiting the operation on the electronic account corresponding to the operation request.
Specifically, in the case that the operation request is confirmed to be invalid, the operation request is forbidden to operate the target electronic account; for example: in a funding scenario, when a user generates a funding violation, a corresponding asset account is frozen or a corresponding asset is cleared based on the net evidence information.
Step S207: and storing the network certificate of the user and the operation records of the M electronic accounts by using a blockchain technology.
Specifically, the information related to the network certificate of the user, the information of the M electronic accounts and one or more pieces of information are uploaded to a blockchain network. The information of the M electronic accounts includes information change conditions or change records of the M electronic accounts, and an operation record of the fund account is taken as an example, for example, a fund transfer-in record or a fund transfer-out record of the fund account.
In one possible implementation, the method further includes: evaluating the information security degree of the M electronic accounts by using the stored network certificate of the user and the operation records of the M electronic accounts; and under the condition that the information security degree of the M electronic accounts is low, updating the identification codes of the network certificates. For example, when the electronic account is a fund account, the circulation amount, the times and the time of funds in the account can be clearly known, and when an unknown transaction occurs, the account is judged to be at a certain risk; in the event that the account is at risk, a reminder may be given to the user. It can be understood that in the case that the account security is low, the identification code of the network certificate can be updated, the relevant biological characteristics of the user can be re-recorded, or other identification information can be added, so that the account can be prevented from being stolen by a third party.
By implementing the embodiment of the application, the electronic account (such as a fund account) under the user name is authenticated based on the legal and valid user network certificate; the user needs to verify the identity of the operator and the legitimacy of the operation for transferring in, transferring out or other operations of the fund account; meanwhile, a unified fund supervision channel is provided for fund management of M fund accounts, so that the safety of the fund is guaranteed, the flow direction of the fund is monitored, and the fund management is not influenced while the fund management is convenient for a user to use. The account management method based on the network certificate avoids complicated operation, effectively manages the electronic account of the user, and ensures the safety and high efficiency of the fund flow in the aspect of asset management.
In order to facilitate understanding of the embodiments of the present application, the following exemplary examples exemplify a scenario in which the network ticket-based account management method in the present application is applied, referring to fig. 3, fig. 3 is a network ticket-based account management application scenario provided in the embodiments of the present application, which may include the following scenarios:
firstly, counting the payment channels of the existing fund account, and opening a corresponding payment channel; secondly, all users of the fund account must pass through the network to confirm the name and establish binding relation with the network card; then, when the user pays, the user can choose the payment mode corresponding to the fund account to pay, and can choose to pay through the net certificate; when a user selects a payment mode of the payment channel, firstly, whether network card information is bound or not needs to be checked, if the binding check is allowed for legal payment of the network card, the payment information needs to be recorded in the network card after the payment is successful; when the user selects the network card to pay directly, checking whether the network card pays legal payment or not, and if so, supporting to choose to call the fund account information deduction corresponding to the user; when the user uses the network card for the first time, a default deduction sequence of an account is set, and when payment is carried out, the deduction is carried out sequentially downwards according to the corresponding account sequence, and after the payment is successful, the payment running water information is recorded in the network card.
When receiving the transfer-in asset of the user, the funds management mechanism, the payment mechanism, the bank and the like must record the funds in the network certificate, otherwise, the user can regard as invalid asset when using the asset, and the user can record other assets such as other fixed assets of the funds in the network certificate; when the user generates fund violation, the net evidence asset can be frozen immediately, the flow of the asset is limited, or the asset is cleared directly; when the user needs to show the asset certification in some scenes, the network certification information can be directly shown for scanning codes, and asset certification and running printing are not needed to be carried out to each asset management mechanism. The use flow of the common user and the asset management mechanism is as follows: 1) All the related institutions of the assets need to clear the existing user assets and record the existing assets into the net evidence; 2) A company with a payment channel needs to open an external payment channel to facilitate the network card to be called when the same payment is carried out, and records flow information into the network card when the own payment is carried out; 3) All institutions related to the assets need to record the fund flowing water of the user into the net certificate after receiving the user information, and the net certificate is convenient to record and analyze the fund flowing direction.
It can be understood that when the user uses for the first time, or obtains all the asset lists of the user, the user opens a payment channel after confirming the authorization, and the user is required to set a default payment sequence; once the user binds the network certificate and the M accounts, the user can bind the network certificate to any platform of a third party, and the user can conveniently use the network certificate on the platform of the third party.
