CN110247898B - Identity verification method, identity verification device, identity verification medium and electronic equipment - Google Patents

Identity verification method, identity verification device, identity verification medium and electronic equipment Download PDF

Info

Publication number
CN110247898B
CN110247898B CN201910434967.3A CN201910434967A CN110247898B CN 110247898 B CN110247898 B CN 110247898B CN 201910434967 A CN201910434967 A CN 201910434967A CN 110247898 B CN110247898 B CN 110247898B
Authority
CN
China
Prior art keywords
identity
authentication
user
camera
video
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910434967.3A
Other languages
Chinese (zh)
Other versions
CN110247898A (en
Inventor
蒋旭昂
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Puhui Enterprise Management Co Ltd
Original Assignee
Ping An Puhui Enterprise Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Puhui Enterprise Management Co Ltd filed Critical Ping An Puhui Enterprise Management Co Ltd
Priority to CN201910434967.3A priority Critical patent/CN110247898B/en
Publication of CN110247898A publication Critical patent/CN110247898A/en
Priority to PCT/CN2019/117696 priority patent/WO2020233009A1/en
Application granted granted Critical
Publication of CN110247898B publication Critical patent/CN110247898B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Abstract

The invention relates to the field of face recognition, and discloses an identity authentication method, an identity authentication device, an identity authentication medium and electronic equipment. The method comprises the following steps: when receiving an authentication request of a user side, returning protocol information to the user side; when receiving an instruction of receiving protocol information, acquiring a pixel value of a camera at a user terminal; determining the total time of the video and whether to start double identity authentication according to the pixel value of the camera; instructing a camera of a user side to record a video with the total time length in the background according to a preset rule as authentication information, wherein when the double authentication is determined to be started, the acquired double authentication information received by the user side according to the instruction is used as the authentication information; receiving identity document information of a user side; and determining that the identity of the user is legal based on the identity verification information and the identity document information. Under the method, the safety of the identity authentication is improved, and the balance between the safety of the identity authentication and the resource consumption during the identity authentication is realized.

