CN110399713A

CN110399713A - A kind of method and relevant apparatus of authentification of message

Info

Publication number: CN110399713A
Application number: CN201810847542.0A
Authority: CN
Inventors: 李晴; 曹丰斌
Original assignee: Tencent Technology Beijing Co Ltd
Current assignee: Tencent Technology Beijing Co Ltd
Priority date: 2018-07-27
Filing date: 2018-07-27
Publication date: 2019-11-01
Anticipated expiration: 2038-07-27
Also published as: CN110399713B

Abstract

The embodiment of the invention discloses a kind of methods of authentification of message, comprising: obtains platform authentication request, wherein carries the mark of destination server corresponding to destination server in the platform authentication request；It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein, the target authentication mode and server identification set have matching relationship, the server identification set includes at least one server identification, and the destination server mark belongs in the server identification set one；Pass through the target authentication pattern acquiring information to be certified；Authentification of message result is generated according to the information to be certified.A kind of information authenticating apparatus is additionally provided in the embodiment of the present invention.Multiple trade companies can be multiplexed same set of target authentication mode and authenticate to user in the embodiment of the present invention, to reduce the development cost of business platform.

Description

A kind of method and relevant apparatus of authentification of message

Technical field

The present invention relates to Internet technical field more particularly to the methods and relevant apparatus of a kind of authentification of message.

Background technique

With the rapid development of communication technology, huge numbers of families have been come into internet.In internet, in order to keep away Exempt from the attack of hacker, wooden horse and Malware, authentification of message have become guarantee network security and common technological means it One.

Currently, some business platforms can access Duo Jia third party trade company, different third party trade companies can be use Family provides corresponding business.And when user carries out network operation, it also needs to carry out user authentication, so that it is determined that should Whether user has the access right to resource, and then prevents attacker from palming off the access authority that legitimate user obtains resource, protects The safety of card system and data, and the legitimate interests of authorization visitor.For example, for register, it usually needs user is defeated Access customer account number and password are to complete login process.

However, different third party trade companies often supports different authentication modes, therefore, with third party trade company access amount Increase, thus cause the development cost of business platform to be also incremented by therewith.

Summary of the invention

The embodiment of the invention provides a kind of method of authentification of message and relevant apparatus, multiple trade companies can be multiplexed same set of Target authentication mode authenticates user, to reduce the development cost of business platform.

In view of this, on the one hand the embodiment of the present invention provides a kind of method of authentification of message, may include:

Obtain platform authentication request, wherein carry the clothes of target corresponding to destination server in the platform authentication request Business device mark；

It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein is described Target authentication mode and server identification set have matching relationship, and the server identification set includes at least one server Mark, the destination server mark belong in the server identification set one；

Pass through the target authentication pattern acquiring information to be certified；

Authentification of message result is generated according to the information to be certified.

The first aspect of the embodiment of the present invention provides a kind of information authenticating apparatus, may include:

Module is obtained, for obtaining platform authentication request, wherein carry destination server institute in the platform authentication request Corresponding destination server mark；

Determining module, the destination server in platform authentication request for being obtained according to the acquisition module It identifies and determines target authentication mode, wherein the target authentication mode and server identification set have matching relationship, the clothes Device logo collection of being engaged in includes at least one server identification, and the destination server mark belongs in the server identification set One；

The acquisition module is also used to the target authentication pattern acquiring letter to be certified determined by the determining module Breath；

Generation module, the information to be certified for being obtained according to the acquisition module generate authentification of message result.

The first aspect of the embodiment of the present invention provides a kind of information authenticating apparatus, may include: memory, processor with And bus system；

Wherein, the memory is for storing program；

The processor is used to execute the program in the memory, includes the following steps:

Authentification of message result is generated according to the information to be certified；

The bus system is for connecting the memory and the processor, so that the memory and the place Reason device is communicated.

The first aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage Instruction is stored in medium, when run on a computer, so that computer executes method described in above-mentioned various aspects.

As can be seen from the above technical solutions, the embodiment of the present invention has the advantage that

In the embodiment of the present invention, a kind of method of authentification of message is provided, information authenticating apparatus first obtains platform first Certification request, wherein the mark of destination server corresponding to destination server is carried in platform authentication request, then according to platform Destination server in certification request, which identifies, determines target authentication mode, wherein target authentication mode and server identification set With matching relationship, server identification set includes at least one server identification, and destination server mark belongs to server mark One is known in set.Then by information authenticating apparatus by target authentication pattern acquiring information to be certified, finally, authentification of message fills It sets and authentification of message result is generated according to information to be certified.By the above-mentioned means, in the same server identification set For each server identification, using same set of target authentication mode, and each server identification corresponds to a trade company, therefore, Multiple trade companies can be multiplexed same set of target authentication mode and authenticate to user, to reduce the development cost of business platform.

Detailed description of the invention

Fig. 1 is a configuration diagram of authentification of message system in the embodiment of the present invention；

Fig. 2 is one design architecture schematic diagram of method of authentification of message in the embodiment of the present invention；

Fig. 3 is method one embodiment schematic diagram of authentification of message in the embodiment of the present invention；

Fig. 4 is a flow diagram of double authentication in the embodiment of the present invention；

Fig. 5 is an interface schematic diagram based on verifying code authentication in the embodiment of the present invention；

Fig. 6 is a flow diagram based on verifying code authentication in the embodiment of the present invention；

Fig. 7 is a data flow time diagram based on verifying code authentication in the embodiment of the present invention；

Fig. 8 is an interface schematic diagram based on security personnel's encoder certification in the embodiment of the present invention；

Fig. 9 is a flow diagram based on security personnel's encoder certification in the embodiment of the present invention；

Figure 10 is a data flow time diagram based on security personnel's encoder certification in the embodiment of the present invention；

Figure 11 is an interface schematic diagram based on token authentication in the embodiment of the present invention；

Figure 12 is a flow diagram based on token authentication in the embodiment of the present invention；

Figure 13 is a data flow time diagram based on token authentication in the embodiment of the present invention；

Figure 14 is one embodiment schematic diagram of information authenticating apparatus in the embodiment of the present invention；

Figure 15 is one embodiment schematic diagram of information authenticating apparatus in the embodiment of the present invention；

Figure 16 is a structural schematic diagram of information authenticating apparatus in the embodiment of the present invention.

Specific embodiment

Description and claims of this specification and term " first ", " second ", " third ", " in above-mentioned attached drawing The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiment of the present invention described herein for example can be to remove Sequence other than those of illustrating or describe herein is implemented.In addition, term " includes " and " having " and theirs is any Deformation, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, production Product or equipment those of are not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for this A little process, methods, the other step or units of product or equipment inherently.

It should be understood that the embodiment of the present invention is mainly used in authentication scene, the platform of more trade companies can be supported by one To realize certification.For example, self-selected stock application program (application, APP) in a manner of direct-connected stock trader's server, accesses more Family third party cooperates stock trader, provides the trading function on basis for user.Answer stock supervisory committee's Strengthens network trading account security Compliance requirement, each stock trader start double authentication project successively, reinforce the safety of itself transaction system.Therefore, for For one is supported the platform of more trade companies, in order to be compatible with the trade company of all accesses, a variety of authentication modes should be flexibly supported as far as possible, And support trade company customizes to require, the demand for thus providing the general solution of one kind more trade companies is supported to authenticate.

Referring to Fig. 1, Fig. 1 is a configuration diagram of authentification of message system in the embodiment of the present invention, as shown, branch The platform of Chi Duo trade company is specifically as follows a APP, which is mainly used in terminal device, such as mobile phone, tablet computer, pen Remember this computer and palm PC etc., and terminal device can be the Mobile operating system (iphone based on Apple Inc. Operation system, iOS) 8.0 or more system, or be based on Android system (Android) 4.2 or more system, when It so, can also be based on the system of other versions, herein without limitation.

Authentification of message system further includes Platform Server and at least one merchant server, and Platform Server had both needed and end End equipment establishes communication connection, to carry out the interaction of data, and needs to establish at least one merchant server and communicate to connect, with Carry out business processing.Under normal conditions, each trade company corresponds at least one merchant server, for example corresponding trade company 1, trade company 1 takes Business device, wherein 1 server of a trade company shown in FIG. 1 is only a signal, and in practical situations, which may be used also To be a server cluster.Similarly, Platform Server also may include at least one server.

Above describe the overall architectures of authentification of message system, will be introduced so that trade company is stock trader as an example below, however This can not be not understood as limitation of the invention.Referring to Fig. 2, Fig. 2 is the method one of authentification of message in the embodiment of the present invention A design architecture schematic diagram, as shown, design architecture is followed successively by network layer, Business Logic, middle layer and use from bottom to top Family interface alternation (User Interface, UI) layer.Successively each layer is introduced below in conjunction with Fig. 2.

UI layers are publicly-owned layer, i.e., different stock traders uses the UI layers, and UI layers are the certifications supported according to each stock trader The general character of mode and design, UI layers specifically include that

(1) log in page is mainly used for user and inputs essential information, such as account and password；

(2) equipment shows or switches the page, is mainly used for showing the authentication mode of device name and switching equipment, can be with Support the display and switching of such as phone number, email address and encoder device name of ensuring public security；

(3) identifying code input page is mainly used for inputting identifying code corresponding to identifying code authentication mode；

(4) token (token) input page is mainly used for inputting identifying code corresponding to token authentication mode；

(5) the protector license confirmation page is mainly used for showing that the authorization generated by security personnel's encoder authentication mode is true Recognize the page.

In main flow, most of product demand process can be covered by five interfaces as above, stock trader side is mentioned Differentiated demand out unifies encapsulation process by middle layer, and stock trader's customization can be realized to the above content of pages.In account password After verification is completed, the data that stock trader's server returns eventually are converted into middle layer.

Middle layer is also the general character for the authentication mode supported according to each stock trader and designs, and mainly includes LoginResultData, wherein the main data structure of LoginResultData is as follows:

(1) " RetType " indicates double authentication mode, is mainly used for control jumps to the specific type page of secondary verifying Face.For example including single device mobile phone, mailbox and security personnel's encoder authentication mode, more equipment mobile phones, mailbox, security personnel's encoder are recognized Card mode and token (random cipher or fixed password) authentication mode；

(2) " AuthResultInfo " indicates information required for secondary verifying, is mainly used for carrying out the stream of double authentication Journey.The object structure may include that (page title " authTitle " is mainly used for for the information of the customized content of pages of stock trader Prompt the official documents and correspondence information " authButtonDesc " etc. of button in the official documents and correspondence information " authDesc " and the page of user), currently Facility information " AuthDeviceInfo " currently in use and other additional informations etc.；

(3) " AuthDeviceInfo " indicates facility information, is mainly used for needing to show the authentication mode of facility information.It should Object structure, including equipment index (deviceIndex), device name plaintext (devicePlain), device name ciphertext (deviceEncrypt) and device type (devideType).Based on security considerations, it is shown in the equipment display page Device name is shown in the form of ciphertext sometimes, such as phone number is with " 123****5678 " display.

Business Logic is that each stock trader is implemented separately, which is mainly used for solving each stock trader in authentication business logic On difference, wherein Business Logic includes:

(1) network request is mainly used for as each stock trader's individual packages network request, and passes through underlying network network layers and stock trader Server communication can solve difference of each stock trader on certification relevant interface Protocol Design；

(2) data conversion and data parsing, are mainly used for after receiving the data of stock trader's server return, by business Logical layer parses data, and is the data structure of middle layer according to protocol translation.

The authentication mode different for each trade company and different interface requests, parameter and returned data format, in order to Each trade company realizes respective Business Logic, and Business Logic is clearly divided into network request, data parsing and data and is turned Function is changed, to achieve the purpose that high cohesion.Middle layer is converted according to the interface protocol of agreement by service logic layer data, is passed through Middle layer is interacted with UI layers, realizes each merchant business logical layer independently, and UI layers public with intermediate layer identification code, to realize The purpose of lower coupling.

By being individually encapsulated for service logic, convert the business datum of each trade company to unified middle layer, and with system One UI layer interacts.When needing to increase new authentication mode, it is only necessary to stock trader respectively realizes the service logic of oneself, and It is converted into corresponding middle layer, one new interaction flow of UI layers of increase improves development efficiency, realizes entire frame High Availabitity, the purpose easily extended.

Below by from the angle of information authenticating apparatus, the method for authentification of message in the present invention is introduced, figure is please referred to 3, method one embodiment of authentification of message includes: in the embodiment of the present invention

101, platform authentication request is obtained, wherein the clothes of target corresponding to destination server are carried in platform authentication request Business device mark；

In the present embodiment, information authenticating apparatus is specifically as follows the platform that one is supported more trade companies or one is supported more trade companies APP.User triggers register by information authenticating apparatus, i.e. information authenticating apparatus obtains platform authentication request.Wherein, it puts down The mark of destination server corresponding to destination server is carried in platform certification request, destination server specifically refers to user and waits visiting Ask server of trade company, such as 2 server of 1 server of stock trader or stock trader etc..And each server corresponds to a service Device mark, such as 1 server corresponding server of stock trader identify A, therefore 2 server corresponding server of stock trader mark B passes through clothes Business device mark can determine that this needs of user are authenticated with which trade company, that is, determine the target communicated with information authenticating apparatus Server.

102, according to platform authentication request in destination server identify determine target authentication mode, wherein target authentication Mode and server identification set have matching relationship, and server identification set includes at least one server identification, target clothes Business device mark belongs in server identification set one；

In the present embodiment, since different trade companies often uses different certification modes, such as stock trader 1 to recognize using mobile phone The mode of card, stock trader 2 is by the way of random cipher, and stock trader 3 is by the way of account number cipher and mailbox certification etc..Information Authentication device identifies the target authentication mode for determining and needing to use according to destination server.

In practical situations, often at least one server identification of participant has corresponding pass to a kind of target authentication mode System, goal server identification belong to one of them of server identification set.In order to make it easy to understand, please referring to table 1, table 1 corresponding relationship between certification mode and server identification one signal.

Table 1

Certification mode	Server identification	Trade company	Authentication content
				A	Mark 1	Stock trader 1	Account number cipher+mobile phone certification
A	Mark 2	Stock trader 2	Account number cipher+mobile phone certification
				A	Mark 3	Stock trader 3	Account number cipher+mobile phone certification
A	Mark 4	Stock trader 4	Account number cipher+mobile phone certification
				B	Mark 5	Stock trader 5	Account number cipher+security personnel's encoder certification
B	Mark 6	Stock trader 6	Account number cipher+security personnel's encoder certification
				B	Mark 7	Stock trader 7	Account number cipher+security personnel's encoder certification

Assuming that destination server is identified as mark 3, that is, need to authenticate with stock trader 3, at this point, target authentication mode is mould Formula A is authenticated by the way of " account number cipher+mobile phone certification ".

It should be noted that content shown in table 1 is only a signal, in practical applications, can also be arranged different Corresponded manner.

103, pass through target authentication pattern acquiring information to be certified；

In the present embodiment, information authenticating apparatus passes through target authentication pattern acquiring information to be certified.For example, target authentication mould Formula is security personnel's encoder certification, then information to be certified is the Authorization result for passing through security personnel's encoder and receiving.For another example, mesh Mark certification mode is mobile phone certification mode, then information to be certified is the identifying code for being sent to mobile phone.

104, authentification of message result is generated according to information to be certified.

In the present embodiment, information authenticating apparatus can determine whether to authenticate successfully by comparing information to be certified, thus Generate authentication result.It can also directly be generated according to information to be certified and authenticate successful result.

Optionally, on the basis of above-mentioned Fig. 3 corresponding embodiment, the method for authentification of message provided in an embodiment of the present invention In first alternative embodiment, after obtaining platform authentication request, can also include:

Receive authentication information, wherein authentication information includes applying account and password；

Authentication information is sent to destination server, so that destination server verifies authentication information, and Generate authentication result；

If authentication result be proved to be successful, execute according to platform authentication request in destination server mark determine The step of target authentication mode；

If authentication result is authentication failed, the prompting message of authentication failed is shown.

In the present embodiment, information authenticating apparatus can determine user quotient to be logged in after receiving platform authentication request Family then needs first to verify legitimacy of the user in trade company.Under normal conditions, user input authentication information (including The application account and password of trade company), it is assumed that the application account of user's input is " jackwong ", and password is " 111222 ".Then The destination server as corresponding to trade company verifies the authentication information, is stored in destination server using account Corresponding relationship between password, if using account and password match success, then it represents that authentication result is to be proved to be successful, Subsequent identifying procedure can so be gone successively to., whereas if failing using account and password match, then it represents that identity is tested Result failure is demonstrate,proved, then the prompting message of authentication failed can be directly displayed, after user sees the message, can be carried out again Verifying.Under normal conditions, the number of verifying has within the upper limit, such as one day if there is applying account and password not three times The case where matching, then will not again authenticate the authentication information of user's input within the same day.

It is understood that authentication information belongs to two information from different channels from information to be certified, that is, belong to In double authentication.Authentication information typically refers to given data, for example, username and password.And information to be certified is usually Refer to disposal password, just can be carried out transaction, such as mobile phone note verification code, mailbox identifying code, digital certificates, security personnel after input Encoder and biological identification etc..

For the ease of introducing, referring to Fig. 4, Fig. 4 is a flow diagram of double authentication in the embodiment of the present invention, such as Shown in figure, by taking trade company is stock trader as an example, specifically:

In step S1, user enters stock trader's login page by application platform (self-selected stock APP)；

In step S2, user selects some stock trader's entrance in stock trader's login page, enters after clicking stock trader's entrance To stock trader's login page；

In step S3, account and password are inputted on stock trader's login page, then executes register, and to corresponding certificate Quotient's server sends logging request, and stock trader's server process logging request gives data feedback to application platform (self-selected stock later APP)；

In step S4, if account and cryptographic check success, enter double authentication process；

In step S5, if account and cryptographic check failure, pass through application platform (self-selected stock APP) interface prompt mistake Message, user can re-execute the steps the operation of S3；

In step S6, into after double authentication process, user's input by other channels (such as mobile phone, mailbox or its He is APP) identifying code that gets perhaps random cipher or executes authority checking operation by other APP, then taken to stock trader Device transmission double authentication of being engaged in is requested；

In step S7, if double authentication verifies successfully, user is successfully entered corresponding stock trader's transaction system；

In step S8, if double authentication verification failure, is disappeared by application platform (self-selected stock APP) interface prompt mistake Breath, user can re-execute the steps the operation of S6.

Secondly, information authenticating apparatus can also receive user after obtaining platform authentication request in the embodiment of the present invention Then the authentication information of input sends authentication information to destination server, believed by destination server authentication Breath is verified, and generates authentication as a result, only in the successful situation of authentication, just will continue to carry out subsequent to recognize Demonstrate,prove process.By the above-mentioned means, when client logins transaction system, other than authentication information, it is also necessary to by other Channel obtains information to be certified, just can be carried out transaction after double authentication passes through.It is verified using two kinds of information of different nature Client identity can provide protection for online transaction, to effectively take precautions against the authentication mechanism of hacker attacks.

Optionally, on the basis of above-mentioned Fig. 3 corresponding embodiment, the method for authentification of message provided in an embodiment of the present invention In second alternative embodiment, according to platform authentication request in destination server identify determine target authentication mode, can wrap It includes:

According to platform authentication request in destination server identify and determine authentication mode, wherein authentication mode is for controlling The page jumps；

According to platform authentication request in destination server identify determine certification page information, wherein certification page information For showing and the associated page info of authentication mode；

According to platform authentication request in destination server identify determine authenticating device information, wherein authenticating device information It is used to indicate the information of equipment to be certified.

It may include authentication mode, certification page information and authenticating device letter in target authentication mode in the present embodiment Breath.After information authenticating apparatus sends account number cipher to destination server, the data that destination server returns can form mesh Mark certification mode.

Wherein, authentication mode is used to control jumps to the specific type page of certification, for example, single device mobile phone authenticating party Formula, more equipment mobile phone authentication modes, single device mailbox authentication mode, more equipment mailbox authentication modes, security personnel's encoder authenticating party Formula and token authentication mode etc..

Certification page information indicates information required for authenticating, the information including the customized content of pages of trade company, for example, proposing Show the official documents and correspondence information of user, the official documents and correspondence information of button, currently used facility information and other additional informations etc. in the page.

Authenticating device information is used to need to show the authentication mode of facility information, for example, equipment index information, device name Cleartext information, device name cipher-text information and device type etc..Based on the considerations of user information safety, page is shown in equipment Showing in face can be shown when device name in the form of ciphertext, for example phone number is shown as " 138******46 ".

Secondly, in the embodiment of the present invention, information authenticating apparatus can be requested according to platform authentication in destination server mark Know and determine authentication mode, certification page information and authenticating device information, wherein authentication mode is demonstrate,proved for controlling jumping for the page Page info is used to indicate the letter of equipment to be certified with the associated page info of authentication mode, authenticating device information for showing Breath.By the above-mentioned means, certification mode can be composed of different service logics, i.e., required for being determined according to trade company's demand Authentication mode, certification page information and authenticating device information, to realize the target of information high cohesion.

Optionally, corresponding first or on the basis of second embodiment in above-mentioned Fig. 3 and Fig. 3, the present invention is implemented It, can be with by target authentication pattern acquiring information to be certified in the method third alternative embodiment for the authentification of message that example provides Include:

According to the target authentication schema creation information input page, wherein optional, the information input page includes at least one Information input subpage frame；

Information to be certified is received by the information input page.

In the present embodiment, information authenticating apparatus is after it confirmed target authentication mode, the available target authentication mode Included authentication mode, certification page information and authenticating device information.According at least one letter of target authentication schema creation Breath input subpage frame, different information input subpage frames can be used for receiving the different data of user's input.Finally, letter will be passed through The information to be certified of breath input page input is verified, to generate verification result.

Again, in the embodiment of the present invention, the process that information authenticating apparatus obtains information to be certified be can be, first according to mesh It marks certification mode and generates the information input page, wherein the information input page includes at least one information input subpage frame, is then led to It crosses the information input page and receives information to be certified.By the above-mentioned means, the information input page can be generated so that user inputs phase The information answered, to be authenticated using the information that user inputs, it is possible thereby to the feasibility and operability of lifting scheme.

Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention The 4th alternative embodiment of method in, information to be certified is received by the information input page, may include:

Subpage frame is inputted by the first information and receives the first verification information, wherein the first verification information is in preset time The information that introversive first associated account number is sent；

Authentification of message is generated as a result, may include: according to information to be certified

If the first verification information is consistent with the first default verification information, certification success message is generated；

If the first verification information and the first default verification information are inconsistent, and verify number and have reached pre-determined threshold, then give birth to At authentification failure message.

In the present embodiment, a kind of method verified in single device using associated account number is described.Firstly, authentification of message Device can show that the first information inputs subpage frame, would generally show an input frame on first information input subpage frame, use In the first verification information for receiving user's input.And the first verification information includes but is not limited only to mobile phone identifying code or mailbox is tested Code is demonstrate,proved, after user triggers platform authentication request, destination server can be within a preset time (such as within 90 seconds) to this First associated account number (such as cell-phone number or email address) used by a user sends the first verification information.User will receive One verification information is inserted in the input frame of first information input subpage frame, from information authenticating apparatus to destination server forward this One verification information.Destination server can match the first verification information received with the first default verification information.

Specifically, it is assumed that the first default verification information is " 595451 ", if the first verification information is also " 595451 ", Indicate that this is proved to be successful, then information authenticating apparatus will generate the successful message of certification., whereas if the first verification information It is not " 595451 ", then it represents that this authentication failed, then information authenticating apparatus can be used with the prompting message of feedback validation failure Family can input new verification information according to the prompting message again, until verifying number reaches pre-determined threshold, authentification of message dress It sets, authentification failure message can be generated.

Further, in the embodiment of the present invention, information authenticating apparatus can first pass through first information input subpage frame and receive First verification information, wherein the first verification information is the information sent within a preset time to the first associated account number, if first Verification information is consistent with the first default verification information, then generates certification success message, if the first verification information is default with first Verification information is inconsistent, and verifies number and have reached pre-determined threshold, then generates authentification failure message.By the above-mentioned means, providing It is a kind of to be verified using the information that associated account number is received, the reliability of verifying can be effectively promoted, to realize more The process of channel verifying, thus increases the practicability of scheme.

Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention The 5th alternative embodiment of method in, information to be certified is received by the information input page, may include:

Account switching command is received by the second information input subpage frame；

The first associated account number is switched to the second associated account number according to account switching command；

Receive the second verification information, wherein the second verification information is to send within a preset time to the second associated account number Information；

If the second verification information is consistent with the second default verification information, certification success message is generated；

If the second verification information and the second default verification information are inconsistent, and verify number and have reached pre-determined threshold, then give birth to At authentification failure message.

In the present embodiment, a kind of method verified in more equipment using associated account number is described.Firstly, authentification of message Device can show the second information input subpage frame, and an account switching usually can be also shown on the second information input subpage frame Function, user can choose the function.Some other accounts that user had logged on will be shown later by triggering the function Information, further, it is also possible to receive the new account information of user's input.For example, user A was associated with three phone numbers, respectively For " 13812345678 ", " 13698765432 " and " 15011223355 ", user A can be in the second information input subpage frame Account switching command is triggered, so that the first associated account number " 15011223355 " is switched to the second associated account number " 13812345678 ", then, information authenticating apparatus can be sent out (within such as 90 seconds) to " 13812345678 " within a preset time Send the second verification information.User inserts the second verification information received in input frame, from information authenticating apparatus to destination service Device forwards second verification information.Destination server can carry out the second verification information received and the second default verification information Matching.

It should be noted that account switching command other than it can switch the phone number of user, can also switch use The email address at family or other kinds of associated account number, herein without limitation.

Specifically, it is assumed that the second default verification information is " 595451 ", if the second verification information is also " 595451 ", Indicate that this is proved to be successful, then information authenticating apparatus will generate the successful message of certification., whereas if the second verification information It is not " 595451 ", then it represents that this authentication failed, then information authenticating apparatus can be used with the prompting message of feedback validation failure Family can input new verification information according to the prompting message again, until verifying number reaches pre-determined threshold, authentification of message dress It sets, authentification failure message can be generated.

Further, in the embodiment of the present invention, information authenticating apparatus can first pass through the reception of the second information input subpage frame Then first associated account number is switched to the second associated account number according to account switching command by account switching command, pass through the second letter Breath input subpage frame receives the second verification information, wherein the second verification information is to send out within a preset time to the second associated account number The information sent generates certification success message if the second verification information is consistent with the second default verification information, if second tests It demonstrate,proves information and the second default verification information is inconsistent, and verify number and have reached pre-determined threshold, then generate authentification failure message.It is logical Cross aforesaid way, provide it is a kind of verified using the information that associated account number is received, can effectively promote verifying can By property, to realize the process verified by all kinds of means.In addition, additionally providing a kind of verification mode of more equipment switchings, thus increase The practicability of scheme.

In order to make it easy to understand, being asked below in conjunction with Fig. 5, Fig. 6 and Fig. 7 to the concrete mode authenticated based on identifying code Refering to the interface schematic diagram that Fig. 5, Fig. 5 are based on verifying code authentication in the embodiment of the present invention, as shown, using trade company as certificate For quotient, specifically:

In step A1, user inputs the account registered in the stock trader and close after selecting stock trader on login page Code, for example, account can be " 10000118 ", password is " 123456 "；

In step A2, after account and password authentification success, equipment displayed page is jumped to, it on this page can be defeated The phone number of access customer or the email address of user can be in equipment displayed pages if the user has multiple accounts The module of upper selection " switching " thus jumps to the equipment switching page；

In step A3, user can choose in past used phone number and mailbox in the equipment switching page Location selects phone number or email address；

In step A4, determine that perhaps the phone number or email address will receive phone number after email address One corresponding identifying code, user input the identifying code oneself received on identifying code input page, if identifying code and default Identifying code is consistent, then it represents that is proved to be successful.If identifying code is different from default identifying code, then it represents that authentication failed.

Referring to Fig. 6, Fig. 6 is a flow diagram based on verifying code authentication in the embodiment of the present invention, as shown, By taking trade company is stock trader as an example, specifically:

In step B1, after the account and cipher authentication success of user's input, if authentication mode supports more equipment to cut It changes, then enters on equipment displayed page, wherein under normal conditions, an equipment can be associated at least one account.Conversely, If the account and cipher authentication failure of user's input, can show miscue；

In step B2, after the account and cipher authentication success of user's input, if user does not need switching equipment institute Corresponding phone number or email address, then directly carrying out verifying process；

In step B3, user can select phone number or email address in equipment displayed page, thus complete set more Standby account handover operation；

In step B4, user input account and cipher authentication success after, if necessary to select phone number or Email address, then entering step B5 after selection is completed；

In step B5, information authenticating apparatus sends identifying code request to stock trader's server, enters step B8；

In step B6, user can input the identifying code after receiving identifying code in input frame；

In step B7, stock trader's server notice application platform identifying code is sent successfully；

In step B8, stock trader's server is requested according to identifying code, generates identifying code, the reserved phone number of right rear line Or email address sends the identifying code, go to step B9；

In step B9, user inputs identifying code and sends secondary request to stock trader's server, after being verified, then prompts The information being proved to be successful, whereas if authentication failed, then prompt the information of authentication failed.

Referring to Fig. 7, Fig. 7 is a data flow time diagram based on verifying code authentication in the embodiment of the present invention, such as Shown in figure, by taking trade company is stock trader as an example, specifically:

In step 201, user initiates register to middle layer by UI layers；

In step 202, distribute logging request from middle layer to Business Logic；

In step 203, the login interface on stock trader backstage is requested from Business Logic to network layer；

In step 204, network layer requests login interface to stock trader's server, and stock trader's server responds login interface；

In step 205, network layer sends to Business Logic and carries out the login obtained after data parsing by parser Interface returns the result；

In step 206, login interface is sent to middle layer from Business Logic and is returned the result；

In step 207, if you do not need to carrying out double authentication, then it can directly determine to login successfully；

In step 208, thus enter transaction system；

In step 209, if necessary to carry out double authentication, then needs to return the result login interface and be converted to middle layer class The double authentication mode of type, i.e. " RetType ", the double authentication mode are used to control jumps to the specific type page of secondary verifying Face；

In step 210, it is assumed that use identifying code authentication mode, such as single device mobile phone authentication mode, the certification of equipment mobile phone Mode, single device mailbox authentication mode and more equipment mailbox authentication modes etc.；

In step 211, the corresponding UI page is shown according to specifically authentication mode, shows that identifying code is defeated on the UI page Enter frame；

In step 212, user inputs corresponding identifying code by identifying code input frame；

In step 213, verifying code check request is sent to Business Logic by middle layer；

In step 214, the secondary verification interface of stock trader is requested from Business Logic to network layer；

In step 215, network layer requests secondary verification interface to stock trader's server, by the secondary verification of stock trader's server feedback Interface；

In step 216, network layer sends secondary by obtaining after parser progress data parsing to Business Logic Verification interface；

In step 217, Business Logic sends the result that verification interface returns to middle layer；

In step 218, if re-authentication fails, 211 can be gone to step, allow user again by testing It demonstrate,proves code input frame and inputs corresponding identifying code；

In step 219, if re-authentication success, enters step 220；

In step 220, thus enter transaction system.

Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention The 6th alternative embodiment of method in, information to be certified is received by the information input page, may include:

By third information input subpage towards the first application program send checking request so that the first application program according to Checking request sends checking request to destination server；

Third verification information is received by the first application program, wherein third verification information is generated by destination server 's；

Authentification of message result is generated according to information to be certified, comprising:

If third verification information is preset verification information with third and matched, certification success message is generated；

If third verification information and third are preset verification information and mismatched, and verify number and have reached pre-determined threshold, then give birth to At authentification failure message.

In the present embodiment, a kind of method verified in single device using security personnel's encoder is described.Firstly, information is recognized Card device receives the authorization logging request of user's triggering by third information input subpage frame, enters the first application program at this time The license confirmation page.Wherein, the first application program specifically can be security personnel's encoder, which is usually by stock trader A APP provided.First application program can initiate polling request to destination server, which steps on for obtaining authorization Whether record result passes through.Destination server can send authorization to specified protector equipment and log in notice, and user opens first and answers With program and logins corresponding security personnel's encoder account and carry out authorization login or cancel to log in.Then pass through the first application program Authorization result is sent to destination server, the authorization login result that destination server receives the transmission of the first application program is raw later At third verification information.Wherein, third verification information may include Login Name (such as TENCENT123), the login that account is logined It approach (such as TENCENT) and wants seeking time (such as 11:49:34).

If third verification information is preset verification information with third and matched, illustrates to authenticate successfully, then can be generated Authenticate success message.If third verification information and third are preset verification information and mismatched, illustrates authentification failure, then may be used To generate authentification failure message.Indicate this authentication failed, then information authenticating apparatus can be disappeared with the prompt of feedback validation failure Breath, user can authenticate according to the prompting message, and until verifying number reaches pre-determined threshold, information authenticating apparatus can then be given birth to At authentification failure message.

When receive again the first application program transmission polling request after, can directly transmit authorization login result to First application program.

The basic function of security personnel's encoder is explained below.Encoder ensure public security with can assisting user security using specified net The service of going to bank.When user carries out the service of specified Web bank, system will require user to input security personnel's coding to authenticate. If the coding input is correct, the bank service instruction of user will be authenticated successfully.Under normal conditions, security personnel's encoder is double It is used under the premise of re-authentication, double authentication uses two kinds of identity authentication modes of different nature and logins account, is user Online transaction account bring additional guarantee.First re-authentication is input account Login Name and password, and the second re-authentication It is that requirement is logined by security personnel's encoder confirmation.Encoder of ensuring public security is the application program that double authentication service is released, and can be pacified On different flow devices, facilitate user that can quickly and safely login the online transaction account of user.

Multi-section flow device use security personnel's encoder can be registered by logining account most on the net for one.Every flow device can be set Fixed clear easily bright title, such as: Mary iPhone, Peter iPad.Security personnel's encoder in certain every flow device is answered Multiple and different trading accounts can also be bound simultaneously with program, each trading account can set specific title, for example, MyAccount, JointAccount, CompanyABC.

Further, in the embodiment of the present invention, information authenticating apparatus can be by third information input subpage towards first Application program sends checking request, so that the first application program sends checking request to destination server according to checking request, so Third verification information is received by the first application program afterwards.If third verification information is preset verification information with third and is matched, Generate certification success message, if third verification information and third are preset verification information and are mismatched, and verify number have reached it is pre- Gating limit, then generate authentification failure message.By the above-mentioned means, providing a kind of side verified using security personnel's encoder Formula can be generated checking request by security personnel's encoder and generate verification result, no longer be verified using single application platform, To effectively promote the reliability of verifying, the process verified by all kinds of means is realized, thus increase the practicability of scheme.

Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention The 7th alternative embodiment of method in, information to be certified is received by the information input page, may include:

Pass through the 4th information input subpage frame receiving device switching command；

Checking request is sent to the second application program according to equipment switching command, so that the second application program is asked according to verifying It asks to destination server and sends checking request；

The 4th verification information is received by the second application program, wherein the 4th verification information is generated by destination server 's；

If the 4th verification information is matched with the 4th default verification information, certification success message is generated；

If the 4th verification information is mismatched with the 4th default verification information, and is verified number and had reached pre-determined threshold, then give birth to At authentification failure message.

In the present embodiment, a kind of method verified in more equipment using security personnel's encoder is described.Firstly, information is recognized Card device receives user by the 4th information input subpage frame and triggers equipment switching command, wherein equipment switching command can be used for Switch different security personnel's encoder devices.For example, original security personnel's encoder device is " qqstocketest3p ", according to equipment " qqstocketest3p " is switched to " qqstocketest " by switching command, i.e., by corresponding to " qqstocketest3p " One application program is switched to the second application program corresponding to " qqstocketest ".

Then information authenticating apparatus sends authorization logging request to the second application program, enters the second application program at this time The license confirmation page.Wherein, the second application program specifically can be security personnel's encoder, which is usually by stock trader A APP provided.Second application program can initiate polling request to destination server, which steps on for obtaining authorization Whether record result passes through.Destination server can send authorization to specified protector equipment and log in notice, and user opens second and answers With program and logins corresponding security personnel's encoder account and carry out authorization login or cancel to log in.Then pass through the first application program Authorization result is sent to destination server, the authorization login result that destination server receives the transmission of the second application program is raw later At the 4th verification information.Wherein, the 4th verification information may include Login Name (such as TENCENT123), the login that account is logined It approach (such as TENCENT) and wants seeking time (such as 11:49:34).

If the 4th verification information is matched with the 4th default verification information, illustrates to authenticate successfully, then can be generated Authenticate success message.If the 4th verification information is mismatched with the 4th default verification information, illustrates authentification failure, then may be used To generate authentification failure message.Indicate this authentication failed, then information authenticating apparatus can be disappeared with the prompt of feedback validation failure Breath, user can authenticate according to the prompting message, and until verifying number reaches pre-determined threshold, information authenticating apparatus can then be given birth to At authentification failure message.

When receive again the second application program transmission polling request after, can directly transmit authorization login result to Second application program.

Further, in the embodiment of the present invention, information authenticating apparatus can be received by the 4th information input subpage frame and be set Then standby switching command sends checking request to the second application program according to equipment switching command, so that the second application program root Checking request is sent to destination server according to checking request, receives the 4th verification information finally by the second application program.If 4th verification information is matched with the 4th default verification information, then generates certification success message, if the 4th verification information and the 4th Default verification information mismatches, and verifies number and have reached pre-determined threshold, then generates authentification failure message.By the above-mentioned means, Provide it is a kind of by security personnel's encoder verified in the way of, can be generated by security personnel's encoder and checking request and generate verifying As a result, no longer being verified using single application platform, to effectively promote the reliability of verifying, realization is verified by all kinds of means Process, thus increase scheme practicability.In addition, additionally provide a kind of verification mode of more equipment switching, thus increase side The practicability of case.

In order to make it easy to understand, below in conjunction with Fig. 8, Fig. 9 and Figure 10 to the specific side authenticated based on security personnel's encoder Formula, referring to Fig. 8, Fig. 8 is an interface schematic diagram based on security personnel's encoder certification in the embodiment of the present invention, as shown, By taking trade company is stock trader as an example, specifically:

In step C1, user initially enters the login page of some stock trader, on this page show have account input frame and Password Input frame, if the user is " testaccount3p " in the account of this stock trader, password is " pass11111111 ".

In step C2, if account and cryptographic check success, user can choose whether to need switching equipment, if desired Switching equipment then shows the option of selection " switching " on the page in security personnel's encoder device, compiles to ensure public security shown in step C3 Code device equipment switches the page；

In step C3, the to be switched flow device of user can choose in security personnel's encoder device switching page, wherein Flow device can consider a mancarried device, and flow device " qqstocktest3p " can be switched to by user "qqstocktest"；

In step C4, triggering sends logging request after having selected flow device, then jumps to waiting authorization and logs in The page, on this page display etc. it is to be confirmed logins requirements, login require notice be sent to user select flow device it Before, it needs to first pass through security personnel's encoder applies program in flow device and confirms；

In step C5, what needs to be explained here is that, jump to wait authorization login page before, information authenticating apparatus to Stock trader's server initiates polling request, feeds back Authorization result from stock trader's server to information authenticating apparatus；

In step C6, before stock trader's server feeds back Authorization result to information authenticating apparatus, need to security personnel's encoder It sends authorization and logs in notice, security personnel's encoder logs in the account that notice login user is logined according to authorization.

Referring to Fig. 9, Fig. 9 is a flow diagram based on security personnel's encoder certification in the embodiment of the present invention, such as scheme It is shown, by taking trade company is stock trader as an example, specifically:

In step D1, after user inputs account and password by application platform, if account and password mismatch, say Bright authentification failure can prompt the information of authentication failed herein., whereas if account and password match, then illustrate to authenticate successfully, this When user can choose that single device logs in or more equipment log in, if certification mode supports the switching of more equipment, enter security personnel Encoder shows the page；

In step D2, if certification mode supports single device, authorization logging request can be sent；

In step D3, after having selected security personnel's encoder device, authorization logging request can also be sent；

In step D4, security personnel's encoder license confirmation loading page is entered at this time；

In step D5, after corresponding security personnel's encoder device has been selected in user, clicks and sends authorization logging request, Authorization logging request is sent on stock trader's server；

In step D6, stock trader's server sends the notice that authorization logs in toward specified security personnel's encoder；

In step D7, security personnel's encoder sends Authorization result and gives stock trader's server, and stock trader's server receives security personnel's coding After the authorization login result that device is sent, registration confirmed validity period；

In step D8, stock trader's server receives polling request；

In step D9, stock trader's server sends authorization login result to information authenticating apparatus according to polling request；

In step D10, user shows that selection needs the security personnel's encoder device switched on the page in protector equipment；

In step D11, success is authenticated if authorization login result passes through, otherwise authentification failure；

In step D12, user, which opens security personnel's encoder and logins corresponding protector account, carries out authorization login or cancellation.

Referring to Fig. 10, Figure 10 is the data flow timing signal based on security personnel's encoder certification in the embodiment of the present invention Figure, as shown, by taking trade company is stock trader as an example, specifically:

In step 301, user initiates register to middle layer by UI layers；

In step 302, distribute logging request from middle layer to Business Logic；

In step 303, the login interface on stock trader backstage is requested from Business Logic to network layer；

In step 304, network layer requests login interface to stock trader's server, and stock trader's server responds login interface；

In step 305, network layer sends to Business Logic and carries out the login obtained after data parsing by parser Interface returns the result；

In step 306, login interface is sent to middle layer from Business Logic and is returned the result；

In step 307, if you do not need to carrying out double authentication, then it can directly determine to login successfully；

In step 308, thus enter transaction system；

In step 309, if necessary to carry out double authentication, then needs to return the result login interface and be converted to middle layer class The double authentication mode of type, i.e. " RetType ", the double authentication mode are used to control jumps to the specific type page of secondary verifying Face；

In step 310, it is assumed that using security personnel's encoder authentication mode；

In step 311, the corresponding UI page is shown according to specifically authentication mode, security personnel's coding is shown on the UI page Device authenticates the page；

In step 312, middle layer is jumped to by UI layers and is authorized；

In step 313, authorization requests are initiated from middle layer to Business Logic poll security personnel's encoder；

In step 314, the secondary verification interface of stock trader is requested from Business Logic to network layer；

In step 315, network layer requests secondary verification interface to stock trader's server, by the secondary verification of stock trader's server feedback Interface；

In step 316, network layer sends secondary by obtaining after parser progress data parsing to Business Logic Verification interface；

In step 317, Business Logic sends the result that verification interface returns to middle layer；

In step 318, if security personnel's encoder refusal authorization, can show security personnel's encoder authentication interface again；

In step 319, if security personnel's encoder authenticates successfully, 320 are entered step；

In step 320, thus enter transaction system.

Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention The 8th alternative embodiment of method in, information to be certified is received by the information input page, may include:

The 5th verification information is received by the 5th information input subpage frame, wherein the 5th verification information is that user sets in advance It sets for carrying out matched information；

If the 5th verification information matches with the 5th default verification information, certification success message is generated；

If the 5th verification information is mismatched with the 5th default verification information, and is verified number and had reached pre-determined threshold, then give birth to At authentification failure message.

In the present embodiment, a kind of method verified using fixed password is described.User can preset at least Answer corresponding to one problem and each problem.When certification, information authenticating apparatus can be defeated by the 5th information Enter subpage frame and show the information for needing user to input, user can input the 5th verification information according to prompt.If user inputs The 5th verification information and the 5th default verification information be matched, then will to generate certification successful for the information authenticating apparatus Prompting message., whereas if the 5th verification information of user's input is mismatched with the 5th default verification information, and user inputs Verifying number be also up to pre-determined threshold, then information authenticating apparatus will generate the prompting message of authentification failure.

Specifically, the 5th verification information is usually answer corresponding to some problems, for example, problem 1 is that " company sets up Date ", the correct option of problem 1 are " 19860922 ", then the 5th default verification information is " 19860922 ", if the 5th Verification information is also " 19860922 ", then indicating to be proved to be successful.

It is understood that can also have following common problem in addition to the above problem:

For example, problem 2 is " birthday that may I ask you ", the answer of problem 2 is " 19910551 ".

For example, problem 3 is " your work number is how many ", the answer of problem 3 is " 20141105956 ".

For example, problem 4 is " your student number is how many ", the answer of problem 4 is " 20111685687 ".

In addition, the 5th default verification information can also be other match informations that user pre-sets, for example, setting in advance Set one group of data " 123456789 ", the 5th default verification information will carry out with the 5th verification information of the subsequent input of user Match.

Further, in the embodiment of the present invention, information authenticating apparatus can also be received by the 5th information input subpage frame 5th verification information, wherein the 5th verification information is that user presets for carrying out matched information, if the 5th verifying letter Breath matches with the 5th default verification information, then certification success message can be generated in information authenticating apparatus., whereas if the 5th Verification information is mismatched with the 5th default verification information, and is verified number and had reached pre-determined threshold, then information authenticating apparatus is raw At authentification failure message.By the above-mentioned means, being authenticated using fixed password, identifying code on the one hand can be withouted waiting for The time being issued in equipment is directly authenticated according to customized answer, thus the practicability of lifting scheme.It is another Aspect has stronger reliability using fixed password certification, prevent non-user because getting identifying code unintentionally and The case where logon account, thus the feasibility of lifting scheme.

Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention The 9th alternative embodiment of method in, information to be certified is received by the information input page, may include:

The 6th verification information is received by the 6th information input subpage frame, wherein the 6th verification information is associated application journey The random information that sequence generates within the object time；

If the 6th verification information is consistent with the 6th default verification information, certification success message is generated；

If the 6th verification information and the 6th default verification information are inconsistent, and verify number and have reached pre-determined threshold, then give birth to At authentification failure message.

In the present embodiment, information authenticating apparatus can also receive the 6th of user's input by the 6th information input subpage frame Verification information, wherein the 6th verification information is generated at random within the object time by affiliate application.Associated application journey Sequence can be the application program of a installation on the terminal device, can be activated, make after user inputs account and password As soon as obtaining affiliate application at interval of a random cipher is just automatically generated for a period of time, for example, automatically generating at interval of 10 seconds The password of one six digit.User inputs this six digits password, i.e. the 6th verification information in information input frame.

Judge whether the 6th verification information of user's input and the 6th default verification information are consistent by information authenticating apparatus, such as Fruit is consistent, illustrates to authenticate successfully, that is, produces certification success message., whereas if the 6th verification information and the of user's input Six default verification informations are inconsistent, illustrate authentification failure, then in the case where pre-determined threshold has not been reached yet in verifying number, user It can continue to input next verification information, still, if verifying number has reached and presets bored, directly generate certification and lose The message lost.

It should be noted that the 5th verification information can be fixed password, the 6th verification information can be random cipher, the Five verification informations and the 6th verification information input token, and token is a string of character strings that server generates, and can be used as visitor The mark that family end makes requests.After user logs in for the first time, server generates a token and returns to this token To client, later client need to only take this token and come request data, no longer need to time to take user name and close Code.Wherein, when the composition of token may include the unique identity of user (user identification, uid), be current Between timestamp (time) and signature (sign), the 16 of the certain length that former positions of token are compressed into hash algorithm System character string can prevent token from revealing.

Further, it is also possible to media access control (Media Access Control, MAC) address conduct of user equipment token.Client obtains the address mac of equipment when logging in, and is transmitted to after server-side receives the parameter as parameter, Just it is received with a variable, while being stored in database as token, and the token is arranged to session (session) in.Client will be unified to intercept when request every time, the token and server end that client is transmitted Token in session is compared, identical, is logined successfully, different then refuse.

This mode client and server-side have unified unique mark, and guarantee that each equipment possesses unique mark Know.Advantage is client without logging in again, as long as can be used always after logging in once, for overtime problem by servicing End is handled.

Further, it is also possible to use session identification (sessionid) as token.Client carries username and password and logs in, Server is verified after receiving username and password, and verification is by just returning the sessionid locally obtained as token Back to client, the data of request need to be only taken after client.

The advantages of this mode is conveniently, not have to storing data.Certainly, application higher for some confidentiality, can adopt The mode for taking two ways to combine, is used as token to authenticate device mac address and user name password simultaneously.

Further, in the embodiment of the present invention, information authenticating apparatus can also be received by the 6th information input subpage frame 6th verification information, wherein the 6th verification information is the random information that affiliate application generates within the object time, if the Six verification informations are consistent with the 6th default verification information, then information authenticating apparatus generates certification success message.If instead the Six verification informations and the 6th default verification information are inconsistent, and verify number and have reached pre-determined threshold, then information authenticating apparatus Generate authentification failure message.By the above-mentioned means, user can also carry out authentication by the way of random cipher.With secret Code often can be by installing other applications generation on the terminal device, and can just generate one at interval of a period of time In this case a different random cipher can effectively promote the reliability and safety of certification by the randomness of password.

In order to make it easy to understand, being asked below in conjunction with Figure 11, Figure 12 and Figure 13 to the concrete mode authenticated based on token 1, Figure 11 is an interface schematic diagram based on token authentication in the embodiment of the present invention refering to fig. 1, as shown, using trade company as certificate For quotient, specifically:

In step E1, user inputs the account registered in the stock trader and close after selecting stock trader on login page Code, for example, account can be " testaccount4 ", password is " pass12345678 "；

In step E2, after account and password authentification success, identifying code input page is jumped to, user can test at this It demonstrate,proves and inputs random cipher or fixed password on code input page.By taking fixed password as an example, if password prompt is the " date of birth Or company's Date of Incorporation (for example corporate client) everyday/month in and month out/every year ", user can input one six according to the prompt The password of digit, such as 18061999.If password to be verified is consistent with preset password, then it represents that be proved to be successful.If to The password of verifying is different from default preset password, then it represents that authentication failed.

Figure 12 is please referred to, Figure 12 is a flow diagram based on token authentication in the embodiment of the present invention, as shown, By taking trade company is stock trader as an example, specifically:

In step F1, user enters application platform and selects corresponding stock trader, then input account corresponding to the stock trader and Password then enters token input page after the account and cipher authentication success of user's input.Conversely, then entering step F2；

In step F2, if the account of user's input and cipher authentication failure, can show miscue；

In step F3, user inputs random cipher or oneself pre-set fixed password on token input page, Following information authenticating apparatus sends double authentication request to stock trader's server；

In step F4, information authenticating apparatus is according to the message of stock trader's server feedback, and prompt is proved to be successful on the page Message, or on the page prompt authentication failed message；

In step F5, identifying code is verified according to double authentication request by stock trader's server, if it succeeds, to letter The successful message of authentication device feedback validation is ceased, whereas if authentication failed disappearing to the failure of information authenticating apparatus feedback validation Breath.

Figure 13 is please referred to, Figure 13 is a data flow time diagram based on token authentication in the embodiment of the present invention, such as Shown in figure, by taking trade company is stock trader as an example, specifically:

In step 401, user initiates register to middle layer by UI layers；

In step 402, distribute logging request from middle layer to Business Logic；

In step 403, the login interface on stock trader backstage is requested from Business Logic to network layer；

In step 404, network layer requests login interface to stock trader's server, and stock trader's server responds login interface；

In step 405, network layer sends to Business Logic and carries out the login obtained after data parsing by parser Interface returns the result；

In step 406, login interface is sent to middle layer from Business Logic and is returned the result；

In step 407, if you do not need to carrying out double authentication, then it can directly determine to login successfully；

In step 408, thus enter transaction system；

In step 409, if necessary to carry out double authentication, then needs to return the result login interface and be converted to middle layer class The double authentication mode of type, i.e. " RetType ", the double authentication mode are used to control jumps to the specific type page of secondary verifying Face；

In step 410, it is assumed that use token authentication mode, that is, verifying random cipher or fixed password；

In step 411, the UI layers of page that can be shown with presentation device, if it is random cipher verifying if can permit into The switching of row equipment, for example phone number B is switched to from phone number A；

In step 412, request for UI layers to send identifying code to specified phone number to middle layer, certainly, in practical application In, identifying code can also be sent to specified mailbox or other equipment；

In step 413, middle layer sends successfully notice to UI layers of feedback validation code；

In step 414, the dialog box of input identifying code is shown at UI layers；

In step 415, user is inputted after identifying code, sends identifying code from UI layers to middle layer；

In step 416, the checking request of double authentication is sent from middle layer to Business Logic；

In step 417, the secondary verification interface of stock trader is requested from Business Logic to network layer；

In step 418, network layer requests secondary verification interface to stock trader's server, by the secondary verification of stock trader's server feedback Interface；

In step 419, network layer sends secondary by obtaining after parser progress data parsing to Business Logic Verification interface；

In step 420, Business Logic sends the result that verification interface returns to middle layer；

In step 421, if re-authentication fails, user can input corresponding again by identifying code input frame Identifying code；

In step 422, if re-authentication success, enters step 423；

In step 423, into transaction system.

The information authenticating apparatus in the present invention is described in detail below, please refers to Figure 14, Figure 14 is that the present invention is implemented Information authenticating apparatus one embodiment schematic diagram in example, information authenticating apparatus 50 include:

Module 501 is obtained, for obtaining platform authentication request, wherein carry destination service in the platform authentication request The mark of destination server corresponding to device；

Determining module 502, the target in platform authentication request for being obtained according to the acquisition module 501 Server identification determines target authentication mode, wherein the target authentication mode and server identification set have matching relationship, The server identification set includes at least one server identification, and the destination server mark belongs to the server identification One in set；

The acquisition module 501 is also used to wait for by the target authentication pattern acquiring that the determining module 502 determines Authentication information；

Generation module 503, the information to be certified for being obtained according to the acquisition module 501 generate authentification of message knot Fruit.

It in the present embodiment, obtains module 501 and obtains platform authentication request, wherein carry mesh in the platform authentication request The mark of destination server corresponding to server is marked, determining module 502 is recognized according to the platform that the acquisition module 501 obtains The destination server in card request, which identifies, determines target authentication mode, wherein the target authentication mode and server mark Knowing set has matching relationship, and the server identification set includes at least one server identification, the destination server mark Knowledge belongs in the server identification set one, the mesh for obtaining module 501 and being determined by the determining module 502 It marks certification mode and obtains information to be certified, generation module 503 is raw according to the information to be certified that the acquisition module 501 obtains At authentification of message result.

In the embodiment of the present invention, a kind of information authenticating apparatus is provided, the information authenticating apparatus obtains platform first first Certification request, wherein the mark of destination server corresponding to destination server is carried in platform authentication request, then according to platform Destination server in certification request, which identifies, determines target authentication mode, wherein target authentication mode and server identification set With matching relationship, server identification set includes at least one server identification, and destination server mark belongs to server mark One is known in set.Then by information authenticating apparatus by target authentication pattern acquiring information to be certified, finally, authentification of message fills It sets and authentification of message result is generated according to information to be certified.By the above-mentioned means, in the same server identification set For each server identification, using same set of target authentication mode, and each server identification corresponds to a trade company, therefore, Multiple trade companies can be multiplexed same set of target authentication mode and authenticate to user, to reduce the development cost of business platform.

Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14, Figure 15 is please referred to, it is provided in an embodiment of the present invention In another embodiment of information authenticating apparatus 50, the information authenticating apparatus 50 further include receiving module 504, sending module 505, Execution module 506 and cue module 507；

The receiving module 504 receives authentication after obtaining platform authentication request for the acquisition module 501 Information, wherein the authentication information includes applying account and password；

The sending module 505, for sending the received identity of receiving module 504 to the destination server Authentication information so that the destination server verifies the authentication information, and generates authentication result；

The execution module 506, if for the sending module 505 send the authentication result be verifying at Function then executes the destination server according in platform authentication request and identifies the step for determining target authentication mode Suddenly；

The cue module 507, if being that verifying is lost for the authentication result that the sending module 505 is sent It loses, then shows the prompting message of authentication failed.

Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14, authentification of message dress provided in an embodiment of the present invention It sets in 50 another embodiment,

The determining module 502, it is true specifically for being identified according to the destination server in platform authentication request Determine authentication mode, wherein the authentication mode is for controlling jumping for the page；

It is identified according to the destination server in platform authentication request and determines certification page information, wherein is described Certification page information is for showing and the associated page info of the authentication mode；

It is identified according to the destination server in platform authentication request and determines authenticating device information, wherein is described Authenticating device information is used to indicate the information of equipment to be certified.

Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention In another embodiment of authentication device 50,

The acquisition module 501 is specifically used for according to the target authentication schema creation information input page, wherein institute Stating the information input page includes at least one information input subpage frame；

The information to be certified is received by the information input page.

The acquisition module 501 is specifically used for inputting subpage frame the first verification information of reception by the first information, wherein First verification information is the information sent within a preset time to the first associated account number；

The generation module 503, if first verification information and first obtained specifically for the acquisition module 501 Default verification information is consistent, then generates certification success message；

If first verification information for obtaining the acquisition of module 501 and the described first default verification information are inconsistent, And verifying number has reached pre-determined threshold, then generates authentification failure message.

The acquisition module 501 is specifically used for receiving account switching command by the second information input subpage frame；

The first associated account number is switched to the second associated account number according to the account switching command；

Receive the second verification information, wherein second verification information is within a preset time to the second association account Number send information；

The generation module 503, if specifically for second verification information that receives of acquisition module 501 and the Two default verification informations are consistent, then generate certification success message；

If second verification information and the described second default verification information that the acquisition module 501 receives are different It causes, and verifies number and have reached pre-determined threshold, then generate authentification failure message.

The acquisition module 501 is specifically used for sending by third information input subpage towards the first application program and verify Request, so that first application program sends the checking request to the destination server according to the checking request；

Third verification information is received by first application program, wherein the third verification information is by the mesh Mark what server generated；

The generation module 503, if being specifically used for the received third verification information of the acquisition module 501 and third Default verification information matching, then generate certification success message；

If the received third verification information of acquisition module 501 and the third are preset verification information and are mismatched, And verifying number has reached pre-determined threshold, then generates authentification failure message.

The acquisition module 501 is specifically used for passing through the 4th information input subpage frame receiving device switching command；

Checking request is sent to the second application program according to the equipment switching command, so that the second application program root The checking request is sent to the destination server according to the checking request；

The 4th verification information is received by second application program, wherein the 4th verification information is by the mesh Mark what server generated；

The generation module 503, if being specifically used for received 4th verification information of the acquisition module 501 and the 4th Default verification information matching, then generate certification success message；

If received 4th verification information of acquisition module 501 is mismatched with the described 4th default verification information, And verifying number has reached pre-determined threshold, then generates authentification failure message.

The acquisition module 501 is specifically used for receiving the 5th verification information by the 5th information input subpage frame, wherein 5th verification information is that user presets for carrying out matched information；

The generation module 503, if being specifically used for received 5th verification information of the acquisition module 501 and the 5th Default verification information matches, then generates certification success message；

If received 5th verification information of acquisition module 501 is mismatched with the 5th default verification information, and is tested Card number has reached pre-determined threshold, then generates authentification failure message.

The acquisition module 501 is specifically used for receiving the 6th verification information by the 6th information input subpage frame, wherein 6th verification information is the random information that affiliate application generates within the object time；

The generation module 503, if being specifically used for received 6th verification information of the acquisition module 501 and the 6th Default verification information is consistent, then generates certification success message；

If received 6th verification information of acquisition module 501 and the 6th default verification information are inconsistent, And verifying number has reached pre-determined threshold, then generates authentification failure message.

The embodiment of the invention also provides another information authenticating apparatus, as shown in figure 16, for ease of description, only show Part related to the embodiment of the present invention, it is disclosed by specific technical details, please refer to present invention method part.It should Information authenticating apparatus can be include mobile phone, tablet computer, personal digital assistant (personal digital assistant, PDA), any terminal device such as point-of-sale terminal (point of sales, POS), vehicle-mounted computer, using information authenticating apparatus as mobile phone For:

Figure 16 shows the block diagram of the part-structure of mobile phone relevant to terminal provided in an embodiment of the present invention.With reference to figure 16, mobile phone includes: radio frequency (radio frequency, RF) circuit 610, memory 620, input unit 630, display unit 640, sensor 650, voicefrequency circuit 660, Wireless Fidelity (wireless fidelity, WiFi) module 670, processor 680, And the equal components of power supply 690.It will be understood by those skilled in the art that handset structure shown in Figure 16 is not constituted to mobile phone It limits, may include perhaps combining certain components or different component layouts than illustrating more or fewer components.

It is specifically introduced below with reference to each component parts of the Figure 16 to mobile phone:

RF circuit 610 can be used for receiving and sending messages or communication process in, signal sends and receivees, particularly, by base station After downlink information receives, handled to processor 680；In addition, the data for designing uplink are sent to base station.In general, RF circuit 610 Including but not limited to antenna, at least one amplifier, transceiver, coupler, low-noise amplifier (low noise Amplifier, LNA), duplexer etc..In addition, RF circuit 610 can also be communicated with network and other equipment by wireless communication. Any communication standard or agreement, including but not limited to global system for mobile communications (global can be used in above-mentioned wireless communication System of mobile communication, GSM), general packet radio service (general packet radio Service, GPRS), CDMA (code division multiple access, CDMA), wideband code division multiple access (wideband code division multiple access, WCDMA), long term evolution (long term evolution, LTE), Email, short message service (short messaging service, SMS) etc..

Memory 620 can be used for storing software program and module, and processor 680 is stored in memory 620 by operation Software program and module, thereby executing the various function application and data processing of mobile phone.Memory 620 can mainly include Storing program area and storage data area, wherein storing program area can application journey needed for storage program area, at least one function Sequence (such as sound-playing function, image player function etc.) etc.；Storage data area can be stored to be created according to using for mobile phone Data (such as audio data, phone directory etc.) etc..It, can be in addition, memory 620 may include high-speed random access memory Including nonvolatile memory, for example, at least a disk memory, flush memory device or other volatile solid-states Part.

Input unit 630 can be used for receiving the number or character information of input, and generate with the user setting of mobile phone with And the related key signals input of function control.Specifically, input unit 630 may include that touch panel 631 and other inputs are set Standby 632.Touch panel 631, also referred to as touch screen, collect user on it or nearby touch operation (such as user use The operation of any suitable object or attachment such as finger, stylus on touch panel 631 or near touch panel 631), and root Corresponding attachment device is driven according to preset formula.Optionally, touch panel 631 may include touch detecting apparatus and touch Two parts of controller.Wherein, the touch orientation of touch detecting apparatus detection user, and touch operation bring signal is detected, Transmit a signal to touch controller；Touch controller receives touch information from touch detecting apparatus, and is converted into touching Point coordinate, then gives processor 680, and can receive order that processor 680 is sent and be executed.Furthermore, it is possible to using electricity The multiple types such as resistive, condenser type, infrared ray and surface acoustic wave realize touch panel 631.In addition to touch panel 631, input Unit 630 can also include other input equipments 632.Specifically, other input equipments 632 can include but is not limited to secondary or physical bond One of disk, function key (such as volume control button, switch key etc.), trace ball, mouse, operating stick etc. are a variety of.

Display unit 640 can be used for showing information input by user or be supplied to user information and mobile phone it is various Menu.Display unit 640 may include display panel 641, optionally, can use liquid crystal display (liquid crystal Display, LCD), the forms such as Organic Light Emitting Diode (organic light-emitting diode, OLED) it is aobvious to configure Show panel 641.Further, touch panel 631 can cover display panel 641, when touch panel 631 detect it is on it or attached After close touch operation, processor 680 is sent to determine the type of touch event, is followed by subsequent processing device 680 according to touch event Type corresponding visual output is provided on display panel 641.Although in Figure 16, touch panel 631 and display panel 641 It is that the input and input function of mobile phone are realized as two independent components, but in some embodiments it is possible to by touch-control Panel 631 and display panel 641 are integrated and that realizes mobile phone output and input function.

Mobile phone may also include at least one sensor 650, such as optical sensor, motion sensor and other sensors. Specifically, optical sensor may include ambient light sensor and proximity sensor, wherein ambient light sensor can be according to ambient light Light and shade adjust the brightness of display panel 641, proximity sensor can close display panel 641 when mobile phone is moved in one's ear And/or backlight.As a kind of motion sensor, accelerometer sensor can detect (generally three axis) acceleration in all directions Size, can detect that size and the direction of gravity when static, can be used to identify the application of mobile phone posture, (for example horizontal/vertical screen is cut Change, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.；May be used also as mobile phone The other sensors such as gyroscope, barometer, hygrometer, thermometer, the infrared sensor of configuration, details are not described herein.

Voicefrequency circuit 660, loudspeaker 661, microphone 662 can provide the audio interface between user and mobile phone.Audio-frequency electric Electric signal after the audio data received conversion can be transferred to loudspeaker 661, be converted to sound by loudspeaker 661 by road 660 Signal output；On the other hand, the voice signal of collection is converted to electric signal by microphone 662, is turned after being received by voicefrequency circuit 660 It is changed to audio data, then by after the processing of audio data output processor 680, such as another mobile phone is sent to through RF circuit 610, Or audio data is exported to memory 620 to be further processed.

WiFi belongs to short range wireless transmission technology, and mobile phone can help user's transceiver electronics postal by WiFi module 670 Part, browsing webpage and access streaming video etc., it provides wireless broadband internet access for user.Although Figure 16 is shown WiFi module 670, but it is understood that, and it is not belonging to must be configured into for mobile phone, it can according to need do not changing completely Become in the range of the essence of invention and omits.

Processor 680 is the control centre of mobile phone, using the various pieces of various interfaces and connection whole mobile phone, is led to It crosses operation or executes the software program and/or module being stored in memory 620, and call and be stored in memory 620 Data execute the various functions and processing data of mobile phone, to carry out integral monitoring to mobile phone.Optionally, processor 680 can wrap Include one or more processing units；Optionally, processor 680 can integrate application processor and modem processor, wherein answer With the main processing operation system of processor, user interface and application program etc., modem processor mainly handles wireless communication. It is understood that above-mentioned modem processor can not also be integrated into processor 680.

Mobile phone further includes the power supply 690 (such as battery) powered to all parts, and optionally, power supply can pass through power supply pipe Reason system and processor 680 are logically contiguous, to realize management charging, electric discharge and power managed by power-supply management system Etc. functions.

Although being not shown, mobile phone can also include camera, bluetooth module etc., and details are not described herein.

In embodiments of the present invention, processor 680 included by the terminal is also with the following functions:

Optionally, processor 680 is also used to execute following steps:

Receive authentication information, wherein the authentication information includes applying account and password；

The authentication information is sent to the destination server, so that the destination server is to the authentication Information is verified, and generates authentication result；

If the authentication result is to be proved to be successful, the mesh according in platform authentication request is executed The step of mark server identification determines target authentication mode；

If the authentication result is authentication failed, the prompting message of authentication failed is shown.

Optionally, processor 680 is specifically used for executing following steps:

It is identified according to the destination server in platform authentication request and determines authentication mode, wherein the certification Mode is for controlling jumping for the page；

Optionally, processor 680 is specifically used for executing following steps:

According to the target authentication schema creation information input page, wherein the information input page includes at least one A information input subpage frame；

The information to be certified is received by the information input page.

Optionally, processor 680 is specifically used for executing following steps:

Subpage frame is inputted by the first information and receives the first verification information, wherein first verification information is default The information sent in time to the first associated account number；

If first verification information is consistent with the first default verification information, certification success message is generated；

If first verification information and the described first default verification information are inconsistent, and verify number and have reached pre- gating Limit, then generate authentification failure message.

Optionally, processor 680 is specifically used for executing following steps:

If second verification information is consistent with the second default verification information, certification success message is generated；

If second verification information and the described second default verification information are inconsistent, and verify number and have reached pre- gating Limit, then generate authentification failure message.

Optionally, processor 680 is specifically used for executing following steps:

Checking request is sent towards the first application program by third information input subpage, so that first application program The checking request is sent to the destination server according to the checking request；

If the third verification information is preset verification information with third and matched, certification success message is generated；

If the third verification information and the third are preset verification information and are mismatched, and verify number and have reached pre- gating Limit, then generate authentification failure message.

Optionally, processor 680 is specifically used for executing following steps:

If the 4th verification information is mismatched with the described 4th default verification information, and is verified number and had reached pre- gating Limit, then generate authentification failure message.

Optionally, processor 680 is specifically used for executing following steps:

The 5th verification information is received by the 5th information input subpage frame, wherein the 5th verification information is that user is pre- First it is arranged for carrying out matched information；

If the 5th verification information is mismatched with the 5th default verification information, and is verified number and is had reached pre-determined threshold, Then generate authentification failure message.

Optionally, processor 680 is specifically used for executing following steps:

The 6th verification information is received by the 6th information input subpage frame, wherein the 6th verification information is that association is answered The random information generated within the object time with program；

If the 6th verification information and the 6th default verification information are inconsistent, and verify number and have reached pre- gating Limit, then generate authentification failure message.

It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.

In several embodiments provided by the present invention, it should be understood that disclosed system, device and method can be with It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, for example, the unit It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit It closes or communicates to connect, can be electrical property, mechanical or other forms.

The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.

It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of software functional units.

If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product When, it can store in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words It embodies, which is stored in a storage medium, including some instructions are used so that a computer Equipment (can be personal computer, server or the network equipment etc.) executes the complete of each embodiment the method for the present invention Portion or part steps.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic or disk etc. are various can store program The medium of code.

The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations；Although referring to before Stating embodiment, invention is explained in detail, those skilled in the art should understand that: it still can be to preceding Technical solution documented by each embodiment is stated to modify or equivalent replacement of some of the technical features；And these It modifies or replaces, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.

Claims

1. a kind of method of authentification of message characterized by comprising

Obtain platform authentication request, wherein carry destination server corresponding to destination server in the platform authentication request Mark；

It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein the target Certification mode and server identification set have matching relationship, and the server identification set includes at least one server mark Know, the destination server mark belongs in the server identification set one；

2. the method according to claim 1, wherein the method is also after acquisition platform authentication request Include:

The authentication information is sent to the destination server, so that the destination server is to the authentication information It is verified, and generates authentication result；

If the authentication result is to be proved to be successful, executes the target according in platform authentication request and take The step of device mark of being engaged in determines target authentication mode；

3. the method according to claim 1, wherein the target according in platform authentication request Server identification determines target authentication mode, comprising:

It is identified according to the destination server in platform authentication request and determines authentication mode, wherein the authentication mode For controlling jumping for the page；

It is identified according to the destination server in platform authentication request and determines certification page information, wherein the certification Page info is for showing and the associated page info of the authentication mode；

It is identified according to the destination server in platform authentication request and determines authenticating device information, wherein the certification Facility information is used to indicate the information of equipment to be certified.

4. according to the method in any one of claims 1 to 3, which is characterized in that described to pass through the target authentication mode Obtain information to be certified, comprising:

According to the target authentication schema creation information input page；

The information to be certified is received by the information input page.

5. according to the method described in claim 4, it is characterized in that, the information input page includes at least one information input Subpage frame；

It is described that the information to be certified is received by the information input page, comprising:

Subpage frame is inputted by the first information and receives the first verification information, wherein first verification information is in preset time The information that introversive first associated account number is sent；

It is described that authentification of message result is generated according to the information to be certified, comprising:

If first verification information and the described first default verification information are inconsistent, and verify number and have reached pre-determined threshold, Then generate authentification failure message.

6. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception Demonstrate,prove information, comprising:

Receive the second verification information, wherein second verification information is to send out within a preset time to second associated account number The information sent；

If second verification information and the described second default verification information are inconsistent, and verify number and have reached pre-determined threshold, Then generate authentification failure message.

7. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception Demonstrate,prove information, comprising:

By third information input subpage towards the first application program send checking request so that first application program according to The checking request sends the checking request to the destination server；

Third verification information is received by first application program, wherein the third verification information is taken by the target It is engaged in what device generated；

If the third verification information and the third are preset verification information and mismatched, and verify number and have reached pre-determined threshold, Then generate authentification failure message.

8. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception Demonstrate,prove information, comprising:

Checking request is sent to the second application program according to the equipment switching command, so that second application program is according to institute It states checking request and sends the checking request to the destination server；

The 4th verification information is received by second application program, wherein the 4th verification information is taken by the target It is engaged in what device generated；

If the 4th verification information is mismatched with the described 4th default verification information, and is verified number and is had reached pre-determined threshold, Then generate authentification failure message.

9. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception Demonstrate,prove information, comprising:

10. according to the method described in claim 5, it is characterized in that, it is described by the information input page receive it is described to Authentication information, comprising:

If the 6th verification information and the 6th default verification information are inconsistent, and verify number and have reached pre-determined threshold, Then generate authentification failure message.

11. a kind of information authenticating apparatus characterized by comprising

Module is obtained, for obtaining platform authentication request, wherein carry corresponding to destination server in the platform authentication request Destination server mark；

Determining module, the destination server in platform authentication request for being obtained according to the acquisition module identify Determine target authentication mode, wherein the target authentication mode and server identification set have matching relationship, the server Logo collection includes at least one server identification, and the destination server mark belongs to one in the server identification set It is a；

The acquisition module is also used to the target authentication pattern acquiring information to be certified determined by the determining module；

12. information authenticating apparatus according to claim 11, which is characterized in that the information authenticating apparatus further includes receiving Module, sending module, execution module and cue module；

The receiving module receives authentication information after obtaining platform authentication request for the acquisition module, wherein The authentication information includes applying account and password；

The sending module, for sending the received authentication information of receiving module to the destination server, So that the destination server verifies the authentication information, and generate authentication result；

The execution module executes institute if being to be proved to be successful for the authentication result that the sending module is sent It states and the step of determining target authentication mode is identified according to the destination server in platform authentication request；

The cue module, if being authentication failed for the authentication result that the sending module is sent, display is tested Demonstrate,prove the prompting message of failure.

13. a kind of information authenticating apparatus characterized by comprising memory, processor and bus system；

Wherein, the memory is for storing program；

The bus system is for connecting the memory and the processor, so that the memory and the processor It is communicated.

14. information authenticating apparatus according to claim 13, which is characterized in that the processor is also used to execute following step It is rapid:

15. a kind of computer readable storage medium, including instruction, when run on a computer, so that computer executes such as Method described in any one of claims 1 to 10.