It can be appreciated that the above application scenarios are merely exemplary implementations in the embodiments of the present application, and the application scenarios in the embodiments of the present application include, but are not limited to, the above application scenarios.
The foregoing details of one method embodiment of the embodiments of the present application, and the following provides a related apparatus corresponding to the method in the embodiment of the present application.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an account management device based on a network certificate according to an embodiment of the present application. The network card-based account management device 30 may include: the authentication unit 301, the confirmation unit 302, the verification unit 303, the restriction unit 304, the statistics unit 305, the storage unit 306, the supervision unit 307, the auditing unit 308, and the selection unit 309, and optional units may include the statistics unit 305, the storage unit 306, the supervision unit 307, the auditing unit 308, and the selection unit 309.
An authentication unit 301, configured to authenticate M electronic accounts of a user according to a network authentication name of the user, where M is an integer greater than 0, and the network authentication includes a biometric feature and an identity code of the user, and is used for identity recognition of the user;
a confirmation unit 302, configured to determine an operation request for at least one of the M electronic accounts, where the M electronic accounts pass real-name authentication, and the operation request includes a biometric feature and an identification code of a requesting user;
a verification unit 303, configured to verify the validity of the operation request according to the network certificate and the biometric feature and the identity of the requesting user;
and a limiting unit 304 for prohibiting the operation of the electronic account corresponding to the operation request when the operation request is confirmed to be invalid.
In one possible implementation, the apparatus further includes:
a statistics unit 305, configured to obtain N electronic accounts of the user before the authentication unit is configured to authenticate M electronic accounts of the user according to the network certificate of the user, where N is an integer greater than M; and determining the M electronic accounts with the network verification name authentication function opened in the N electronic accounts.
In one possible implementation, the apparatus further includes:
and the storage unit 306 is used for storing the network certificate of the user and the operation records of the M electronic accounts by using a blockchain technology.
In one possible implementation, the apparatus further includes:
a supervision unit 307, configured to evaluate the information security degrees of the M electronic accounts by using the stored network credentials of the user and the operation records of the M electronic accounts; and under the condition that the information security degree of the M electronic accounts is low, updating the identification codes of the network certificates.
In one possible implementation, the operation request includes one or more of an account information acquisition request, a transfer operation request, and a funds transfer request for any one of the M electronic accounts.
In one possible implementation, the operation request includes a funds transfer request for any one of the M electronic accounts; the apparatus further comprises:
an auditing unit 308, configured to audit the fund source corresponding to the fund transfer request according to the auditing rule of the fund flow; and if the auditing result is illegal, intercepting the fund transfer request.
In one possible implementation manner, the determining the operation request for at least one electronic account of the M electronic accounts if the M electronic accounts pass real-name authentication includes:
a selection unit 309 for receiving a transfer operation request of the user; and determining a transfer operation request for one of the M electronic accounts according to the using frequency of the M electronic accounts or a transfer sequence of the preset M electronic accounts.
It should be noted that, the functions of the functional units of the network card-based account management apparatus 30 described in the embodiments of the present application may be referred to the related description of the network card-based account management method in the embodiment of the method described in fig. 2, which is not repeated herein. When the execution sequence of each unit is changed and the novelty and the innovativeness of the application are not affected, the execution sequence of each unit of the log uploading device is not limited.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a network card-based account management device provided in the embodiment of the present application, and as shown in fig. 4, the network card-based account management device 40 may be implemented in the structure in fig. 4, and the network card-based account management device 40 may include at least one storage unit 401, at least one communication unit 402, and at least one processing unit 403. In addition, the device may include common components such as an antenna, a power supply, etc., which are not described in detail herein.
The storage unit 401 may be, but is not limited to, a read-Only Memory (ROM) or other type of static storage device that can store static information and instructions, a random access Memory (random access Memory, RAM) or other type of dynamic storage device that can store information and instructions, or an electrically erasable programmable read-Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), a compact disc (Compact Disc Read-Only Memory) or other optical disc storage, optical disc storage (which may include compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory may be stand alone and coupled to the processor via a bus. The memory may also be integrated with the processor.
The communication component 402 may be for communicating with other devices or communication networks, such as an upgrade server, a key server, devices internal to the vehicle, etc.
The processing component 403 may be a general purpose Central Processing Unit (CPU), microprocessor, application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of the above program.
The processing unit 403 is configured to call the instructions stored in the storage unit 401 to perform the following operations:
authenticating M electronic accounts of a user according to a network authentication name of the user, wherein the network authentication comprises biological characteristics and an identity identification code of the user and is used for identifying the user, and M is an integer greater than 0; determining an operation request for at least one of the M electronic accounts under the condition that the real-name authentication of the M electronic accounts passes, wherein the operation request comprises the biological characteristics and the identity identification codes of the requesting user; checking whether the operation request is valid or not according to the network card, the biological characteristics and the identity of the requesting user; and under the condition that the operation request is confirmed to be invalid, prohibiting the operation on the electronic account corresponding to the operation request.
The embodiment of the application also provides a computer storage medium, wherein the computer storage medium can store a program, and the program can include part or all of the steps of any one of the above method embodiments when executed. Wherein the aforementioned computer storage medium may comprise: various media capable of storing program codes, such as a U disk, a removable hard disk, a magnetic disk, a compact disk, a Read-Only Memory (abbreviated as ROM), or a random access Memory (Random Access Memory, abbreviated as RAM), are provided.
The present application also provides a computer program, which may include instructions that, when executed by a computer, cause the computer to perform some or all of the steps including any one of the method embodiments described above.
In this application, the units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purposes of the embodiments of the present application.
In addition, each functional component in the embodiments of the present application may be integrated in one component, or each component may exist alone physically, or two or more components may be integrated in one component. The above-described integrated components may be implemented in hardware or in software functional units.
The integrated components, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application is essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
It should be understood that, in various embodiments of the present application, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic thereof, and should not constitute any limitation on the implementation process of the embodiments of the present application. Although the present application has been described herein in connection with various embodiments, other variations of the disclosed embodiments can be understood and effected by those skilled in the art in the course of the application, which embodiments claim.
Claims (7)
1. An account management method based on network credentials, comprising:
authenticating M electronic accounts of a user according to a network authentication name of the user, wherein the network authentication comprises biological characteristics and an identity identification code of the user and is used for identifying the user, and M is an integer greater than 0;
determining an operation request for at least one of the M electronic accounts under the condition that the real-name authentication of the M electronic accounts passes, wherein the operation request comprises the biological characteristics and the identity identification codes of the requesting user;
checking whether the operation request is valid or not according to the network card, the biological characteristics and the identity of the requesting user; comprising the following steps: identifying an authentication page entering the network card according to the identity identification code of the requesting user, judging whether the biological characteristics of the requesting user are matched with the biological characteristics stored by the network card, and checking that the operation request is valid after the identity identification code of the requesting user is correct and the biological characteristics of the user are matched;
under the condition that the operation request is confirmed to be invalid, the operation on the electronic account corresponding to the operation request is forbidden;
the method comprises the steps of storing a network certificate of a user and operation records of M electronic accounts by using a blockchain technology;
evaluating the information security degree of the M electronic accounts by using the stored network certificate of the user and the operation records of the M electronic accounts; under the condition that the information security degree of the M electronic accounts is low, updating the identification code of the network certificate or re-inputting the biological characteristics of the user or adding identification information;
the operation request comprises a funds transfer request for any one of the M electronic accounts; the method further comprises the steps of: and auditing the fund source corresponding to the fund transfer request according to the auditing rule of the fund flow, and intercepting the fund transfer request if the auditing result is illegal.
2. The method of claim 1, wherein prior to authenticating the M electronic accounts of the user based on the user's credentials, further comprising:
acquiring N electronic accounts of the user, wherein N is an integer greater than M;
and determining the M electronic accounts with the network verification name authentication function opened in the N electronic accounts.
3. The method of claim 1, wherein the operation request comprises one or more of an account information acquisition request, a transfer operation request, and a funds transfer request for any of the M electronic accounts.
4. A method according to any one of claims 1-3, wherein, in the case that the M electronic accounts are authenticated, determining an operation request for at least one of the M electronic accounts comprises:
receiving a transfer operation request of the user;
and determining a transfer operation request for one of the M electronic accounts according to the using frequency of the M electronic accounts or a transfer sequence of the preset M electronic accounts.
5. An account management device based on a network certificate, comprising:
an authentication unit, configured to authenticate M electronic accounts of a user according to a network authentication name of the user, where M is an integer greater than 0, and the network authentication includes a biometric feature and an identity identification code of the user, and is used for identity identification of the user;
a confirmation unit, configured to determine an operation request for at least one of the M electronic accounts, where the operation request includes a biometric feature and an identification code of a requesting user, when the M electronic accounts pass real-name authentication;
the verification unit is used for verifying the validity of the operation request according to the network certificate, the biological characteristics of the request user and the identity identification code; comprising the following steps: identifying an authentication page entering the network card according to the identity identification code of the requesting user, judging whether the biological characteristics of the requesting user are matched with the biological characteristics stored by the network card, and checking that the operation request is valid after the identity identification code of the requesting user is correct and the biological characteristics of the user are matched;
a limiting unit, configured to prohibit operation on an electronic account corresponding to the operation request when the operation request is confirmed to be invalid;
the storage unit is used for storing the network certificate of the user and the operation records of the M electronic accounts by using a blockchain technology;
the supervision unit is used for evaluating the information security degree of the M electronic accounts by using the stored network certificate of the user and the operation records of the M electronic accounts; under the condition that the information security degree of the M electronic accounts is low, updating the identification code of the network certificate or re-inputting the biological characteristics of the user or adding identification information;
the operation request comprises a funds transfer request for any one of the M electronic accounts; the apparatus further comprises: and the auditing unit is used for auditing the fund sources corresponding to the fund transfer request according to the auditing rules of fund flow, and intercepting the fund transfer request if the auditing result is illegal.
6. The account management device is characterized by comprising a storage part, a communication part and a processing part, wherein the storage part, the communication part and the processing part are connected with each other, the storage part is used for storing data processing codes, and the communication part is used for carrying out information interaction with external equipment; the processing means is configured to invoke program code to perform the method of any of the preceding claims 1-4.
7. A computer storage medium, characterized in that the computer storage medium stores a computer program which, when executed by a processor, implements the method of any of the preceding claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811632612.7A CN109741070B (en) | 2018-12-28 | 2018-12-28 | Account management method and device based on network certificate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811632612.7A CN109741070B (en) | 2018-12-28 | 2018-12-28 | Account management method and device based on network certificate |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109741070A CN109741070A (en) | 2019-05-10 |
| CN109741070B true CN109741070B (en) | 2024-01-05 |
Family
ID=66362186
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811632612.7A Active CN109741070B (en) | 2018-12-28 | 2018-12-28 | Account management method and device based on network certificate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109741070B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110971670B (en) * | 2019-11-12 | 2022-10-25 | 广州大白互联网科技有限公司 | Network certificate calling method and device based on network certificate platform and storage medium |
| CN111126986B (en) * | 2019-11-25 | 2023-06-30 | 泰康保险集团股份有限公司 | Data processing method and device based on electronic wallet |
| CN112926969B (en) * | 2021-02-07 | 2022-07-05 | 新大陆(福建)公共服务有限公司 | Payment method and device based on trusted digital identity two-dimensional code |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001050428A1 (en) * | 2000-01-05 | 2001-07-12 | Colin Mitchell | Method and apparatus for authenticating financial transactions |
| CN102509394A (en) * | 2011-11-01 | 2012-06-20 | 卢清伟 | Multi-account management system based on IC (identification card) and identification password combined login |
| CN105812375A (en) * | 2016-03-31 | 2016-07-27 | 中国银联股份有限公司 | Payment authentication device and payment authentication method |
| CN106296199A (en) * | 2016-07-12 | 2017-01-04 | 刘洪文 | Payment based on living things feature recognition and identity authorization system |
| CN107066893A (en) * | 2017-02-28 | 2017-08-18 | 腾讯科技(深圳)有限公司 | The treating method and apparatus of accounts information in block chain |
| CN107292619A (en) * | 2017-06-07 | 2017-10-24 | 北京矩阵魔方网络科技有限公司 | A kind of identity-based confirms existing finance account unified management, the system of aggregate payment and its technical method |
| EP3236403A2 (en) * | 2016-04-22 | 2017-10-25 | Sony Corporation | Client, server, method and identity verification system |
| CN107464121A (en) * | 2017-07-11 | 2017-12-12 | 阿里巴巴集团控股有限公司 | Electronic account is reported the loss, solves extension, business management method, device and equipment |
| CN108734471A (en) * | 2018-05-15 | 2018-11-02 | 惠龙易通国际物流股份有限公司 | Identity identifying method, device, system and storage medium in mobile-payment system |
| CN109087091A (en) * | 2018-06-29 | 2018-12-25 | 北京东方英卡数字信息技术有限公司 | A kind of account trading security system and method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110184840A1 (en) * | 2010-01-27 | 2011-07-28 | Ebay Inc. | Systems and methods for facilitating account verification over a network |
| KR20180013524A (en) * | 2016-07-29 | 2018-02-07 | 삼성전자주식회사 | Electronic device and method for authenticating biometric information |
-
2018
- 2018-12-28 CN CN201811632612.7A patent/CN109741070B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001050428A1 (en) * | 2000-01-05 | 2001-07-12 | Colin Mitchell | Method and apparatus for authenticating financial transactions |
| CN102509394A (en) * | 2011-11-01 | 2012-06-20 | 卢清伟 | Multi-account management system based on IC (identification card) and identification password combined login |
| CN105812375A (en) * | 2016-03-31 | 2016-07-27 | 中国银联股份有限公司 | Payment authentication device and payment authentication method |
| EP3236403A2 (en) * | 2016-04-22 | 2017-10-25 | Sony Corporation | Client, server, method and identity verification system |
| CN106296199A (en) * | 2016-07-12 | 2017-01-04 | 刘洪文 | Payment based on living things feature recognition and identity authorization system |
| CN107066893A (en) * | 2017-02-28 | 2017-08-18 | 腾讯科技(深圳)有限公司 | The treating method and apparatus of accounts information in block chain |
| CN107292619A (en) * | 2017-06-07 | 2017-10-24 | 北京矩阵魔方网络科技有限公司 | A kind of identity-based confirms existing finance account unified management, the system of aggregate payment and its technical method |
| CN107464121A (en) * | 2017-07-11 | 2017-12-12 | 阿里巴巴集团控股有限公司 | Electronic account is reported the loss, solves extension, business management method, device and equipment |
| CN108734471A (en) * | 2018-05-15 | 2018-11-02 | 惠龙易通国际物流股份有限公司 | Identity identifying method, device, system and storage medium in mobile-payment system |
| CN109087091A (en) * | 2018-06-29 | 2018-12-25 | 北京东方英卡数字信息技术有限公司 | A kind of account trading security system and method |
Non-Patent Citations (1)
| Title |
|---|
| 电网核心业务可信身份认证多场景应用研究;王佩光;范叶平;李玉;杨德胜;;微型电脑应用(12);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109741070A (en) | 2019-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11556926B2 (en) | Method for approving use of card by using blockchain-based token id and server using method | |
| KR102044747B1 (en) | Method for providing user authentication service based on blockchain | |
| US8180686B2 (en) | Multi-step authentication-based electronic payment method using mobile terminal | |
| US20040015437A1 (en) | System for providing information using medium indicative of effective term and authorization of charged internet site and settling accounts for use of provided information | |
| US20100268649A1 (en) | Method and Apparatus for Electronic Ticket Processing | |
| CN112037068A (en) | Resource transfer method, system, device, computer equipment and storage medium | |
| US20100262506A1 (en) | Mobile content delivery on a mobile network | |
| CN109741070B (en) | Account management method and device based on network certificate | |
| CN104899741B (en) | A kind of on-line payment method and on-line payment system based on IC bank card | |
| CN110084586B (en) | Mobile terminal secure payment system and method | |
| EP1176844A2 (en) | Telecommunication systems and methods | |
| KR20200016157A (en) | System and method for processing card payment based on block-chain | |
| Nambiar et al. | M-payment solutions and m-commerce fraud management | |
| KR20140028241A (en) | Method and apparatus of payment certification | |
| US11783415B2 (en) | Method for providing services requiring private information using access rights in distributed network and recording medium for performing the method | |
| KR101697432B1 (en) | Method for certifying of financial transaction using location information | |
| TW201907688A (en) | Systems, devices, and methods for performing verification of communications received from one or more computing devices | |
| KR101936941B1 (en) | Electronic approval system, method, and program using biometric authentication | |
| KR101309835B1 (en) | A system for total financial transaction | |
| KR20210017308A (en) | Method for providing secondary authentication service using device registration and distributed storage of data | |
| JP2006215699A (en) | Authentication apparatus, authentication system, authentication support system and function card | |
| Raghavendra et al. | An emphasis of digital wallets for E-commerce transactions | |
| KR101918553B1 (en) | Agent authentication method and apparatus | |
| CN103402141A (en) | Ukey-based secure television payment method | |
| Vazquez Torralba | Security Analysis of Mobile Payments: Direct Carrier Billing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |