Disclosure of Invention
In view of the above-mentioned drawbacks and deficiencies of the prior art, it is desirable to provide a method, device and storage medium for logging in a bank account with strong security.
In a first aspect, the present invention provides a bank account login method suitable for a user side, where the method includes:
responding to the successful registration, and generating a first public key and a first private key of the first user;
encrypting the first public key and first account information of the first user through the first private key to generate first registration request information, sending the first registration request information and the first public key to the server, enabling the server to decrypt the first registration request information according to the first public key, obtaining and storing a corresponding relation between the first account information and the first public key when decryption is successful, and returning first notification information of successful registration;
sending first identity verification request information to the server side, so that the server side can verify the identity information of the first user through the verifiable user identity information, and returning second notification information of successful verification when the verification is successful;
the first public key is encrypted through the first private key to generate first login request information, the first login request information and the first public key are sent to the server, the server decrypts the first login request information according to the first public key, and third notification information of successful login is returned to the user side when decryption is successful.
In a second aspect, the present invention provides a method for logging in a bank account of a server, where the method includes:
receiving first registration request information and a first public key sent by a user side, decrypting the first registration request information, acquiring and storing a corresponding relation between first account information of a first user and the first public key when decryption is successful, and returning first notification information of successful registration; the first registration request information is generated by encrypting a first public key and first account information through a first private key by the user side, and the first public key and the first private key are generated when the user side responds to the successful registration of the first user;
receiving first identity verification request information sent by a user side, verifying identity information of a first user through verifiable user identity information, and returning second notification information of successful verification when the verification is successful;
receiving first login request information and a first public key sent by a user side, decrypting the first login request information, and returning third notification information of successful login to the user side when decryption is successful; the first login request information is generated by encrypting the first public key by the first private key of the user side.
In a third aspect, the present invention further provides a bank account login method suitable for a user side, where the method includes:
responding to the successful registration, and generating a second public key and a second private key of a second user;
encrypting the second public key and second account information of the second user through the second private key to generate second registration request information, sending the second registration request information and the second public key to the server, so that the server decrypts the second registration request information according to the second public key, obtains and stores the corresponding relation between the second account information and the second public key when decryption is successful, and returns fourth notification information of successful registration;
sending second identity authentication request information to the server side, so that the server side can authenticate the identity information of a second user through the user identity information which can be authenticated, and returning fifth notification information which is successfully authenticated when the authentication is successful;
sending second login request information to the server side for the server side to generate and return to the first collection address;
and creating a first transaction according to the second private key, the second public key and the first collection address, sending the first transaction and the second public key to the server for the server to verify the correctness of the first transaction, forwarding the first transaction to the block chain link point after the first transaction is verified to be correct, broadcasting, executing and commonly recognizing the first transaction by the block chain link point, and returning sixth known information of successful login to the user side when the server analyzes that the first transaction is successfully commonly recognized.
In a fourth aspect, the present invention further provides a method for logging in a bank account applicable to a server, where the method includes:
receiving second registration request information and a second public key sent by the user side, decrypting the second registration request information, acquiring and storing a corresponding relation between second account information of a second user and the second public key when decryption is successful, and returning fourth notification information of successful registration; the second registration request information is generated by the user side encrypting a second public key and second account information through a second private key, and the second public key and the second private key are generated when the user side responds to the successful registration of the second user;
receiving second identity authentication request information sent by the user side, authenticating identity information of a second user through the user identity information which can be authenticated, and returning fifth notification information of successful authentication when the authentication is successful;
receiving second login request information sent by the user side, generating and returning a first collection address, so that the user side can create a first transaction according to the second private key, the second public key and the first collection address;
receiving a first transaction and a second public key sent by a user side, verifying the correctness of the first transaction, and forwarding the first transaction to the block link node after the correctness of the first transaction is verified so as to allow the block link node to broadcast, execute and commonly identify the first transaction;
and analyzing whether the first transaction is successfully identified:
if yes, sixth notification information of successful login is returned to the user side.
In a fifth aspect, the present invention also provides an apparatus comprising one or more processors and memory, wherein the memory contains instructions executable by the one or more processors to cause the one or more processors to perform a bank account login method provided in accordance with embodiments of the present invention.
In a sixth aspect, the present invention also provides a storage medium storing a computer program that causes a computer to execute the bank account login method provided according to the embodiments of the present invention.
According to the bank account login method, the device and the storage medium provided by the embodiments of the invention, the public and private key pair is configured for the user, the public key and the account information of the user are associated, the identity information of the user is verified, and the bank account is logged in by using the public key, so that the bank account login is safer, and the user experience is improved.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Fig. 1 is a flowchart of a method for logging in a bank account according to an embodiment of the present invention. As shown in fig. 1, in this embodiment, the present invention provides a bank account login method suitable for a user side, where the method includes:
s12: responding to the successful registration, and generating a first public key and a first private key of the first user;
s14: encrypting the first public key and first account information of the first user through the first private key to generate first registration request information, sending the first registration request information and the first public key to the server, enabling the server to decrypt the first registration request information according to the first public key, obtaining and storing a corresponding relation between the first account information and the first public key when decryption is successful, and returning first notification information of successful registration;
s16: sending first identity verification request information to the server side, so that the server side can verify the identity information of the first user through the verifiable user identity information, and returning second notification information of successful verification when the verification is successful;
s18: the first public key is encrypted through the first private key to generate first login request information, the first login request information and the first public key are sent to the server, the server decrypts the first login request information according to the first public key, and third notification information of successful login is returned to the user side when decryption is successful.
Specifically, assume that the first user is a, the first public key is pub _ a, and the first private key is pri _ a; the first account information of the first user is identity card information id _ A of the first user and a contact telephone _ A of the first user;
in step S12, in response to the successful registration, the user side generates a first public key pub _ a and a first private key pri _ a of a;
in step S14, the user encrypts the first public key pub _ a and the first account information (id _ a and telephone _ a) of the first user by using the first private key pri _ a to generate first registration request information M1 ═ pri _ a (pub _ a, id _ a, telephone _ a), sends the first registration request information M1 and the first public key pub _ a to the server, the server decrypts the first registration request information M1 according to the first public key pub _ a, and if pub _ a can decrypt pri _ a, the decryption is successful, obtains and stores the corresponding relationship between the first account information (id _ a and telephone _ a) and the first public key pub _ a, and returns first notification information indicating that the registration is successful;
in step S16, the user side sends a first authentication request message to the server side, and the server side authenticates the identity information of the first user through the authenticatable user identity information and returns a second notification message of successful authentication when the authentication is successful (in this embodiment, the authenticatable user identity information is configured as remote face-brushing authentication, and in more embodiments, may also be configured as other authentication methods according to actual requirements);
in step S18, the user side encrypts the first public key pub _ a by using the first private key pri _ a to generate first login request information M2 ═ pri _ a (pub _ a), and sends the first login request information and the first public key pub _ a to the server side, where the server side decrypts the pub _ a according to the first public key to obtain the first login request information, and if the pub _ a can decrypt the pri _ a, the decryption is successful, and the server side decrypts to obtain the user account requesting to log in the bank account;
and returning third notification information of successful login to the user side.
In further embodiments, the first account information of the first user may also be configured as other parameters according to actual requirements, for example, the information of the first user's bound bank card, the first user's name, and the like, which may achieve the same technical effect.
The embodiment of the invention configures a public and private key pair for the user, associates the public key and account information of the user, verifies the identity information of the user, and logs in the bank account by using the public key, so that the bank account is more safely logged in, and the user experience is improved.
Fig. 2 is a flowchart of another method for logging in a bank account according to an embodiment of the present invention. As shown in fig. 2, in this embodiment, the present invention provides a method for logging in a bank account applicable to a server, where the method includes:
s22: receiving first registration request information and a first public key sent by a user side, decrypting the first registration request information, acquiring and storing a corresponding relation between first account information of a first user and the first public key when decryption is successful, and returning first notification information of successful registration; the first registration request information is generated by encrypting a first public key and first account information through a first private key by the user side, and the first public key and the first private key are generated when the user side responds to the successful registration of the first user;
s24: receiving first identity verification request information sent by a user side, verifying identity information of a first user through verifiable user identity information, and returning second notification information of successful verification when the verification is successful;
s26: receiving first login request information and a first public key sent by a user side, decrypting the first login request information, and returning third notification information of successful login to the user side when decryption is successful; the first login request information is generated by encrypting the first public key by the first private key of the user side.
The transaction replacement principle of the above embodiment can refer to the method shown in fig. 1, and is not described herein again.
Preferably, step S26 includes:
receiving first login request information and a first public key sent by a user side, decrypting the first login request information, and inquiring whether a second public key which is the same as the first public key exists locally or not when decryption is successful:
if yes, the third notification information of successful login is returned to the user side.
The above embodiment verifies whether the server locally stores a third public key that is the same as the first public key: if yes, the user corresponding to the public key is registered;
the embodiment ensures that only registered users can log in the bank account, so that the bank account is more safely logged in, and the user experience is improved.
Fig. 3 is a flowchart of another method for logging in a bank account according to an embodiment of the present invention. As shown in fig. 3, in this embodiment, the present invention provides a method for logging in a bank account at a user end, where the method includes:
s31: responding to the successful registration, and generating a second public key and a second private key of a second user;
s32: encrypting the second public key and second account information of the second user through the second private key to generate second registration request information, sending the second registration request information and the second public key to the server, so that the server decrypts the second registration request information according to the second public key, obtains and stores the corresponding relation between the second account information and the second public key when decryption is successful, and returns fourth notification information of successful registration;
s33: sending second identity authentication request information to the server side, so that the server side can authenticate the identity information of a second user through the user identity information which can be authenticated, and returning fifth notification information which is successfully authenticated when the authentication is successful;
s34: sending second login request information to the server side for the server side to generate and return to the first collection address;
s35: and creating a first transaction according to the second private key, the second public key and the first collection address, sending the first transaction and the second public key to the server for the server to verify the correctness of the first transaction, forwarding the first transaction to the block chain link point after the first transaction is verified to be correct, broadcasting, executing and commonly recognizing the first transaction by the block chain link point, and returning sixth known information of successful login to the user side when the server analyzes that the first transaction is successfully commonly recognized.
Specifically, assume that the second user is B, the second public key is pub _ B, and the second private key is pri _ B; the second account information of the second user is identity card information id _ B of the second user and a contact telephone _ B of the second user;
in step S31, in response to the successful registration, the user side generates a second public key pub _ B and a second private key pri _ B of B;
in step S32, the user encrypts the second public key pub _ B and the second account information (id _ B and telephone _ B) of the second user by using the second private key pri _ B to generate second registration request information M3 ═ pri _ B (pub _ B, id _ B, telephone _ B), sends the second registration request information M3 and the second public key pub _ B to the server, the server decrypts the second registration request information M3 according to the second public key pub _ B, and if pub _ B can decrypt pri _ B, the decryption is successful, obtains and stores the corresponding relationship between the second account information (id _ B and telephone _ B) and the second public key pub _ B, and returns fourth notification information of successful registration;
in step S33, the user side sends a second authentication request message to the server side, and the server side authenticates the identity information of the second user through the verifiable user identity information and returns a fifth notification message of successful authentication when the authentication is successful (in this embodiment, the verifiable user identity information is configured as remote face-brushing authentication, and in more embodiments, other authentication methods may be configured according to actual requirements);
in step S34, the user sends a second login request message to the server, and the server generates and returns a first collection address;
in step S35, a first transaction tx1 is created according to the second private key, the second public key, and the first payee address, and the first transaction tx1 and the second public key pub _ B are sent to the server, where the server verifies the correctness of the first transaction tx1 through pub _ B, and since the server needs to sign with the second private key pri _ B when creating tx1, if pub _ B can decrypt pri _ B, the verification is correct, and the first transaction tx1 is forwarded to the block link point; the blockchain node broadcasts, executes, and agrees to the first transaction tx 1; and the server returns sixth notification information of successful login to the user side when the server resolves that the first transaction consensus is successful.
In further embodiments, the second account information of the second user may also be configured as other parameters according to actual requirements, for example, the information of the bound bank card of the second user, the name of the second user, and the like, and the same technical effect may be achieved.
The difference between the above embodiment and the embodiment shown in fig. 1 is that the generated transaction is sent to the blockchain, and when the generated transaction is identified, the return success is determined, and each blockchain node records the first transaction, so that the user traces back the login situation of the user, and the user experience is further improved.
Fig. 4 is a flowchart of another method for logging in a bank account according to an embodiment of the present invention. As shown in fig. 4, in this embodiment, the present invention provides a method for logging in a bank account applicable to a server, where the method includes:
s41: receiving second registration request information and a second public key sent by the user side, decrypting the second registration request information, acquiring and storing a corresponding relation between second account information of a second user and the second public key when decryption is successful, and returning fourth notification information of successful registration; the second registration request information is generated by the user side encrypting a second public key and second account information through a second private key, and the second public key and the second private key are generated when the user side responds to the successful registration of the second user;
s42: receiving second identity authentication request information sent by the user side, authenticating identity information of a second user through the user identity information which can be authenticated, and returning fifth notification information of successful authentication when the authentication is successful;
s43: receiving second login request information sent by the user side, generating and returning a first collection address, so that the user side can create a first transaction according to the second private key, the second public key and the first collection address;
s44: receiving a first transaction and a second public key sent by a user side, verifying the correctness of the first transaction, and forwarding the first transaction to the block link node after the correctness of the first transaction is verified so as to allow the block link node to broadcast, execute and commonly identify the first transaction;
s45: and analyzing whether the first transaction is successfully identified:
if yes, go to step S46: and returning sixth notification information of successful login to the user side.
The transaction replacement principle of the above embodiment can refer to the method shown in fig. 3, and is not described herein again.
Preferably, the server is configured as a blockchain node at the same time.
The difference between the above embodiment and the embodiment shown in fig. 4 is that the platform where the block link point is located is separated from the service end in the embodiment shown in fig. 4, and in this embodiment, the platform where the block link point is located is a part of the service end.
Fig. 5 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
As shown in fig. 5, as another aspect, the present application also provides an apparatus 500 including one or more Central Processing Units (CPUs) 501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM503, various programs and data necessary for the operation of the apparatus 500 are also stored. The CPU501, ROM502, and RAM503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. The driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
In particular, according to an embodiment of the present disclosure, the bank account login method described in any of the above embodiments may be implemented as a computer software program. For example, embodiments of the present disclosure include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program containing program code for performing a bank account login method. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511.
As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the bank account login methods described herein.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each of the described units may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.