Description

Identity verification method, identity verification device, identity verification medium and electronic equipment
Technical Field
The present invention relates to the field of face recognition technologies, and in particular, to an identity authentication method, an identity authentication device, an identity authentication medium, and an electronic device.
Background
User identity validity verification is one of indispensable links in many network services, and therefore, the user identity validity verification is the key point in the field of network security.
In the prior art, when a user uses software running on a terminal, for example, an App (Application program) or an applet on a mobile phone terminal to perform operations such as requesting to open a specific service, the user identity is often verified in a fingerprint or signature manner, but in this manner, the accuracy of identifying the user identity is low, and the risk is high; in addition, the user identity can be verified by calling a camera of the terminal, for example, a front-facing camera of a mobile phone performs face recognition on the user, so as to verify whether the user identity is legal, and in this way, resources such as storage and bandwidth consumed by video recording are more, and the cost is higher.
Disclosure of Invention
In order to solve or at least partially solve the technical problems, the invention aims to provide an identity authentication method, an identity authentication device, an identity authentication medium and an electronic device.
According to an aspect of the present application, there is provided an identity verification method, the method including:
when an authentication request from a user side is received, returning protocol information containing a user authentication means to the user side, wherein the user authentication means in the protocol information comprises video;
responding to a command of receiving the protocol information from the user side, and acquiring a pixel value of a camera of the user side;
determining the total time of the video and whether to start double identity authentication according to the pixel value of the camera;
under the condition that double-identity authentication is determined to be started, a camera of the user side is indicated to record a video with the total time length in the background according to a preset rule, the user side is indicated to receive double-identity authentication information from a user, and the identity authentication video and the double-identity authentication information returned by the user side are obtained and serve as identity authentication information;
under the condition that double authentication is not started, indicating a camera of the user side to record a video with the total time length in the background according to a preset rule to obtain an authentication video returned by the user side as authentication information;
receiving identity document information uploaded by the user side;
and determining that the identity of the user is legal based on the identity authentication information and the identity document information.
According to another aspect of the present application, there is provided an authentication apparatus, the apparatus comprising:
the system comprises a returning module, a receiving module and a processing module, wherein the returning module is configured to return protocol information containing user authentication means to a user terminal when receiving an authentication request from the user terminal;
the acquisition module is configured to respond to an instruction of accepting the protocol information from the user terminal and acquire a pixel value of a camera of the user terminal;
the first determination module is configured to determine the total time of the video and whether to start double identity authentication according to the pixel value of the camera;
the indication module is configured to indicate a camera of the user side to record a video with the total time length in the background according to a preset rule under the condition that the double-identity authentication is determined to be started, and indicate the user side to receive double-identity authentication information from a user, so that the identity authentication video and the double-identity authentication information returned by the user side are obtained and serve as identity authentication information; and
under the condition that double authentication is not started, indicating a camera of the user side to record a video with the total time length in the background according to a preset rule to obtain an authentication video returned by the user side as authentication information;
the receiving module is configured to receive the identity document information uploaded by the user side;
a second determination module configured to determine that the identity of the user is legitimate based on the authentication information and the identity document information.
According to another aspect of the present application, there is provided a computer readable program medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method as previously described.
According to another aspect of the present application, there is provided an electronic device including:
a processor;
a memory having computer readable instructions stored thereon which, when executed by the processor, implement the method as previously described.
The technical scheme provided by the embodiment of the invention can have the following beneficial effects:
for the identity authentication method provided by the invention, the method comprises the following steps: when an authentication request from a user side is received, returning protocol information containing a user authentication means to the user side, wherein the user authentication means in the protocol information comprises video; responding to a command of receiving the protocol information from the user side, and acquiring a pixel value of a camera of the user side; determining the total time of the video and whether to start double identity authentication according to the pixel value of the camera; under the condition that double-identity authentication is determined to be started, a camera of the user side is indicated to record a video with the total time length in the background according to a preset rule, the user side is indicated to receive double-identity authentication information from a user, and the identity authentication video and the double-identity authentication information returned by the user side are obtained and serve as identity authentication information; under the condition that double authentication is not started, indicating a camera of the user side to record a video with the total time length in the background according to a preset rule to obtain an authentication video returned by the user side as authentication information; receiving identity document information uploaded by the user side; and determining that the identity of the user is legal based on the identity authentication information and the identity document information.
Under the method, the video recording mode is used for identity authentication, so that the security of the identity authentication is improved, and meanwhile, the total time of the video recording and whether the action of double identity authentication is started or not are determined according to the pixel value of the camera, so that the balance between the security of the identity authentication and the resource consumption during the identity authentication is realized.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a schematic diagram illustrating an application scenario of an authentication method according to an exemplary embodiment;
FIG. 2 is a flow chart illustrating a method of identity verification in accordance with an exemplary embodiment;
FIG. 3 is a flowchart detailing step 230 according to one embodiment shown in a corresponding embodiment in FIG. 2;
FIG. 4 is a flow diagram illustrating one embodiment of predetermined rules in accordance with the corresponding embodiment of FIG. 2;
FIG. 5 is a flowchart detailing step 270 according to one embodiment shown in a corresponding embodiment in FIG. 2;
FIG. 6 is a block diagram illustrating an authentication device in accordance with an exemplary embodiment;
FIG. 7 is a block diagram illustrating an example of an electronic device for implementing the above-described authentication method in accordance with one illustrative embodiment;
fig. 8 is a computer-readable storage medium for implementing the above-described authentication method according to an exemplary embodiment.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present invention. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the invention, as detailed in the appended claims.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities.
The present disclosure first provides an authentication method. Authentication here means that the validity of the identity information provided by the user is checked to determine whether the identity information of the user is authentic or not. The method can be fixed to various terminals, such as a server, a physical infrastructure of cloud computing, a smart phone, a tablet computer, a desktop computer, a notebook computer, an iPad, a self-service terminal and any other terminal which has an operation processing function and can communicate with external equipment.
Fig. 1 is a schematic diagram illustrating an application scenario of an authentication method according to an exemplary embodiment. As shown in fig. 1, a mobile terminal, i.e., a smartphone 110, of a user and an implementing terminal, i.e., a server 120, of the present disclosure are included. The server 120 is connected to the smart phone 110 via a communication link formed by a cellular network, a backbone network, and other network facilities, so as to complete data and information transmission. The architecture between the smart phone 110 and the Server 120 may be a C/S (Client/Server) architecture or a B/S (browser/Server) architecture. When a user accesses the server 120 by using a browser or App (Application program) installed on the smartphone 110, if some services provided by the server 120 (such as payment, money transfer, and the like) are to be used, authentication may need to be performed to ensure that a user account is not stolen or to determine that the user is qualified to use a specific service, common authentication methods may be online signature, fingerprint authentication, video authentication, and the like, which all require the user to submit information for authenticating the user to the server 120 by using the smartphone 110, for example, video authentication requires the user to record a video of the user himself using the smartphone 110 and then upload the video to the server 120.
Fig. 2 is a flow chart illustrating a method of authentication according to an example embodiment. As shown in fig. 2, the method comprises the following steps:
step 210, when receiving an authentication request from a user terminal, returning protocol information including a user authentication means to the user terminal.
Wherein, the user identity authentication means in the protocol information comprises video recording.
The protocol information and the user identity authentication means contained in the protocol information are text information recorded in the form of characters, symbols and the like.
The authentication request is an internet request sent by the user terminal to the local terminal, and may be a request based on various internet protocols, for example, a request under the HTTP/HTTPs protocol.
In one embodiment, the receiving an authentication request from a user side includes a service identifier, and when the authentication request from the user side is received, returning protocol information including a user authentication means to the user side includes:
when an authentication request from a user side is received, acquiring a service identifier contained in the authentication request;
acquiring a user identity authentication means corresponding to a service identifier by using a preset corresponding relation table of the service identifier and the user identity authentication means;
under the condition that the obtained user identity authentication means corresponding to the service identification comprises a video, adding the user identity authentication means into a preset protocol information template to obtain protocol information comprising the user identity authentication means;
and returning the protocol information containing the user authentication means to the user terminal.
In one embodiment, the specific way to return the protocol information containing the user authentication means to the user terminal is to return a page recording the protocol information containing the user authentication means to the user terminal, such as a Web page written in HTML 5.
In one embodiment, the specific way to return the protocol information including the user authentication means to the user side is to return a webpage recording the protocol information, in which a link pointing to the protocol information is recorded, to the user side, and when the user clicks the link at the user side, the webpage recording the protocol information including the user authentication means can be accessed.
Step 220, in response to receiving the instruction of accepting the protocol information from the user side, obtaining a pixel value of the camera of the user side.
In one embodiment, the action of the user accepting the protocol information at the user terminal triggers the sending of an instruction for accepting the protocol information to the local terminal.
For example, when the user receives the protocol information at the user side, the user may click a control such as a button; when the local terminal monitors the action of the corresponding control, the action is equivalent to obtaining the instruction for receiving the protocol information from the user terminal.
In one embodiment, a user communicates with the home terminal through an application installed at a user terminal, and when receiving an instruction from the user terminal to receive the protocol information, the application is triggered to read pixel values of a camera at the user terminal and return the pixel values to the home terminal.
For example, the system at the user side provides a camera.getparameters () interface, which provides a way to obtain the camera parameters of the device, and the application installed at the user side includes an instruction to call the interface, and when receiving the instruction from the user side to receive the protocol information, the instruction to call the interface is executed, so as to obtain the camera parameters of the device returned by the interface, where the camera parameters include the pixel values of the camera.
In one embodiment, a user communicates with a home terminal through an application installed at a user terminal, when the user terminal installs the application, the user terminal sends an identifier of the user terminal and a pixel value of a camera to the home terminal, and the home terminal correspondingly stores the identifier of the user terminal and the pixel value of the camera in a database, each instruction received by the home terminal from the user terminal carries the identifier of the user terminal, and the acquiring of the pixel value of the camera of the user terminal in response to receiving the instruction from the user terminal for accepting the protocol information includes:
responding to a received instruction for accepting the protocol information from the user side, and acquiring an identifier of the user side in the instruction;
and querying the database to obtain the pixel value of the camera stored corresponding to the identifier of the user side.
In one embodiment, a user communicates with a home terminal through an application installed at a user terminal, and when receiving an instruction from the user terminal to receive the protocol information, the application is triggered to read a model of the user terminal and return the model to the home terminal, and the obtaining a pixel value of a camera at the user terminal includes:
when the model of the user side is obtained, the camera pixel value corresponding to the model of the user side is obtained through a preset corresponding relation table of the model of the user side and the camera pixel value and is used as the pixel value of the camera of the user side.
In one embodiment, the user communicates with the local terminal through an application installed at the user terminal, the application can read file information stored at the user terminal, and the obtaining the pixel value of the camera at the user terminal in response to receiving the instruction of accepting the protocol information from the user terminal includes: responding to a received instruction for accepting the protocol information from the user side, and acquiring a request of the resolution of the photo stored in the user side from the user side; receiving the resolution of the stored photos returned by the user side; and determining the pixel value of the camera of the user side according to the resolution.
For example, if the resolution of the received photo is 3000 × 4000, it may be determined that the pixel value of the camera at the user end is 1200 ten thousand pixels.
And step 230, determining the total time of the video and whether to start double-identity authentication according to the pixel value of the camera.
The double authentication is an additional authentication mode based on video recording.
In one embodiment, the dual authentication is: and sending prompt voice indication information to the user side to indicate the user of the user side to make a preset action.
For example, the predetermined action may be opening the mouth, blinking, nodding, etc.
In one embodiment, step 230 is specifically performed by:
determining the total recording time based on the pixel value of the camera and the following formula:
Figure BDA0002070242680000071
wherein, ToutFor the determined total duration of the video, P is the pixel value of the camera, PrefFor a first predetermined camera pixel reference value, Tref1Is a first predetermined time period, Tref2Is a second predetermined time period, wherein Tref2Less than or equal to Tref1
Determining not to start dual authentication when P is larger than or equal to a second preset camera pixel reference value, wherein the second preset camera pixel reference value is smaller than the first preset camera pixel reference value;
and determining to start double-authentication under the condition that the P is smaller than a second preset camera pixel reference value.
On one hand, when the pixel value of the camera is smaller than or equal to the preset camera pixel reference value, the video recording duration and the camera pixel value are in an inverse proportion relation, namely the smaller the camera pixel value is, the higher the determined total video recording duration is, and for different camera pixel values, the obtained total video recording duration is different, so that the identity verification video containing more information can be obtained by improving the total video recording duration when the camera pixel value is smaller, and the reliability and the safety of identity verification are ensured; on the other hand, under the condition that the pixel value of the camera exceeds the preset camera pixel reference value, the determined total time of the video is kept at the fixed value, the reliability of the identity authentication can be guaranteed, meanwhile, the total time of the video is small enough, the consumption of resources such as bandwidth and storage space can be reduced, in addition, under the condition that the pixel value of the camera is low enough, namely under the condition that the definition of the identity video shot by the camera cannot meet the requirement of the security authentication, the dual-authentication is started, and the security of the identity authentication can be improved to a certain extent.
Referring to fig. 3, a detailed flowchart of step 230 of an embodiment is shown, which specifically includes the following steps:
and 231, taking the preset first time length as the total time length of the video and determining not to start double-identity authentication under the condition that the pixel value of the camera reaches the first preset pixel value threshold value.
The first time period may be any time period, such as 10 minutes.
Step 232, under the condition that the pixel value of the camera is smaller than the first predetermined pixel value threshold and greater than or equal to the second predetermined pixel value threshold, taking the preset second time length as the total time length of the video and determining that the double-identity authentication is not started.
Wherein the second duration is greater than the first duration.
And 233, taking a preset third time length as the total time length of the video and determining to start the double-identity authentication when the pixel value of the camera is smaller than a second preset pixel value threshold, wherein the third time length is larger than the second time length.
Wherein the third duration is greater than the second duration.
From this embodiment, it can be seen that: the size relation selected as the total duration of the video is as follows: the third duration is greater than the second duration and greater than the first duration, and the size relationship of the camera pixel values corresponding to the total duration selected as the video is that the third duration is less than the second duration and less than the first duration, so that the total duration of the selected video is shorter and shorter as the obtained camera pixel values of the user side are increased.
Therefore, the embodiment has the advantages that the preset pixel value threshold is used for distinguishing the video recording time, so that the fact that when the pixel value of the camera is low, the video recording time can be prolonged to obtain the authentication video containing more information is guaranteed, meanwhile, under the condition that the pixel value of the camera is small, double authentication is started, and the reliability and the safety of the authentication are guaranteed.
Step 240, under the condition that the double-authentication is determined to be started, according to a preset rule, instructing a camera of the user side to record a video with the total time length in the background, and instructing the user side to receive double-authentication information from the user, so as to obtain the authentication video and the double-authentication information returned by the user side as authentication information.
In one embodiment, the user side is a smart phone, and the camera of the user side is a front camera.
In one embodiment, the dual authentication information is action information received by the user side and fused into the authentication video according to an instruction, the instruction is given to the camera of the user side to record a video with a duration of the total duration in the background according to a predetermined rule, and the instruction is given to the user side to receive the dual authentication information from the user, so as to obtain the authentication video and the dual authentication information returned by the user side as authentication information, and the method includes: and according to a preset rule, indicating a camera of the user side to record a video with the total time length in the background, indicating the user side to receive double authentication information from the user, and acquiring an authentication video containing the double authentication information returned by the user side in a video streaming manner to serve as the authentication information.
The embodiment has the advantages that the data of the authentication video and the double authentication information are combined together for receiving, so that the two items of data are prevented from being received independently, and the resource consumption is reduced.
In an embodiment, the manner of receiving the authentication video returned by the user side is to receive the entire authentication video obtained by the video returned by the user side after the video recording of the camera of the user side is finished.
The preset rule is a mode for indicating a camera of the user side to record videos in the background.
In one embodiment, the predetermined rules include:
acquiring current time and two random numbers;
determining a larger random number from the two random numbers as a first random number, and taking a smaller random number as a second random number;
and from the current time, indicating a camera of the user side to record the video with the second number being the difference value of the first random number and the second random number every second time period of the first random number until the total length of the recorded video reaches the total length.
The method and the device have the advantages that under the condition that the user side starts the camera to record the video by randomly selecting a time to indicate, the random time is selected to finish the video recording, so that the possibility of screen recording cheating caused by the fact that the user grasps the video recording starting time in advance can be further reduced, the authenticity of the acquired authentication video is further improved, and the legality and the safety of the authentication are improved.
In one embodiment, the obtaining the current time and the two random numbers includes:
acquiring the current time and randomly selecting a random number;
another random number is acquired in a range in which an absolute value of a difference from the random number is larger than a first predetermined random number threshold.
The advantage of this embodiment is that, the distance between two random numbers is limited to ensure that the distance between two random numbers is large enough, so that the video recording time for starting the camera to record continuously, which is obtained according to the two random numbers, is large enough, thereby ensuring the reliability and safety of the obtained video to a certain extent.
In one embodiment, the predetermined rules include:
responding to a received instruction for accepting the protocol information from the user side, and acquiring current time and two random numbers, wherein the two random numbers are integers smaller than a second preset random number threshold value;
taking any random number from the two random numbers as a third random number, and taking the other random number as a fourth random number;
from the current time, instructing a camera of the user side to record a video in a time period with the second number being the fourth random number every second time period with the time period being the third random number until the length of the recorded video reaches the duration;
and taking the video obtained by the user side in the time period corresponding to all the fourth random numbers as an authentication video.
The method has the advantage that the credibility of the acquired authentication video is improved because the recording time interval and the recording time length of the authentication video are random.
And 250, under the condition that the double-authentication is not started, indicating a camera of the user side to record the video with the total time length in the background according to a preset rule to obtain the authentication video returned by the user side as authentication information.
Since the double authentication does not need to be started, only the authentication video returned by the user side can be used as the authentication information, wherein the manner used in this step for instructing the camera of the user side to record the video may be the same as or different from the specific implementation manner of the predetermined rule, and is not described herein again.
And step 260, receiving the identity document information uploaded by the user side.
The identity document information uploaded by the user can be various information which can determine the face image of the user, such as a front photo of a resident identity card or a photo of a passport.
Step 270, determining that the identity of the user is legal based on the identity verification information and the identity document information.
In one embodiment, the specific steps of step 270 are shown in fig. 5, and step 270 specifically includes the following steps:
step 271, verifying whether the identity of the user is legal based on the double authentication information, if the authentication information includes the double authentication information.
In one embodiment, the double authentication information is a blinking motion, and the verifying whether the identity of the user is legal based on the double authentication information includes:
determining whether a time at which the dual authentication information from the user is received by the user terminal coincides with a time of the blinking motion;
if so, determining that the identity of the user is verified to be legal based on the double identity verification information;
if not, determining that the identity of the user is not verified based on the double authentication information.
And 272, if so, determining that the identity of the user is legal based on the identity verification video and the identity document information.
When the double authentication information of the user passes the authentication, the authentication is necessary for the authentication video.
Step 273, determining that the identity of the user is legal based on the authentication video and the identity document information under the condition that the authentication information does not contain double authentication information.
In one embodiment, the determining that the identity of the user is legitimate based on the authentication information and the identity document information includes: dividing the identity authentication video into frames to obtain a plurality of image frames; judging whether the number of image frames, of which the faces contained in the divided image frames are consistent with the faces in the identity document information, is greater than a preset image frame number threshold value or not; and if so, determining that the identity of the user is legal.
The manner of dividing the authentication video into image frames may be realized by calling tools such as Opencv, MATLAB, and the like.
In one embodiment, the determining that the identity of the user is legitimate based on the authentication information and the identity document information includes: dividing the identity authentication video into frames to obtain a plurality of image frames; judging whether the number of image frames with the faces consistent with the faces in the identity document information is larger than a preset image frame number threshold value or not in the divided image frames; and if so, determining that the identity of the user is legal.
In one embodiment, the determining whether the number of image frames in which a human face coincides with a human face in the identity document information is greater than a predetermined image frame number threshold in the divided image frames includes:
judging whether the face of each image frame is consistent with the face in the identity document information or not aiming at each image frame in the divided image frames;
acquiring the number of image frames recording the human faces consistent with the human faces in the identity document information;
determining whether the number is greater than a predetermined image frame number threshold.
The specific way of comparing whether the face of the image frame is consistent with the face in the identity document information can be performed by using a trained neural network model, for example, a convolutional neural network model can be used for comparing the faces; but also by calling an existing application programming interface.
The embodiment has the advantages that the validity of the identity verification video can be better ensured by judging the face comparison of all the image frames and then acquiring the number of the image frames recording the faces consistent with the faces in the identity document information.
In one embodiment, determining whether the number of image frames in which a face coincides with a face in the identity document information is greater than a predetermined image frame number threshold in the divided image frames includes:
starting from the divided first image frames, judging whether the face of each image frame is consistent with the face in the identity document information;
acquiring the number of image frames with the judged faces consistent with the faces in the identity document information;
and when the number is larger than a preset image frame number threshold value, finishing the judgment, and determining that the number of the image frames with the faces consistent with the faces in the identity document information in the divided image frames is larger than a preset image frame number threshold value.
In some cases, whether the number of image frames with the faces consistent with the faces in the identity document information in the divided image frames is larger than a preset image frame number threshold value or not can be confirmed without judging all the image frames, so that the efficiency of verifying the identity of the user is legal is improved to a certain extent, and the calculation cost is reduced.
In one embodiment, the determining that the identity of the user is legitimate based on the authentication video and the identity document information includes:
dividing the identity authentication video into frames to obtain a plurality of image frames; acquiring the number of image frames with the same face as the face in the identity document information as a first number; acquiring the number of all divided image frames as a second number; determining a ratio of the first number to the second number; and if the ratio is larger than a preset ratio threshold, determining that the identity of the user is legal.
The image frames obtained by dividing different identity verification videos are different in number due to different screen recording time and other factors, and the embodiment has the advantages that the relative size relation between the number of the image frames with the same face as the face in the identity document information and the number of all the image frames is used as a standard for determining the identity of the user to be legal, so that the reasonability and the accuracy in identity verification are improved.
In one embodiment, the determining that the identity of the user is legitimate based on the authentication video and the identity document information includes:
dividing the identity authentication video into frames to obtain a plurality of image frames;
randomly selecting a random number within a range smaller than a preset fifth random number threshold value as a fifth random number, and randomly selecting a random number within a range smaller than a preset sixth random number threshold value as a sixth random number;
extracting an image frame ordered as the fifth random number from among a plurality of image frames ordered in terms of time;
acquiring an image frame every other image frames with the number of the sixth random number from the image frames with the sequence of the fifth random number;
and determining that the identity of the user is legal under the condition that the faces in all the extracted image frames are consistent with the faces in the identity document information.
The method has the advantages that whether the user identity is legal or not is verified by extracting the image frames in a random sampling mode, the calculated amount is reduced, the efficiency of verifying the identity of the user is improved, and meanwhile, the safety of the identity verification can be guaranteed because the process of extracting the image frames is completely performed at random.
Fig. 4 is a flow chart of a predetermined rule according to one embodiment shown in a corresponding embodiment of fig. 2. As shown in fig. 4, the method comprises the following steps:
at step 410, the current time and a random number are obtained.
In one embodiment, the random number is acquired within a predetermined range. For example, the predetermined range may be [0,100 ].
And step 420, calculating the sum of the current time and the time period of which the second number is the random number, and taking the sum as the time for starting the camera of the user end to record the video.
For example, the current time is 20:18:09, the obtained random number is 85, and since 85 is 00:01:25, the obtained time 20:19:34 for starting the camera of the user end to record is obtained.
Step 430, when the current time reaches the time for starting the camera of the user side to record, indicating the camera of the user side to record with the time length being the total time length so as to obtain an authentication video.
The advantage of this embodiment is that the time for instructing the camera at the user end to start recording is determined according to the random number, so the time for instructing the camera at the user end to start recording is random. The method has the advantages that screen recording cheating behaviors caused by the fact that a user grasps the video recording starting time in advance, such as illegal behaviors of medium replacing authentication or other people performing fake authentication, are avoided, and the authenticity of the acquired authentication video is improved.
The present disclosure also provides an authentication apparatus, and the following is an apparatus embodiment of the present invention.
Fig. 6 is a block diagram illustrating an authentication device according to an example embodiment. As shown in fig. 6, the authentication apparatus 600 includes:
the returning module 610 is configured to return protocol information including a user authentication means to the user terminal when receiving an authentication request from the user terminal.
An obtaining module 620 configured to obtain the pixel value of the camera of the user terminal in response to receiving the instruction of accepting the protocol information from the user terminal.
The first determination module 630 is configured to determine the total duration of the video recording and whether to initiate double authentication according to the pixel value of the camera.
The indicating module 640 is configured to indicate, according to a predetermined rule, a camera of the user side to record a video with a total time length in the background under the condition that it is determined that double authentication is started, and indicate the user side to receive double authentication information from a user, so as to obtain an authentication video and the double authentication information returned by the user side as authentication information; and
and under the condition that double authentication is not started, indicating a camera of the user side to record a video with the total time length in the background according to a preset rule to obtain an authentication video returned by the user side as authentication information.
A receiving module 650 configured to receive the identity document information uploaded by the user terminal.
A second determination module 660 configured to determine that the identity of the user is legitimate based on the authentication information and the identity document information.
According to a third aspect of the present disclosure, an electronic device capable of implementing the above identity authentication method is also provided.
As will be appreciated by one skilled in the art, aspects of the present invention may be embodied as a system, method or program product. Thus, various aspects of the invention may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device 700 according to this embodiment of the invention is described below with reference to fig. 7. The electronic device 700 shown in fig. 7 is only an example and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 7, electronic device 700 is embodied in the form of a general purpose computing device. The components of the electronic device 700 may include, but are not limited to: the at least one processing unit 710, the at least one memory unit 720, and a bus 730 that couples various system components including the memory unit 720 and the processing unit 710.
Wherein the storage unit stores program code that can be executed by the processing unit 710 such that the processing unit 710 performs the steps according to various exemplary embodiments of the present invention described in the section "example methods" above in this specification.
The storage unit 720 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)721 and/or a cache memory unit 722, and may further include a read only memory unit (ROM) 723.
The memory unit 720 may also include programs/utilities 724 having a set (at least one) of program modules 725, such program modules 725 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 730 may be any representation of one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 700 may also communicate with one or more external devices 900 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 700, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 700 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 750. Also, the electronic device 700 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet) via the network adapter 760. As shown, the network adapter 760 communicates with the other modules of the electronic device 700 via the bus 730. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 700, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
According to a fourth aspect of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a program product capable of implementing the above-mentioned method of the present specification. In some possible embodiments, aspects of the invention may also be implemented in the form of a program product comprising program code means for causing a terminal device to carry out the steps according to various exemplary embodiments of the invention described in the above section "exemplary methods" of the present description, when said program product is run on the terminal device.
Referring to fig. 8, a program product 800 for implementing the above method according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited in this regard and, in the present document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
Furthermore, the above-described figures are merely schematic illustrations of processes involved in methods according to exemplary embodiments of the invention, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
It will be understood that the invention is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

Claims (10)

1. An identity verification method, the method comprising:
when an authentication request from a user side is received, returning protocol information containing a user authentication means to the user side, wherein the user authentication means in the protocol information comprises video;
responding to a command of receiving the protocol information from the user side, and acquiring a pixel value of a camera of the user side;
determining the total time of the video and whether to start double identity authentication according to the pixel value of the camera;
under the condition that double-identity authentication is determined to be started, a camera of the user side is indicated to record a video with the total time length in the background according to a preset rule, the user side is indicated to receive double-identity authentication information from a user, and the identity authentication video and the double-identity authentication information returned by the user side are obtained and serve as identity authentication information;
under the condition that double authentication is not started, indicating a camera of the user side to record a video with the total time length in the background according to a preset rule to obtain an authentication video returned by the user side as authentication information;
receiving identity document information uploaded by the user side;
and determining that the identity of the user is legal based on the identity authentication information and the identity document information.
2. The method of claim 1, wherein determining the total length of the recording and whether to initiate double authentication according to the pixel values of the camera comprises:
under the condition that the pixel value of the camera reaches a first preset pixel value threshold value, taking a preset first time length as the total time length of the video and determining not to start double-identity authentication;
under the condition that the pixel value of the camera is smaller than a first preset pixel value threshold value and larger than or equal to a second preset pixel value threshold value, taking preset second time as the total time of the video and determining that double-identity authentication is not started, wherein the second time is larger than the first time;
and under the condition that the pixel value of the camera is smaller than a second preset pixel value threshold value, taking preset third time as the total time of the video and determining to start the double-identity authentication, wherein the third time is longer than the second time.
3. The method of claim 1, wherein determining the total length of the recording and whether to initiate double authentication according to the pixel values of the camera comprises:
determining the total recording time based on the pixel value of the camera and the following formula:
Figure FDA0002070242670000021
wherein, ToutFor the determined total duration of the video, P is the pixel value of the camera, PrefFor a first predetermined camera pixel reference value, Tref1Is a first predetermined time period, Tref2Is a second predetermined time period, wherein Tref2Less than or equal to Tref1
Determining not to start dual authentication when P is larger than or equal to a second preset camera pixel reference value, wherein the second preset camera pixel reference value is smaller than the first preset camera pixel reference value;
and determining to start double-authentication under the condition that the P is smaller than a second preset camera pixel reference value.
4. The method of claim 1, wherein the predetermined rule comprises:
acquiring current time and a random number;
calculating the sum of the current time and the time period of which the second number is the random number, and taking the sum as the time for starting a camera of the user side to record the video;
and when the current time reaches the time for starting the camera of the user side to record, indicating the camera of the user side to record with the time length being the total time length so as to obtain an authentication video.
5. The method of claim 1, wherein the predetermined rule comprises:
acquiring current time and two random numbers;
determining a larger random number from the two random numbers as a first random number, and taking a smaller random number as a second random number;
and from the current time, indicating a camera of the user side to record the video with the second number being the difference value of the first random number and the second random number every second time period of the first random number until the total length of the recorded video reaches the total length.
6. The method of claim 1, wherein determining that the identity of the user is legitimate based on the authentication information and the identity document information comprises:
verifying whether the identity of the user is legal or not based on double identity verification information under the condition that the identity verification information contains double identity verification information;
if so, determining that the identity of the user is legal based on the identity verification video and the identity document information;
and under the condition that the identity authentication information does not contain double identity authentication information, determining that the identity of the user is legal based on the identity authentication video and the identity document information.
7. The method of claim 6, wherein determining that the identity of the user is legitimate based on the authentication information and the identity document information comprises:
dividing the identity authentication video into frames to obtain a plurality of image frames;
judging whether the number of image frames, of which the faces contained in the divided image frames are consistent with the faces in the identity document information, is greater than a preset image frame number threshold value or not;
and if so, determining that the identity of the user is legal.
8. An authentication apparatus, the apparatus comprising:
the system comprises a returning module, a receiving module and a processing module, wherein the returning module is configured to return protocol information containing user authentication means to a user terminal when receiving an authentication request from the user terminal;
the acquisition module is configured to respond to an instruction of accepting the protocol information from the user terminal and acquire a pixel value of a camera of the user terminal;
the first determination module is configured to determine the total time of the video and whether to start double identity authentication according to the pixel value of the camera;
the indication module is configured to indicate a camera of the user side to record a video with the total time length in the background according to a preset rule under the condition that the double-identity authentication is determined to be started, and indicate the user side to receive double-identity authentication information from a user, so that the identity authentication video and the double-identity authentication information returned by the user side are obtained and serve as identity authentication information; and
under the condition that double authentication is not started, indicating a camera of the user side to record a video with the total time length in the background according to a preset rule to obtain an authentication video returned by the user side as authentication information;
the receiving module is configured to receive the identity document information uploaded by the user side;
a second determination module configured to determine that the identity of the user is legitimate based on the authentication information and the identity document information.
9. A computer-readable program medium, characterized in that it stores computer program instructions which, when executed by a computer, cause the computer to perform the method according to any one of claims 1 to 7.
10. An electronic device, characterized in that the electronic device comprises:
a processor;
a memory having stored thereon computer readable instructions which, when executed by the processor, implement the method of any of claims 1 to 7.
CN201910434967.3A 2019-05-23 2019-05-23 Identity verification method, identity verification device, identity verification medium and electronic equipment Active CN110247898B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910434967.3A CN110247898B (en) 2019-05-23 2019-05-23 Identity verification method, identity verification device, identity verification medium and electronic equipment
PCT/CN2019/117696 WO2020233009A1 (en) 2019-05-23 2019-11-12 Identity authentication method and apparatus, computing device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910434967.3A CN110247898B (en) 2019-05-23 2019-05-23 Identity verification method, identity verification device, identity verification medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN110247898A CN110247898A (en) 2019-09-17
CN110247898B true CN110247898B (en) 2021-11-19

Family

ID=67884934

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910434967.3A Active CN110247898B (en) 2019-05-23 2019-05-23 Identity verification method, identity verification device, identity verification medium and electronic equipment

Country Status (2)

Country Link
CN (1) CN110247898B (en)
WO (1) WO2020233009A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110247898B (en) * 2019-05-23 2021-11-19 平安普惠企业管理有限公司 Identity verification method, identity verification device, identity verification medium and electronic equipment
CN113343850B (en) * 2021-06-07 2022-08-16 广州市奥威亚电子科技有限公司 Method, device, equipment and storage medium for checking video character information
CN114390323B (en) * 2022-01-04 2023-12-01 亿咖通(湖北)技术有限公司 Vehicle-mounted image transmission method and electronic equipment
CN114745521B (en) * 2022-04-06 2023-02-03 英才(广州)在线教育科技有限公司 Video recording device for novel remote online education

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105320950A (en) * 2015-11-23 2016-02-10 天津大学 A video human face living body detection method
CN105681316A (en) * 2016-02-02 2016-06-15 腾讯科技(深圳)有限公司 Identity verification method and device
CN105787428A (en) * 2016-01-08 2016-07-20 上海交通大学 Method for lip feature-based identity authentication based on sparse coding
CN105871900A (en) * 2016-05-24 2016-08-17 邵军利 Identity authentication method and system
CN105989263A (en) * 2015-01-30 2016-10-05 阿里巴巴集团控股有限公司 Method for authenticating identities, method for opening accounts, devices and systems
CN106911630A (en) * 2015-12-22 2017-06-30 上海仪电数字技术股份有限公司 Terminal and the authentication method and system of identity identifying method, terminal and authentication center
CN107748876A (en) * 2017-11-06 2018-03-02 杭州有盾网络科技有限公司 Face vivo identification method, device and mobile terminal based on mobile terminal
CN107895158A (en) * 2017-12-07 2018-04-10 朱明君 A kind of mobile terminal that target can be identified
CN108021892A (en) * 2017-12-06 2018-05-11 上海师范大学 A kind of human face in-vivo detection method based on extremely short video
CN108763897A (en) * 2018-05-22 2018-11-06 平安科技(深圳)有限公司 Method of calibration, terminal device and the medium of identity legitimacy
CN108875461A (en) * 2017-05-16 2018-11-23 深圳市祈飞科技有限公司 A kind of human face in-vivo detection method and device
CN109783338A (en) * 2019-01-02 2019-05-21 深圳壹账通智能科技有限公司 Recording method, device and computer equipment based on business information

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180009275A (en) * 2016-07-18 2018-01-26 삼성전자주식회사 User authentication method and electronic device supporting the same
US10783393B2 (en) * 2017-06-20 2020-09-22 Nvidia Corporation Semi-supervised learning for landmark localization
CN110247898B (en) * 2019-05-23 2021-11-19 平安普惠企业管理有限公司 Identity verification method, identity verification device, identity verification medium and electronic equipment

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105989263A (en) * 2015-01-30 2016-10-05 阿里巴巴集团控股有限公司 Method for authenticating identities, method for opening accounts, devices and systems
CN105320950A (en) * 2015-11-23 2016-02-10 天津大学 A video human face living body detection method
CN106911630A (en) * 2015-12-22 2017-06-30 上海仪电数字技术股份有限公司 Terminal and the authentication method and system of identity identifying method, terminal and authentication center
CN105787428A (en) * 2016-01-08 2016-07-20 上海交通大学 Method for lip feature-based identity authentication based on sparse coding
CN105681316A (en) * 2016-02-02 2016-06-15 腾讯科技(深圳)有限公司 Identity verification method and device
CN105871900A (en) * 2016-05-24 2016-08-17 邵军利 Identity authentication method and system
CN108875461A (en) * 2017-05-16 2018-11-23 深圳市祈飞科技有限公司 A kind of human face in-vivo detection method and device
CN107748876A (en) * 2017-11-06 2018-03-02 杭州有盾网络科技有限公司 Face vivo identification method, device and mobile terminal based on mobile terminal
CN108021892A (en) * 2017-12-06 2018-05-11 上海师范大学 A kind of human face in-vivo detection method based on extremely short video
CN107895158A (en) * 2017-12-07 2018-04-10 朱明君 A kind of mobile terminal that target can be identified
CN108763897A (en) * 2018-05-22 2018-11-06 平安科技(深圳)有限公司 Method of calibration, terminal device and the medium of identity legitimacy
CN109783338A (en) * 2019-01-02 2019-05-21 深圳壹账通智能科技有限公司 Recording method, device and computer equipment based on business information

Also Published As

Publication number Publication date
WO2020233009A1 (en) 2020-11-26
CN110247898A (en) 2019-09-17

Similar Documents

Publication Publication Date Title
CN110247898B (en) Identity verification method, identity verification device, identity verification medium and electronic equipment
US10574650B2 (en) System for electronic authentication with live user determination
CN109389723B (en) Visitor management method and device using face recognition and computer equipment
KR20190014124A (en) Two factor authentication
CN110322317B (en) Transaction data processing method and device, electronic equipment and medium
CN108449321B (en) Login method, server and client
CN108960839B (en) Payment method and device
US20180336327A1 (en) System for provisioning and allowing secure access to a virtual credential
CN111343162B (en) System secure login method, device, medium and electronic equipment
CN110795714A (en) Identity authentication method and device, computer equipment and storage medium
CN109685514A (en) For the method, apparatus of payment, storage medium and electronic equipment
US11496470B2 (en) Methods for randomized multi-factor authentication with biometrics and devices thereof
CN114612986A (en) Detection method, detection device, electronic equipment and storage medium
US10936705B2 (en) Authentication method, electronic device, and computer-readable program medium
CN112150252A (en) Credit-based service processing method and device
US10270771B1 (en) Mid-session live user authentication
CN108154070A (en) Face identification method and device
CN113810394B (en) Service processing method, device, electronic equipment and storage medium
CN113170021A (en) Method and system for remote interaction between at least one user and at least one operator of automatic and manual type
CN108427868A (en) Verification method, system and the client of resource transmission object
CN112182520B (en) Identification method and device of illegal account number, readable medium and electronic equipment
US11128620B2 (en) Online verification method and system for verifying the identity of a subject
CN112183270A (en) Method and device for optimizing shooting parameters of identity authentication and electronic equipment
CN111784352A (en) Authentication risk identification method and device and electronic equipment
CN111859322A (en) Identity verification method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
CB02 Change of applicant information

Address after: 201, room 518000, building A, No. 1, front Bay Road, Qianhai Shenzhen Guangdong Shenzhen Hong Kong cooperation zone (Qianhai business secretary)

Applicant after: Pingan Pu Hui Enterprise Management Co., Ltd.

Address before: 518000 Guangdong city of Shenzhen province Qianhai Shenzhen Hong Kong cooperation zone before Bay Road No. 1 building 201 room A

Applicant before: Pingan Pu Hui Enterprise Management Co., Ltd.

CB02 Change of applicant information
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant