CN110399713A - A kind of method and relevant apparatus of authentification of message - Google Patents
A kind of method and relevant apparatus of authentification of message Download PDFInfo
- Publication number
- CN110399713A CN110399713A CN201810847542.0A CN201810847542A CN110399713A CN 110399713 A CN110399713 A CN 110399713A CN 201810847542 A CN201810847542 A CN 201810847542A CN 110399713 A CN110399713 A CN 110399713A
- Authority
- CN
- China
- Prior art keywords
- information
- authentication
- verification information
- message
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 72
- 238000012795 verification Methods 0.000 claims description 289
- 230000009191 jumping Effects 0.000 claims description 5
- 238000011161 development Methods 0.000 abstract description 9
- 238000013475 authorization Methods 0.000 description 33
- 238000010586 diagram Methods 0.000 description 29
- 230000008569 process Effects 0.000 description 23
- 230000006870 function Effects 0.000 description 17
- 230000006854 communication Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 238000012545 processing Methods 0.000 description 8
- 238000010200 validation analysis Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 238000013461 design Methods 0.000 description 6
- 238000012790 confirmation Methods 0.000 description 5
- 230000001012 protector Effects 0.000 description 5
- 238000010168 coupling process Methods 0.000 description 4
- 238000005859 coupling reaction Methods 0.000 description 4
- 238000012360 testing method Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 2
- 238000012905 input function Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005314 correlation function Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 230000005484 gravity Effects 0.000 description 1
- 238000010348 incorporation Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000010897 surface acoustic wave method Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention discloses a kind of methods of authentification of message, comprising: obtains platform authentication request, wherein carries the mark of destination server corresponding to destination server in the platform authentication request;It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein, the target authentication mode and server identification set have matching relationship, the server identification set includes at least one server identification, and the destination server mark belongs in the server identification set one;Pass through the target authentication pattern acquiring information to be certified;Authentification of message result is generated according to the information to be certified.A kind of information authenticating apparatus is additionally provided in the embodiment of the present invention.Multiple trade companies can be multiplexed same set of target authentication mode and authenticate to user in the embodiment of the present invention, to reduce the development cost of business platform.
Description
Technical field
The present invention relates to Internet technical field more particularly to the methods and relevant apparatus of a kind of authentification of message.
Background technique
With the rapid development of communication technology, huge numbers of families have been come into internet.In internet, in order to keep away
Exempt from the attack of hacker, wooden horse and Malware, authentification of message have become guarantee network security and common technological means it
One.
Currently, some business platforms can access Duo Jia third party trade company, different third party trade companies can be use
Family provides corresponding business.And when user carries out network operation, it also needs to carry out user authentication, so that it is determined that should
Whether user has the access right to resource, and then prevents attacker from palming off the access authority that legitimate user obtains resource, protects
The safety of card system and data, and the legitimate interests of authorization visitor.For example, for register, it usually needs user is defeated
Access customer account number and password are to complete login process.
However, different third party trade companies often supports different authentication modes, therefore, with third party trade company access amount
Increase, thus cause the development cost of business platform to be also incremented by therewith.
Summary of the invention
The embodiment of the invention provides a kind of method of authentification of message and relevant apparatus, multiple trade companies can be multiplexed same set of
Target authentication mode authenticates user, to reduce the development cost of business platform.
In view of this, on the one hand the embodiment of the present invention provides a kind of method of authentification of message, may include:
Obtain platform authentication request, wherein carry the clothes of target corresponding to destination server in the platform authentication request
Business device mark;
It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein is described
Target authentication mode and server identification set have matching relationship, and the server identification set includes at least one server
Mark, the destination server mark belong in the server identification set one;
Pass through the target authentication pattern acquiring information to be certified;
Authentification of message result is generated according to the information to be certified.
The first aspect of the embodiment of the present invention provides a kind of information authenticating apparatus, may include:
Module is obtained, for obtaining platform authentication request, wherein carry destination server institute in the platform authentication request
Corresponding destination server mark;
Determining module, the destination server in platform authentication request for being obtained according to the acquisition module
It identifies and determines target authentication mode, wherein the target authentication mode and server identification set have matching relationship, the clothes
Device logo collection of being engaged in includes at least one server identification, and the destination server mark belongs in the server identification set
One;
The acquisition module is also used to the target authentication pattern acquiring letter to be certified determined by the determining module
Breath;
Generation module, the information to be certified for being obtained according to the acquisition module generate authentification of message result.
The first aspect of the embodiment of the present invention provides a kind of information authenticating apparatus, may include: memory, processor with
And bus system;
Wherein, the memory is for storing program;
The processor is used to execute the program in the memory, includes the following steps:
Obtain platform authentication request, wherein carry the clothes of target corresponding to destination server in the platform authentication request
Business device mark;
It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein is described
Target authentication mode and server identification set have matching relationship, and the server identification set includes at least one server
Mark, the destination server mark belong in the server identification set one;
Pass through the target authentication pattern acquiring information to be certified;
Authentification of message result is generated according to the information to be certified;
The bus system is for connecting the memory and the processor, so that the memory and the place
Reason device is communicated.
The first aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage
Instruction is stored in medium, when run on a computer, so that computer executes method described in above-mentioned various aspects.
As can be seen from the above technical solutions, the embodiment of the present invention has the advantage that
In the embodiment of the present invention, a kind of method of authentification of message is provided, information authenticating apparatus first obtains platform first
Certification request, wherein the mark of destination server corresponding to destination server is carried in platform authentication request, then according to platform
Destination server in certification request, which identifies, determines target authentication mode, wherein target authentication mode and server identification set
With matching relationship, server identification set includes at least one server identification, and destination server mark belongs to server mark
One is known in set.Then by information authenticating apparatus by target authentication pattern acquiring information to be certified, finally, authentification of message fills
It sets and authentification of message result is generated according to information to be certified.By the above-mentioned means, in the same server identification set
For each server identification, using same set of target authentication mode, and each server identification corresponds to a trade company, therefore,
Multiple trade companies can be multiplexed same set of target authentication mode and authenticate to user, to reduce the development cost of business platform.
Detailed description of the invention
Fig. 1 is a configuration diagram of authentification of message system in the embodiment of the present invention;
Fig. 2 is one design architecture schematic diagram of method of authentification of message in the embodiment of the present invention;
Fig. 3 is method one embodiment schematic diagram of authentification of message in the embodiment of the present invention;
Fig. 4 is a flow diagram of double authentication in the embodiment of the present invention;
Fig. 5 is an interface schematic diagram based on verifying code authentication in the embodiment of the present invention;
Fig. 6 is a flow diagram based on verifying code authentication in the embodiment of the present invention;
Fig. 7 is a data flow time diagram based on verifying code authentication in the embodiment of the present invention;
Fig. 8 is an interface schematic diagram based on security personnel's encoder certification in the embodiment of the present invention;
Fig. 9 is a flow diagram based on security personnel's encoder certification in the embodiment of the present invention;
Figure 10 is a data flow time diagram based on security personnel's encoder certification in the embodiment of the present invention;
Figure 11 is an interface schematic diagram based on token authentication in the embodiment of the present invention;
Figure 12 is a flow diagram based on token authentication in the embodiment of the present invention;
Figure 13 is a data flow time diagram based on token authentication in the embodiment of the present invention;
Figure 14 is one embodiment schematic diagram of information authenticating apparatus in the embodiment of the present invention;
Figure 15 is one embodiment schematic diagram of information authenticating apparatus in the embodiment of the present invention;
Figure 16 is a structural schematic diagram of information authenticating apparatus in the embodiment of the present invention.
Specific embodiment
The embodiment of the invention provides a kind of method of authentification of message and relevant apparatus, multiple trade companies can be multiplexed same set of
Target authentication mode authenticates user, to reduce the development cost of business platform.
Description and claims of this specification and term " first ", " second ", " third ", " in above-mentioned attached drawing
The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage
The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiment of the present invention described herein for example can be to remove
Sequence other than those of illustrating or describe herein is implemented.In addition, term " includes " and " having " and theirs is any
Deformation, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, production
Product or equipment those of are not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for this
A little process, methods, the other step or units of product or equipment inherently.
It should be understood that the embodiment of the present invention is mainly used in authentication scene, the platform of more trade companies can be supported by one
To realize certification.For example, self-selected stock application program (application, APP) in a manner of direct-connected stock trader's server, accesses more
Family third party cooperates stock trader, provides the trading function on basis for user.Answer stock supervisory committee's Strengthens network trading account security
Compliance requirement, each stock trader start double authentication project successively, reinforce the safety of itself transaction system.Therefore, for
For one is supported the platform of more trade companies, in order to be compatible with the trade company of all accesses, a variety of authentication modes should be flexibly supported as far as possible,
And support trade company customizes to require, the demand for thus providing the general solution of one kind more trade companies is supported to authenticate.
Referring to Fig. 1, Fig. 1 is a configuration diagram of authentification of message system in the embodiment of the present invention, as shown, branch
The platform of Chi Duo trade company is specifically as follows a APP, which is mainly used in terminal device, such as mobile phone, tablet computer, pen
Remember this computer and palm PC etc., and terminal device can be the Mobile operating system (iphone based on Apple Inc.
Operation system, iOS) 8.0 or more system, or be based on Android system (Android) 4.2 or more system, when
It so, can also be based on the system of other versions, herein without limitation.
Authentification of message system further includes Platform Server and at least one merchant server, and Platform Server had both needed and end
End equipment establishes communication connection, to carry out the interaction of data, and needs to establish at least one merchant server and communicate to connect, with
Carry out business processing.Under normal conditions, each trade company corresponds at least one merchant server, for example corresponding trade company 1, trade company 1 takes
Business device, wherein 1 server of a trade company shown in FIG. 1 is only a signal, and in practical situations, which may be used also
To be a server cluster.Similarly, Platform Server also may include at least one server.
Above describe the overall architectures of authentification of message system, will be introduced so that trade company is stock trader as an example below, however
This can not be not understood as limitation of the invention.Referring to Fig. 2, Fig. 2 is the method one of authentification of message in the embodiment of the present invention
A design architecture schematic diagram, as shown, design architecture is followed successively by network layer, Business Logic, middle layer and use from bottom to top
Family interface alternation (User Interface, UI) layer.Successively each layer is introduced below in conjunction with Fig. 2.
UI layers are publicly-owned layer, i.e., different stock traders uses the UI layers, and UI layers are the certifications supported according to each stock trader
The general character of mode and design, UI layers specifically include that
(1) log in page is mainly used for user and inputs essential information, such as account and password;
(2) equipment shows or switches the page, is mainly used for showing the authentication mode of device name and switching equipment, can be with
Support the display and switching of such as phone number, email address and encoder device name of ensuring public security;
(3) identifying code input page is mainly used for inputting identifying code corresponding to identifying code authentication mode;
(4) token (token) input page is mainly used for inputting identifying code corresponding to token authentication mode;
(5) the protector license confirmation page is mainly used for showing that the authorization generated by security personnel's encoder authentication mode is true
Recognize the page.
In main flow, most of product demand process can be covered by five interfaces as above, stock trader side is mentioned
Differentiated demand out unifies encapsulation process by middle layer, and stock trader's customization can be realized to the above content of pages.In account password
After verification is completed, the data that stock trader's server returns eventually are converted into middle layer.
Middle layer is also the general character for the authentication mode supported according to each stock trader and designs, and mainly includes
LoginResultData, wherein the main data structure of LoginResultData is as follows:
(1) " RetType " indicates double authentication mode, is mainly used for control jumps to the specific type page of secondary verifying
Face.For example including single device mobile phone, mailbox and security personnel's encoder authentication mode, more equipment mobile phones, mailbox, security personnel's encoder are recognized
Card mode and token (random cipher or fixed password) authentication mode;
(2) " AuthResultInfo " indicates information required for secondary verifying, is mainly used for carrying out the stream of double authentication
Journey.The object structure may include that (page title " authTitle " is mainly used for for the information of the customized content of pages of stock trader
Prompt the official documents and correspondence information " authButtonDesc " etc. of button in the official documents and correspondence information " authDesc " and the page of user), currently
Facility information " AuthDeviceInfo " currently in use and other additional informations etc.;
(3) " AuthDeviceInfo " indicates facility information, is mainly used for needing to show the authentication mode of facility information.It should
Object structure, including equipment index (deviceIndex), device name plaintext (devicePlain), device name ciphertext
(deviceEncrypt) and device type (devideType).Based on security considerations, it is shown in the equipment display page
Device name is shown in the form of ciphertext sometimes, such as phone number is with " 123****5678 " display.
Business Logic is that each stock trader is implemented separately, which is mainly used for solving each stock trader in authentication business logic
On difference, wherein Business Logic includes:
(1) network request is mainly used for as each stock trader's individual packages network request, and passes through underlying network network layers and stock trader
Server communication can solve difference of each stock trader on certification relevant interface Protocol Design;
(2) data conversion and data parsing, are mainly used for after receiving the data of stock trader's server return, by business
Logical layer parses data, and is the data structure of middle layer according to protocol translation.
The authentication mode different for each trade company and different interface requests, parameter and returned data format, in order to
Each trade company realizes respective Business Logic, and Business Logic is clearly divided into network request, data parsing and data and is turned
Function is changed, to achieve the purpose that high cohesion.Middle layer is converted according to the interface protocol of agreement by service logic layer data, is passed through
Middle layer is interacted with UI layers, realizes each merchant business logical layer independently, and UI layers public with intermediate layer identification code, to realize
The purpose of lower coupling.
By being individually encapsulated for service logic, convert the business datum of each trade company to unified middle layer, and with system
One UI layer interacts.When needing to increase new authentication mode, it is only necessary to stock trader respectively realizes the service logic of oneself, and
It is converted into corresponding middle layer, one new interaction flow of UI layers of increase improves development efficiency, realizes entire frame
High Availabitity, the purpose easily extended.
Below by from the angle of information authenticating apparatus, the method for authentification of message in the present invention is introduced, figure is please referred to
3, method one embodiment of authentification of message includes: in the embodiment of the present invention
101, platform authentication request is obtained, wherein the clothes of target corresponding to destination server are carried in platform authentication request
Business device mark;
In the present embodiment, information authenticating apparatus is specifically as follows the platform that one is supported more trade companies or one is supported more trade companies
APP.User triggers register by information authenticating apparatus, i.e. information authenticating apparatus obtains platform authentication request.Wherein, it puts down
The mark of destination server corresponding to destination server is carried in platform certification request, destination server specifically refers to user and waits visiting
Ask server of trade company, such as 2 server of 1 server of stock trader or stock trader etc..And each server corresponds to a service
Device mark, such as 1 server corresponding server of stock trader identify A, therefore 2 server corresponding server of stock trader mark B passes through clothes
Business device mark can determine that this needs of user are authenticated with which trade company, that is, determine the target communicated with information authenticating apparatus
Server.
102, according to platform authentication request in destination server identify determine target authentication mode, wherein target authentication
Mode and server identification set have matching relationship, and server identification set includes at least one server identification, target clothes
Business device mark belongs in server identification set one;
In the present embodiment, since different trade companies often uses different certification modes, such as stock trader 1 to recognize using mobile phone
The mode of card, stock trader 2 is by the way of random cipher, and stock trader 3 is by the way of account number cipher and mailbox certification etc..Information
Authentication device identifies the target authentication mode for determining and needing to use according to destination server.
In practical situations, often at least one server identification of participant has corresponding pass to a kind of target authentication mode
System, goal server identification belong to one of them of server identification set.In order to make it easy to understand, please referring to table 1, table
1 corresponding relationship between certification mode and server identification one signal.
Table 1
Certification mode | Server identification | Trade company | Authentication content |
A | Mark 1 | Stock trader 1 | Account number cipher+mobile phone certification |
A | Mark 2 | Stock trader 2 | Account number cipher+mobile phone certification |
A | Mark 3 | Stock trader 3 | Account number cipher+mobile phone certification |
A | Mark 4 | Stock trader 4 | Account number cipher+mobile phone certification |
B | Mark 5 | Stock trader 5 | Account number cipher+security personnel's encoder certification |
B | Mark 6 | Stock trader 6 | Account number cipher+security personnel's encoder certification |
B | Mark 7 | Stock trader 7 | Account number cipher+security personnel's encoder certification |
Assuming that destination server is identified as mark 3, that is, need to authenticate with stock trader 3, at this point, target authentication mode is mould
Formula A is authenticated by the way of " account number cipher+mobile phone certification ".
It should be noted that content shown in table 1 is only a signal, in practical applications, can also be arranged different
Corresponded manner.
103, pass through target authentication pattern acquiring information to be certified;
In the present embodiment, information authenticating apparatus passes through target authentication pattern acquiring information to be certified.For example, target authentication mould
Formula is security personnel's encoder certification, then information to be certified is the Authorization result for passing through security personnel's encoder and receiving.For another example, mesh
Mark certification mode is mobile phone certification mode, then information to be certified is the identifying code for being sent to mobile phone.
104, authentification of message result is generated according to information to be certified.
In the present embodiment, information authenticating apparatus can determine whether to authenticate successfully by comparing information to be certified, thus
Generate authentication result.It can also directly be generated according to information to be certified and authenticate successful result.
In the embodiment of the present invention, a kind of method of authentification of message is provided, information authenticating apparatus first obtains platform first
Certification request, wherein the mark of destination server corresponding to destination server is carried in platform authentication request, then according to platform
Destination server in certification request, which identifies, determines target authentication mode, wherein target authentication mode and server identification set
With matching relationship, server identification set includes at least one server identification, and destination server mark belongs to server mark
One is known in set.Then by information authenticating apparatus by target authentication pattern acquiring information to be certified, finally, authentification of message fills
It sets and authentification of message result is generated according to information to be certified.By the above-mentioned means, in the same server identification set
For each server identification, using same set of target authentication mode, and each server identification corresponds to a trade company, therefore,
Multiple trade companies can be multiplexed same set of target authentication mode and authenticate to user, to reduce the development cost of business platform.
Optionally, on the basis of above-mentioned Fig. 3 corresponding embodiment, the method for authentification of message provided in an embodiment of the present invention
In first alternative embodiment, after obtaining platform authentication request, can also include:
Receive authentication information, wherein authentication information includes applying account and password;
Authentication information is sent to destination server, so that destination server verifies authentication information, and
Generate authentication result;
If authentication result be proved to be successful, execute according to platform authentication request in destination server mark determine
The step of target authentication mode;
If authentication result is authentication failed, the prompting message of authentication failed is shown.
In the present embodiment, information authenticating apparatus can determine user quotient to be logged in after receiving platform authentication request
Family then needs first to verify legitimacy of the user in trade company.Under normal conditions, user input authentication information (including
The application account and password of trade company), it is assumed that the application account of user's input is " jackwong ", and password is " 111222 ".Then
The destination server as corresponding to trade company verifies the authentication information, is stored in destination server using account
Corresponding relationship between password, if using account and password match success, then it represents that authentication result is to be proved to be successful,
Subsequent identifying procedure can so be gone successively to., whereas if failing using account and password match, then it represents that identity is tested
Result failure is demonstrate,proved, then the prompting message of authentication failed can be directly displayed, after user sees the message, can be carried out again
Verifying.Under normal conditions, the number of verifying has within the upper limit, such as one day if there is applying account and password not three times
The case where matching, then will not again authenticate the authentication information of user's input within the same day.
It is understood that authentication information belongs to two information from different channels from information to be certified, that is, belong to
In double authentication.Authentication information typically refers to given data, for example, username and password.And information to be certified is usually
Refer to disposal password, just can be carried out transaction, such as mobile phone note verification code, mailbox identifying code, digital certificates, security personnel after input
Encoder and biological identification etc..
For the ease of introducing, referring to Fig. 4, Fig. 4 is a flow diagram of double authentication in the embodiment of the present invention, such as
Shown in figure, by taking trade company is stock trader as an example, specifically:
In step S1, user enters stock trader's login page by application platform (self-selected stock APP);
In step S2, user selects some stock trader's entrance in stock trader's login page, enters after clicking stock trader's entrance
To stock trader's login page;
In step S3, account and password are inputted on stock trader's login page, then executes register, and to corresponding certificate
Quotient's server sends logging request, and stock trader's server process logging request gives data feedback to application platform (self-selected stock later
APP);
In step S4, if account and cryptographic check success, enter double authentication process;
In step S5, if account and cryptographic check failure, pass through application platform (self-selected stock APP) interface prompt mistake
Message, user can re-execute the steps the operation of S3;
In step S6, into after double authentication process, user's input by other channels (such as mobile phone, mailbox or its
He is APP) identifying code that gets perhaps random cipher or executes authority checking operation by other APP, then taken to stock trader
Device transmission double authentication of being engaged in is requested;
In step S7, if double authentication verifies successfully, user is successfully entered corresponding stock trader's transaction system;
In step S8, if double authentication verification failure, is disappeared by application platform (self-selected stock APP) interface prompt mistake
Breath, user can re-execute the steps the operation of S6.
Secondly, information authenticating apparatus can also receive user after obtaining platform authentication request in the embodiment of the present invention
Then the authentication information of input sends authentication information to destination server, believed by destination server authentication
Breath is verified, and generates authentication as a result, only in the successful situation of authentication, just will continue to carry out subsequent to recognize
Demonstrate,prove process.By the above-mentioned means, when client logins transaction system, other than authentication information, it is also necessary to by other
Channel obtains information to be certified, just can be carried out transaction after double authentication passes through.It is verified using two kinds of information of different nature
Client identity can provide protection for online transaction, to effectively take precautions against the authentication mechanism of hacker attacks.
Optionally, on the basis of above-mentioned Fig. 3 corresponding embodiment, the method for authentification of message provided in an embodiment of the present invention
In second alternative embodiment, according to platform authentication request in destination server identify determine target authentication mode, can wrap
It includes:
According to platform authentication request in destination server identify and determine authentication mode, wherein authentication mode is for controlling
The page jumps;
According to platform authentication request in destination server identify determine certification page information, wherein certification page information
For showing and the associated page info of authentication mode;
According to platform authentication request in destination server identify determine authenticating device information, wherein authenticating device information
It is used to indicate the information of equipment to be certified.
It may include authentication mode, certification page information and authenticating device letter in target authentication mode in the present embodiment
Breath.After information authenticating apparatus sends account number cipher to destination server, the data that destination server returns can form mesh
Mark certification mode.
Wherein, authentication mode is used to control jumps to the specific type page of certification, for example, single device mobile phone authenticating party
Formula, more equipment mobile phone authentication modes, single device mailbox authentication mode, more equipment mailbox authentication modes, security personnel's encoder authenticating party
Formula and token authentication mode etc..
Certification page information indicates information required for authenticating, the information including the customized content of pages of trade company, for example, proposing
Show the official documents and correspondence information of user, the official documents and correspondence information of button, currently used facility information and other additional informations etc. in the page.
Authenticating device information is used to need to show the authentication mode of facility information, for example, equipment index information, device name
Cleartext information, device name cipher-text information and device type etc..Based on the considerations of user information safety, page is shown in equipment
Showing in face can be shown when device name in the form of ciphertext, for example phone number is shown as " 138******46 ".
Secondly, in the embodiment of the present invention, information authenticating apparatus can be requested according to platform authentication in destination server mark
Know and determine authentication mode, certification page information and authenticating device information, wherein authentication mode is demonstrate,proved for controlling jumping for the page
Page info is used to indicate the letter of equipment to be certified with the associated page info of authentication mode, authenticating device information for showing
Breath.By the above-mentioned means, certification mode can be composed of different service logics, i.e., required for being determined according to trade company's demand
Authentication mode, certification page information and authenticating device information, to realize the target of information high cohesion.
Optionally, corresponding first or on the basis of second embodiment in above-mentioned Fig. 3 and Fig. 3, the present invention is implemented
It, can be with by target authentication pattern acquiring information to be certified in the method third alternative embodiment for the authentification of message that example provides
Include:
According to the target authentication schema creation information input page, wherein optional, the information input page includes at least one
Information input subpage frame;
Information to be certified is received by the information input page.
In the present embodiment, information authenticating apparatus is after it confirmed target authentication mode, the available target authentication mode
Included authentication mode, certification page information and authenticating device information.According at least one letter of target authentication schema creation
Breath input subpage frame, different information input subpage frames can be used for receiving the different data of user's input.Finally, letter will be passed through
The information to be certified of breath input page input is verified, to generate verification result.
Again, in the embodiment of the present invention, the process that information authenticating apparatus obtains information to be certified be can be, first according to mesh
It marks certification mode and generates the information input page, wherein the information input page includes at least one information input subpage frame, is then led to
It crosses the information input page and receives information to be certified.By the above-mentioned means, the information input page can be generated so that user inputs phase
The information answered, to be authenticated using the information that user inputs, it is possible thereby to the feasibility and operability of lifting scheme.
Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention
The 4th alternative embodiment of method in, information to be certified is received by the information input page, may include:
Subpage frame is inputted by the first information and receives the first verification information, wherein the first verification information is in preset time
The information that introversive first associated account number is sent;
Authentification of message is generated as a result, may include: according to information to be certified
If the first verification information is consistent with the first default verification information, certification success message is generated;
If the first verification information and the first default verification information are inconsistent, and verify number and have reached pre-determined threshold, then give birth to
At authentification failure message.
In the present embodiment, a kind of method verified in single device using associated account number is described.Firstly, authentification of message
Device can show that the first information inputs subpage frame, would generally show an input frame on first information input subpage frame, use
In the first verification information for receiving user's input.And the first verification information includes but is not limited only to mobile phone identifying code or mailbox is tested
Code is demonstrate,proved, after user triggers platform authentication request, destination server can be within a preset time (such as within 90 seconds) to this
First associated account number (such as cell-phone number or email address) used by a user sends the first verification information.User will receive
One verification information is inserted in the input frame of first information input subpage frame, from information authenticating apparatus to destination server forward this
One verification information.Destination server can match the first verification information received with the first default verification information.
Specifically, it is assumed that the first default verification information is " 595451 ", if the first verification information is also " 595451 ",
Indicate that this is proved to be successful, then information authenticating apparatus will generate the successful message of certification., whereas if the first verification information
It is not " 595451 ", then it represents that this authentication failed, then information authenticating apparatus can be used with the prompting message of feedback validation failure
Family can input new verification information according to the prompting message again, until verifying number reaches pre-determined threshold, authentification of message dress
It sets, authentification failure message can be generated.
Further, in the embodiment of the present invention, information authenticating apparatus can first pass through first information input subpage frame and receive
First verification information, wherein the first verification information is the information sent within a preset time to the first associated account number, if first
Verification information is consistent with the first default verification information, then generates certification success message, if the first verification information is default with first
Verification information is inconsistent, and verifies number and have reached pre-determined threshold, then generates authentification failure message.By the above-mentioned means, providing
It is a kind of to be verified using the information that associated account number is received, the reliability of verifying can be effectively promoted, to realize more
The process of channel verifying, thus increases the practicability of scheme.
Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention
The 5th alternative embodiment of method in, information to be certified is received by the information input page, may include:
Account switching command is received by the second information input subpage frame;
The first associated account number is switched to the second associated account number according to account switching command;
Receive the second verification information, wherein the second verification information is to send within a preset time to the second associated account number
Information;
Authentification of message is generated as a result, may include: according to information to be certified
If the second verification information is consistent with the second default verification information, certification success message is generated;
If the second verification information and the second default verification information are inconsistent, and verify number and have reached pre-determined threshold, then give birth to
At authentification failure message.
In the present embodiment, a kind of method verified in more equipment using associated account number is described.Firstly, authentification of message
Device can show the second information input subpage frame, and an account switching usually can be also shown on the second information input subpage frame
Function, user can choose the function.Some other accounts that user had logged on will be shown later by triggering the function
Information, further, it is also possible to receive the new account information of user's input.For example, user A was associated with three phone numbers, respectively
For " 13812345678 ", " 13698765432 " and " 15011223355 ", user A can be in the second information input subpage frame
Account switching command is triggered, so that the first associated account number " 15011223355 " is switched to the second associated account number
" 13812345678 ", then, information authenticating apparatus can be sent out (within such as 90 seconds) to " 13812345678 " within a preset time
Send the second verification information.User inserts the second verification information received in input frame, from information authenticating apparatus to destination service
Device forwards second verification information.Destination server can carry out the second verification information received and the second default verification information
Matching.
It should be noted that account switching command other than it can switch the phone number of user, can also switch use
The email address at family or other kinds of associated account number, herein without limitation.
Specifically, it is assumed that the second default verification information is " 595451 ", if the second verification information is also " 595451 ",
Indicate that this is proved to be successful, then information authenticating apparatus will generate the successful message of certification., whereas if the second verification information
It is not " 595451 ", then it represents that this authentication failed, then information authenticating apparatus can be used with the prompting message of feedback validation failure
Family can input new verification information according to the prompting message again, until verifying number reaches pre-determined threshold, authentification of message dress
It sets, authentification failure message can be generated.
Further, in the embodiment of the present invention, information authenticating apparatus can first pass through the reception of the second information input subpage frame
Then first associated account number is switched to the second associated account number according to account switching command by account switching command, pass through the second letter
Breath input subpage frame receives the second verification information, wherein the second verification information is to send out within a preset time to the second associated account number
The information sent generates certification success message if the second verification information is consistent with the second default verification information, if second tests
It demonstrate,proves information and the second default verification information is inconsistent, and verify number and have reached pre-determined threshold, then generate authentification failure message.It is logical
Cross aforesaid way, provide it is a kind of verified using the information that associated account number is received, can effectively promote verifying can
By property, to realize the process verified by all kinds of means.In addition, additionally providing a kind of verification mode of more equipment switchings, thus increase
The practicability of scheme.
In order to make it easy to understand, being asked below in conjunction with Fig. 5, Fig. 6 and Fig. 7 to the concrete mode authenticated based on identifying code
Refering to the interface schematic diagram that Fig. 5, Fig. 5 are based on verifying code authentication in the embodiment of the present invention, as shown, using trade company as certificate
For quotient, specifically:
In step A1, user inputs the account registered in the stock trader and close after selecting stock trader on login page
Code, for example, account can be " 10000118 ", password is " 123456 ";
In step A2, after account and password authentification success, equipment displayed page is jumped to, it on this page can be defeated
The phone number of access customer or the email address of user can be in equipment displayed pages if the user has multiple accounts
The module of upper selection " switching " thus jumps to the equipment switching page;
In step A3, user can choose in past used phone number and mailbox in the equipment switching page
Location selects phone number or email address;
In step A4, determine that perhaps the phone number or email address will receive phone number after email address
One corresponding identifying code, user input the identifying code oneself received on identifying code input page, if identifying code and default
Identifying code is consistent, then it represents that is proved to be successful.If identifying code is different from default identifying code, then it represents that authentication failed.
Referring to Fig. 6, Fig. 6 is a flow diagram based on verifying code authentication in the embodiment of the present invention, as shown,
By taking trade company is stock trader as an example, specifically:
In step B1, after the account and cipher authentication success of user's input, if authentication mode supports more equipment to cut
It changes, then enters on equipment displayed page, wherein under normal conditions, an equipment can be associated at least one account.Conversely,
If the account and cipher authentication failure of user's input, can show miscue;
In step B2, after the account and cipher authentication success of user's input, if user does not need switching equipment institute
Corresponding phone number or email address, then directly carrying out verifying process;
In step B3, user can select phone number or email address in equipment displayed page, thus complete set more
Standby account handover operation;
In step B4, user input account and cipher authentication success after, if necessary to select phone number or
Email address, then entering step B5 after selection is completed;
In step B5, information authenticating apparatus sends identifying code request to stock trader's server, enters step B8;
In step B6, user can input the identifying code after receiving identifying code in input frame;
In step B7, stock trader's server notice application platform identifying code is sent successfully;
In step B8, stock trader's server is requested according to identifying code, generates identifying code, the reserved phone number of right rear line
Or email address sends the identifying code, go to step B9;
In step B9, user inputs identifying code and sends secondary request to stock trader's server, after being verified, then prompts
The information being proved to be successful, whereas if authentication failed, then prompt the information of authentication failed.
Referring to Fig. 7, Fig. 7 is a data flow time diagram based on verifying code authentication in the embodiment of the present invention, such as
Shown in figure, by taking trade company is stock trader as an example, specifically:
In step 201, user initiates register to middle layer by UI layers;
In step 202, distribute logging request from middle layer to Business Logic;
In step 203, the login interface on stock trader backstage is requested from Business Logic to network layer;
In step 204, network layer requests login interface to stock trader's server, and stock trader's server responds login interface;
In step 205, network layer sends to Business Logic and carries out the login obtained after data parsing by parser
Interface returns the result;
In step 206, login interface is sent to middle layer from Business Logic and is returned the result;
In step 207, if you do not need to carrying out double authentication, then it can directly determine to login successfully;
In step 208, thus enter transaction system;
In step 209, if necessary to carry out double authentication, then needs to return the result login interface and be converted to middle layer class
The double authentication mode of type, i.e. " RetType ", the double authentication mode are used to control jumps to the specific type page of secondary verifying
Face;
In step 210, it is assumed that use identifying code authentication mode, such as single device mobile phone authentication mode, the certification of equipment mobile phone
Mode, single device mailbox authentication mode and more equipment mailbox authentication modes etc.;
In step 211, the corresponding UI page is shown according to specifically authentication mode, shows that identifying code is defeated on the UI page
Enter frame;
In step 212, user inputs corresponding identifying code by identifying code input frame;
In step 213, verifying code check request is sent to Business Logic by middle layer;
In step 214, the secondary verification interface of stock trader is requested from Business Logic to network layer;
In step 215, network layer requests secondary verification interface to stock trader's server, by the secondary verification of stock trader's server feedback
Interface;
In step 216, network layer sends secondary by obtaining after parser progress data parsing to Business Logic
Verification interface;
In step 217, Business Logic sends the result that verification interface returns to middle layer;
In step 218, if re-authentication fails, 211 can be gone to step, allow user again by testing
It demonstrate,proves code input frame and inputs corresponding identifying code;
In step 219, if re-authentication success, enters step 220;
In step 220, thus enter transaction system.
Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention
The 6th alternative embodiment of method in, information to be certified is received by the information input page, may include:
By third information input subpage towards the first application program send checking request so that the first application program according to
Checking request sends checking request to destination server;
Third verification information is received by the first application program, wherein third verification information is generated by destination server
's;
Authentification of message result is generated according to information to be certified, comprising:
If third verification information is preset verification information with third and matched, certification success message is generated;
If third verification information and third are preset verification information and mismatched, and verify number and have reached pre-determined threshold, then give birth to
At authentification failure message.
In the present embodiment, a kind of method verified in single device using security personnel's encoder is described.Firstly, information is recognized
Card device receives the authorization logging request of user's triggering by third information input subpage frame, enters the first application program at this time
The license confirmation page.Wherein, the first application program specifically can be security personnel's encoder, which is usually by stock trader
A APP provided.First application program can initiate polling request to destination server, which steps on for obtaining authorization
Whether record result passes through.Destination server can send authorization to specified protector equipment and log in notice, and user opens first and answers
With program and logins corresponding security personnel's encoder account and carry out authorization login or cancel to log in.Then pass through the first application program
Authorization result is sent to destination server, the authorization login result that destination server receives the transmission of the first application program is raw later
At third verification information.Wherein, third verification information may include Login Name (such as TENCENT123), the login that account is logined
It approach (such as TENCENT) and wants seeking time (such as 11:49:34).
If third verification information is preset verification information with third and matched, illustrates to authenticate successfully, then can be generated
Authenticate success message.If third verification information and third are preset verification information and mismatched, illustrates authentification failure, then may be used
To generate authentification failure message.Indicate this authentication failed, then information authenticating apparatus can be disappeared with the prompt of feedback validation failure
Breath, user can authenticate according to the prompting message, and until verifying number reaches pre-determined threshold, information authenticating apparatus can then be given birth to
At authentification failure message.
When receive again the first application program transmission polling request after, can directly transmit authorization login result to
First application program.
The basic function of security personnel's encoder is explained below.Encoder ensure public security with can assisting user security using specified net
The service of going to bank.When user carries out the service of specified Web bank, system will require user to input security personnel's coding to authenticate.
If the coding input is correct, the bank service instruction of user will be authenticated successfully.Under normal conditions, security personnel's encoder is double
It is used under the premise of re-authentication, double authentication uses two kinds of identity authentication modes of different nature and logins account, is user
Online transaction account bring additional guarantee.First re-authentication is input account Login Name and password, and the second re-authentication
It is that requirement is logined by security personnel's encoder confirmation.Encoder of ensuring public security is the application program that double authentication service is released, and can be pacified
On different flow devices, facilitate user that can quickly and safely login the online transaction account of user.
Multi-section flow device use security personnel's encoder can be registered by logining account most on the net for one.Every flow device can be set
Fixed clear easily bright title, such as: Mary iPhone, Peter iPad.Security personnel's encoder in certain every flow device is answered
Multiple and different trading accounts can also be bound simultaneously with program, each trading account can set specific title, for example,
MyAccount, JointAccount, CompanyABC.
Further, in the embodiment of the present invention, information authenticating apparatus can be by third information input subpage towards first
Application program sends checking request, so that the first application program sends checking request to destination server according to checking request, so
Third verification information is received by the first application program afterwards.If third verification information is preset verification information with third and is matched,
Generate certification success message, if third verification information and third are preset verification information and are mismatched, and verify number have reached it is pre-
Gating limit, then generate authentification failure message.By the above-mentioned means, providing a kind of side verified using security personnel's encoder
Formula can be generated checking request by security personnel's encoder and generate verification result, no longer be verified using single application platform,
To effectively promote the reliability of verifying, the process verified by all kinds of means is realized, thus increase the practicability of scheme.
Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention
The 7th alternative embodiment of method in, information to be certified is received by the information input page, may include:
Pass through the 4th information input subpage frame receiving device switching command;
Checking request is sent to the second application program according to equipment switching command, so that the second application program is asked according to verifying
It asks to destination server and sends checking request;
The 4th verification information is received by the second application program, wherein the 4th verification information is generated by destination server
's;
Authentification of message result is generated according to information to be certified, comprising:
If the 4th verification information is matched with the 4th default verification information, certification success message is generated;
If the 4th verification information is mismatched with the 4th default verification information, and is verified number and had reached pre-determined threshold, then give birth to
At authentification failure message.
In the present embodiment, a kind of method verified in more equipment using security personnel's encoder is described.Firstly, information is recognized
Card device receives user by the 4th information input subpage frame and triggers equipment switching command, wherein equipment switching command can be used for
Switch different security personnel's encoder devices.For example, original security personnel's encoder device is " qqstocketest3p ", according to equipment
" qqstocketest3p " is switched to " qqstocketest " by switching command, i.e., by corresponding to " qqstocketest3p "
One application program is switched to the second application program corresponding to " qqstocketest ".
Then information authenticating apparatus sends authorization logging request to the second application program, enters the second application program at this time
The license confirmation page.Wherein, the second application program specifically can be security personnel's encoder, which is usually by stock trader
A APP provided.Second application program can initiate polling request to destination server, which steps on for obtaining authorization
Whether record result passes through.Destination server can send authorization to specified protector equipment and log in notice, and user opens second and answers
With program and logins corresponding security personnel's encoder account and carry out authorization login or cancel to log in.Then pass through the first application program
Authorization result is sent to destination server, the authorization login result that destination server receives the transmission of the second application program is raw later
At the 4th verification information.Wherein, the 4th verification information may include Login Name (such as TENCENT123), the login that account is logined
It approach (such as TENCENT) and wants seeking time (such as 11:49:34).
If the 4th verification information is matched with the 4th default verification information, illustrates to authenticate successfully, then can be generated
Authenticate success message.If the 4th verification information is mismatched with the 4th default verification information, illustrates authentification failure, then may be used
To generate authentification failure message.Indicate this authentication failed, then information authenticating apparatus can be disappeared with the prompt of feedback validation failure
Breath, user can authenticate according to the prompting message, and until verifying number reaches pre-determined threshold, information authenticating apparatus can then be given birth to
At authentification failure message.
When receive again the second application program transmission polling request after, can directly transmit authorization login result to
Second application program.
Further, in the embodiment of the present invention, information authenticating apparatus can be received by the 4th information input subpage frame and be set
Then standby switching command sends checking request to the second application program according to equipment switching command, so that the second application program root
Checking request is sent to destination server according to checking request, receives the 4th verification information finally by the second application program.If
4th verification information is matched with the 4th default verification information, then generates certification success message, if the 4th verification information and the 4th
Default verification information mismatches, and verifies number and have reached pre-determined threshold, then generates authentification failure message.By the above-mentioned means,
Provide it is a kind of by security personnel's encoder verified in the way of, can be generated by security personnel's encoder and checking request and generate verifying
As a result, no longer being verified using single application platform, to effectively promote the reliability of verifying, realization is verified by all kinds of means
Process, thus increase scheme practicability.In addition, additionally provide a kind of verification mode of more equipment switching, thus increase side
The practicability of case.
In order to make it easy to understand, below in conjunction with Fig. 8, Fig. 9 and Figure 10 to the specific side authenticated based on security personnel's encoder
Formula, referring to Fig. 8, Fig. 8 is an interface schematic diagram based on security personnel's encoder certification in the embodiment of the present invention, as shown,
By taking trade company is stock trader as an example, specifically:
In step C1, user initially enters the login page of some stock trader, on this page show have account input frame and
Password Input frame, if the user is " testaccount3p " in the account of this stock trader, password is " pass11111111 ".
In step C2, if account and cryptographic check success, user can choose whether to need switching equipment, if desired
Switching equipment then shows the option of selection " switching " on the page in security personnel's encoder device, compiles to ensure public security shown in step C3
Code device equipment switches the page;
In step C3, the to be switched flow device of user can choose in security personnel's encoder device switching page, wherein
Flow device can consider a mancarried device, and flow device " qqstocktest3p " can be switched to by user
"qqstocktest";
In step C4, triggering sends logging request after having selected flow device, then jumps to waiting authorization and logs in
The page, on this page display etc. it is to be confirmed logins requirements, login require notice be sent to user select flow device it
Before, it needs to first pass through security personnel's encoder applies program in flow device and confirms;
In step C5, what needs to be explained here is that, jump to wait authorization login page before, information authenticating apparatus to
Stock trader's server initiates polling request, feeds back Authorization result from stock trader's server to information authenticating apparatus;
In step C6, before stock trader's server feeds back Authorization result to information authenticating apparatus, need to security personnel's encoder
It sends authorization and logs in notice, security personnel's encoder logs in the account that notice login user is logined according to authorization.
Referring to Fig. 9, Fig. 9 is a flow diagram based on security personnel's encoder certification in the embodiment of the present invention, such as scheme
It is shown, by taking trade company is stock trader as an example, specifically:
In step D1, after user inputs account and password by application platform, if account and password mismatch, say
Bright authentification failure can prompt the information of authentication failed herein., whereas if account and password match, then illustrate to authenticate successfully, this
When user can choose that single device logs in or more equipment log in, if certification mode supports the switching of more equipment, enter security personnel
Encoder shows the page;
In step D2, if certification mode supports single device, authorization logging request can be sent;
In step D3, after having selected security personnel's encoder device, authorization logging request can also be sent;
In step D4, security personnel's encoder license confirmation loading page is entered at this time;
In step D5, after corresponding security personnel's encoder device has been selected in user, clicks and sends authorization logging request,
Authorization logging request is sent on stock trader's server;
In step D6, stock trader's server sends the notice that authorization logs in toward specified security personnel's encoder;
In step D7, security personnel's encoder sends Authorization result and gives stock trader's server, and stock trader's server receives security personnel's coding
After the authorization login result that device is sent, registration confirmed validity period;
In step D8, stock trader's server receives polling request;
In step D9, stock trader's server sends authorization login result to information authenticating apparatus according to polling request;
In step D10, user shows that selection needs the security personnel's encoder device switched on the page in protector equipment;
In step D11, success is authenticated if authorization login result passes through, otherwise authentification failure;
In step D12, user, which opens security personnel's encoder and logins corresponding protector account, carries out authorization login or cancellation.
Referring to Fig. 10, Figure 10 is the data flow timing signal based on security personnel's encoder certification in the embodiment of the present invention
Figure, as shown, by taking trade company is stock trader as an example, specifically:
In step 301, user initiates register to middle layer by UI layers;
In step 302, distribute logging request from middle layer to Business Logic;
In step 303, the login interface on stock trader backstage is requested from Business Logic to network layer;
In step 304, network layer requests login interface to stock trader's server, and stock trader's server responds login interface;
In step 305, network layer sends to Business Logic and carries out the login obtained after data parsing by parser
Interface returns the result;
In step 306, login interface is sent to middle layer from Business Logic and is returned the result;
In step 307, if you do not need to carrying out double authentication, then it can directly determine to login successfully;
In step 308, thus enter transaction system;
In step 309, if necessary to carry out double authentication, then needs to return the result login interface and be converted to middle layer class
The double authentication mode of type, i.e. " RetType ", the double authentication mode are used to control jumps to the specific type page of secondary verifying
Face;
In step 310, it is assumed that using security personnel's encoder authentication mode;
In step 311, the corresponding UI page is shown according to specifically authentication mode, security personnel's coding is shown on the UI page
Device authenticates the page;
In step 312, middle layer is jumped to by UI layers and is authorized;
In step 313, authorization requests are initiated from middle layer to Business Logic poll security personnel's encoder;
In step 314, the secondary verification interface of stock trader is requested from Business Logic to network layer;
In step 315, network layer requests secondary verification interface to stock trader's server, by the secondary verification of stock trader's server feedback
Interface;
In step 316, network layer sends secondary by obtaining after parser progress data parsing to Business Logic
Verification interface;
In step 317, Business Logic sends the result that verification interface returns to middle layer;
In step 318, if security personnel's encoder refusal authorization, can show security personnel's encoder authentication interface again;
In step 319, if security personnel's encoder authenticates successfully, 320 are entered step;
In step 320, thus enter transaction system.
Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention
The 8th alternative embodiment of method in, information to be certified is received by the information input page, may include:
The 5th verification information is received by the 5th information input subpage frame, wherein the 5th verification information is that user sets in advance
It sets for carrying out matched information;
Authentification of message result is generated according to information to be certified, comprising:
If the 5th verification information matches with the 5th default verification information, certification success message is generated;
If the 5th verification information is mismatched with the 5th default verification information, and is verified number and had reached pre-determined threshold, then give birth to
At authentification failure message.
In the present embodiment, a kind of method verified using fixed password is described.User can preset at least
Answer corresponding to one problem and each problem.When certification, information authenticating apparatus can be defeated by the 5th information
Enter subpage frame and show the information for needing user to input, user can input the 5th verification information according to prompt.If user inputs
The 5th verification information and the 5th default verification information be matched, then will to generate certification successful for the information authenticating apparatus
Prompting message., whereas if the 5th verification information of user's input is mismatched with the 5th default verification information, and user inputs
Verifying number be also up to pre-determined threshold, then information authenticating apparatus will generate the prompting message of authentification failure.
Specifically, the 5th verification information is usually answer corresponding to some problems, for example, problem 1 is that " company sets up
Date ", the correct option of problem 1 are " 19860922 ", then the 5th default verification information is " 19860922 ", if the 5th
Verification information is also " 19860922 ", then indicating to be proved to be successful.
It is understood that can also have following common problem in addition to the above problem:
For example, problem 2 is " birthday that may I ask you ", the answer of problem 2 is " 19910551 ".
For example, problem 3 is " your work number is how many ", the answer of problem 3 is " 20141105956 ".
For example, problem 4 is " your student number is how many ", the answer of problem 4 is " 20111685687 ".
In addition, the 5th default verification information can also be other match informations that user pre-sets, for example, setting in advance
Set one group of data " 123456789 ", the 5th default verification information will carry out with the 5th verification information of the subsequent input of user
Match.
Further, in the embodiment of the present invention, information authenticating apparatus can also be received by the 5th information input subpage frame
5th verification information, wherein the 5th verification information is that user presets for carrying out matched information, if the 5th verifying letter
Breath matches with the 5th default verification information, then certification success message can be generated in information authenticating apparatus., whereas if the 5th
Verification information is mismatched with the 5th default verification information, and is verified number and had reached pre-determined threshold, then information authenticating apparatus is raw
At authentification failure message.By the above-mentioned means, being authenticated using fixed password, identifying code on the one hand can be withouted waiting for
The time being issued in equipment is directly authenticated according to customized answer, thus the practicability of lifting scheme.It is another
Aspect has stronger reliability using fixed password certification, prevent non-user because getting identifying code unintentionally and
The case where logon account, thus the feasibility of lifting scheme.
Optionally, on the basis of above-mentioned Fig. 3 corresponding third embodiment, authentification of message provided in an embodiment of the present invention
The 9th alternative embodiment of method in, information to be certified is received by the information input page, may include:
The 6th verification information is received by the 6th information input subpage frame, wherein the 6th verification information is associated application journey
The random information that sequence generates within the object time;
Authentification of message result is generated according to information to be certified, comprising:
If the 6th verification information is consistent with the 6th default verification information, certification success message is generated;
If the 6th verification information and the 6th default verification information are inconsistent, and verify number and have reached pre-determined threshold, then give birth to
At authentification failure message.
In the present embodiment, information authenticating apparatus can also receive the 6th of user's input by the 6th information input subpage frame
Verification information, wherein the 6th verification information is generated at random within the object time by affiliate application.Associated application journey
Sequence can be the application program of a installation on the terminal device, can be activated, make after user inputs account and password
As soon as obtaining affiliate application at interval of a random cipher is just automatically generated for a period of time, for example, automatically generating at interval of 10 seconds
The password of one six digit.User inputs this six digits password, i.e. the 6th verification information in information input frame.
Judge whether the 6th verification information of user's input and the 6th default verification information are consistent by information authenticating apparatus, such as
Fruit is consistent, illustrates to authenticate successfully, that is, produces certification success message., whereas if the 6th verification information and the of user's input
Six default verification informations are inconsistent, illustrate authentification failure, then in the case where pre-determined threshold has not been reached yet in verifying number, user
It can continue to input next verification information, still, if verifying number has reached and presets bored, directly generate certification and lose
The message lost.
It should be noted that the 5th verification information can be fixed password, the 6th verification information can be random cipher, the
Five verification informations and the 6th verification information input token, and token is a string of character strings that server generates, and can be used as visitor
The mark that family end makes requests.After user logs in for the first time, server generates a token and returns to this token
To client, later client need to only take this token and come request data, no longer need to time to take user name and close
Code.Wherein, when the composition of token may include the unique identity of user (user identification, uid), be current
Between timestamp (time) and signature (sign), the 16 of the certain length that former positions of token are compressed into hash algorithm
System character string can prevent token from revealing.
Further, it is also possible to media access control (Media Access Control, MAC) address conduct of user equipment
token.Client obtains the address mac of equipment when logging in, and is transmitted to after server-side receives the parameter as parameter,
Just it is received with a variable, while being stored in database as token, and the token is arranged to session
(session) in.Client will be unified to intercept when request every time, the token and server end that client is transmitted
Token in session is compared, identical, is logined successfully, different then refuse.
This mode client and server-side have unified unique mark, and guarantee that each equipment possesses unique mark
Know.Advantage is client without logging in again, as long as can be used always after logging in once, for overtime problem by servicing
End is handled.
Further, it is also possible to use session identification (sessionid) as token.Client carries username and password and logs in,
Server is verified after receiving username and password, and verification is by just returning the sessionid locally obtained as token
Back to client, the data of request need to be only taken after client.
The advantages of this mode is conveniently, not have to storing data.Certainly, application higher for some confidentiality, can adopt
The mode for taking two ways to combine, is used as token to authenticate device mac address and user name password simultaneously.
Further, in the embodiment of the present invention, information authenticating apparatus can also be received by the 6th information input subpage frame
6th verification information, wherein the 6th verification information is the random information that affiliate application generates within the object time, if the
Six verification informations are consistent with the 6th default verification information, then information authenticating apparatus generates certification success message.If instead the
Six verification informations and the 6th default verification information are inconsistent, and verify number and have reached pre-determined threshold, then information authenticating apparatus
Generate authentification failure message.By the above-mentioned means, user can also carry out authentication by the way of random cipher.With secret
Code often can be by installing other applications generation on the terminal device, and can just generate one at interval of a period of time
In this case a different random cipher can effectively promote the reliability and safety of certification by the randomness of password.
In order to make it easy to understand, being asked below in conjunction with Figure 11, Figure 12 and Figure 13 to the concrete mode authenticated based on token
1, Figure 11 is an interface schematic diagram based on token authentication in the embodiment of the present invention refering to fig. 1, as shown, using trade company as certificate
For quotient, specifically:
In step E1, user inputs the account registered in the stock trader and close after selecting stock trader on login page
Code, for example, account can be " testaccount4 ", password is " pass12345678 ";
In step E2, after account and password authentification success, identifying code input page is jumped to, user can test at this
It demonstrate,proves and inputs random cipher or fixed password on code input page.By taking fixed password as an example, if password prompt is the " date of birth
Or company's Date of Incorporation (for example corporate client) everyday/month in and month out/every year ", user can input one six according to the prompt
The password of digit, such as 18061999.If password to be verified is consistent with preset password, then it represents that be proved to be successful.If to
The password of verifying is different from default preset password, then it represents that authentication failed.
Figure 12 is please referred to, Figure 12 is a flow diagram based on token authentication in the embodiment of the present invention, as shown,
By taking trade company is stock trader as an example, specifically:
In step F1, user enters application platform and selects corresponding stock trader, then input account corresponding to the stock trader and
Password then enters token input page after the account and cipher authentication success of user's input.Conversely, then entering step
F2;
In step F2, if the account of user's input and cipher authentication failure, can show miscue;
In step F3, user inputs random cipher or oneself pre-set fixed password on token input page,
Following information authenticating apparatus sends double authentication request to stock trader's server;
In step F4, information authenticating apparatus is according to the message of stock trader's server feedback, and prompt is proved to be successful on the page
Message, or on the page prompt authentication failed message;
In step F5, identifying code is verified according to double authentication request by stock trader's server, if it succeeds, to letter
The successful message of authentication device feedback validation is ceased, whereas if authentication failed disappearing to the failure of information authenticating apparatus feedback validation
Breath.
Figure 13 is please referred to, Figure 13 is a data flow time diagram based on token authentication in the embodiment of the present invention, such as
Shown in figure, by taking trade company is stock trader as an example, specifically:
In step 401, user initiates register to middle layer by UI layers;
In step 402, distribute logging request from middle layer to Business Logic;
In step 403, the login interface on stock trader backstage is requested from Business Logic to network layer;
In step 404, network layer requests login interface to stock trader's server, and stock trader's server responds login interface;
In step 405, network layer sends to Business Logic and carries out the login obtained after data parsing by parser
Interface returns the result;
In step 406, login interface is sent to middle layer from Business Logic and is returned the result;
In step 407, if you do not need to carrying out double authentication, then it can directly determine to login successfully;
In step 408, thus enter transaction system;
In step 409, if necessary to carry out double authentication, then needs to return the result login interface and be converted to middle layer class
The double authentication mode of type, i.e. " RetType ", the double authentication mode are used to control jumps to the specific type page of secondary verifying
Face;
In step 410, it is assumed that use token authentication mode, that is, verifying random cipher or fixed password;
In step 411, the UI layers of page that can be shown with presentation device, if it is random cipher verifying if can permit into
The switching of row equipment, for example phone number B is switched to from phone number A;
In step 412, request for UI layers to send identifying code to specified phone number to middle layer, certainly, in practical application
In, identifying code can also be sent to specified mailbox or other equipment;
In step 413, middle layer sends successfully notice to UI layers of feedback validation code;
In step 414, the dialog box of input identifying code is shown at UI layers;
In step 415, user is inputted after identifying code, sends identifying code from UI layers to middle layer;
In step 416, the checking request of double authentication is sent from middle layer to Business Logic;
In step 417, the secondary verification interface of stock trader is requested from Business Logic to network layer;
In step 418, network layer requests secondary verification interface to stock trader's server, by the secondary verification of stock trader's server feedback
Interface;
In step 419, network layer sends secondary by obtaining after parser progress data parsing to Business Logic
Verification interface;
In step 420, Business Logic sends the result that verification interface returns to middle layer;
In step 421, if re-authentication fails, user can input corresponding again by identifying code input frame
Identifying code;
In step 422, if re-authentication success, enters step 423;
In step 423, into transaction system.
The information authenticating apparatus in the present invention is described in detail below, please refers to Figure 14, Figure 14 is that the present invention is implemented
Information authenticating apparatus one embodiment schematic diagram in example, information authenticating apparatus 50 include:
Module 501 is obtained, for obtaining platform authentication request, wherein carry destination service in the platform authentication request
The mark of destination server corresponding to device;
Determining module 502, the target in platform authentication request for being obtained according to the acquisition module 501
Server identification determines target authentication mode, wherein the target authentication mode and server identification set have matching relationship,
The server identification set includes at least one server identification, and the destination server mark belongs to the server identification
One in set;
The acquisition module 501 is also used to wait for by the target authentication pattern acquiring that the determining module 502 determines
Authentication information;
Generation module 503, the information to be certified for being obtained according to the acquisition module 501 generate authentification of message knot
Fruit.
It in the present embodiment, obtains module 501 and obtains platform authentication request, wherein carry mesh in the platform authentication request
The mark of destination server corresponding to server is marked, determining module 502 is recognized according to the platform that the acquisition module 501 obtains
The destination server in card request, which identifies, determines target authentication mode, wherein the target authentication mode and server mark
Knowing set has matching relationship, and the server identification set includes at least one server identification, the destination server mark
Knowledge belongs in the server identification set one, the mesh for obtaining module 501 and being determined by the determining module 502
It marks certification mode and obtains information to be certified, generation module 503 is raw according to the information to be certified that the acquisition module 501 obtains
At authentification of message result.
In the embodiment of the present invention, a kind of information authenticating apparatus is provided, the information authenticating apparatus obtains platform first first
Certification request, wherein the mark of destination server corresponding to destination server is carried in platform authentication request, then according to platform
Destination server in certification request, which identifies, determines target authentication mode, wherein target authentication mode and server identification set
With matching relationship, server identification set includes at least one server identification, and destination server mark belongs to server mark
One is known in set.Then by information authenticating apparatus by target authentication pattern acquiring information to be certified, finally, authentification of message fills
It sets and authentification of message result is generated according to information to be certified.By the above-mentioned means, in the same server identification set
For each server identification, using same set of target authentication mode, and each server identification corresponds to a trade company, therefore,
Multiple trade companies can be multiplexed same set of target authentication mode and authenticate to user, to reduce the development cost of business platform.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14, Figure 15 is please referred to, it is provided in an embodiment of the present invention
In another embodiment of information authenticating apparatus 50, the information authenticating apparatus 50 further include receiving module 504, sending module 505,
Execution module 506 and cue module 507;
The receiving module 504 receives authentication after obtaining platform authentication request for the acquisition module 501
Information, wherein the authentication information includes applying account and password;
The sending module 505, for sending the received identity of receiving module 504 to the destination server
Authentication information so that the destination server verifies the authentication information, and generates authentication result;
The execution module 506, if for the sending module 505 send the authentication result be verifying at
Function then executes the destination server according in platform authentication request and identifies the step for determining target authentication mode
Suddenly;
The cue module 507, if being that verifying is lost for the authentication result that the sending module 505 is sent
It loses, then shows the prompting message of authentication failed.
Secondly, information authenticating apparatus can also receive user after obtaining platform authentication request in the embodiment of the present invention
Then the authentication information of input sends authentication information to destination server, believed by destination server authentication
Breath is verified, and generates authentication as a result, only in the successful situation of authentication, just will continue to carry out subsequent to recognize
Demonstrate,prove process.By the above-mentioned means, when client logins transaction system, other than authentication information, it is also necessary to by other
Channel obtains information to be certified, just can be carried out transaction after double authentication passes through.It is verified using two kinds of information of different nature
Client identity can provide protection for online transaction, to effectively take precautions against the authentication mechanism of hacker attacks.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14, authentification of message dress provided in an embodiment of the present invention
It sets in 50 another embodiment,
The determining module 502, it is true specifically for being identified according to the destination server in platform authentication request
Determine authentication mode, wherein the authentication mode is for controlling jumping for the page;
It is identified according to the destination server in platform authentication request and determines certification page information, wherein is described
Certification page information is for showing and the associated page info of the authentication mode;
It is identified according to the destination server in platform authentication request and determines authenticating device information, wherein is described
Authenticating device information is used to indicate the information of equipment to be certified.
Secondly, in the embodiment of the present invention, information authenticating apparatus can be requested according to platform authentication in destination server mark
Know and determine authentication mode, certification page information and authenticating device information, wherein authentication mode is demonstrate,proved for controlling jumping for the page
Page info is used to indicate the letter of equipment to be certified with the associated page info of authentication mode, authenticating device information for showing
Breath.By the above-mentioned means, certification mode can be composed of different service logics, i.e., required for being determined according to trade company's demand
Authentication mode, certification page information and authenticating device information, to realize the target of information high cohesion.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention
In another embodiment of authentication device 50,
The acquisition module 501 is specifically used for according to the target authentication schema creation information input page, wherein institute
Stating the information input page includes at least one information input subpage frame;
The information to be certified is received by the information input page.
Again, in the embodiment of the present invention, the process that information authenticating apparatus obtains information to be certified be can be, first according to mesh
It marks certification mode and generates the information input page, wherein the information input page includes at least one information input subpage frame, is then led to
It crosses the information input page and receives information to be certified.By the above-mentioned means, the information input page can be generated so that user inputs phase
The information answered, to be authenticated using the information that user inputs, it is possible thereby to the feasibility and operability of lifting scheme.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention
In another embodiment of authentication device 50,
The acquisition module 501 is specifically used for inputting subpage frame the first verification information of reception by the first information, wherein
First verification information is the information sent within a preset time to the first associated account number;
The generation module 503, if first verification information and first obtained specifically for the acquisition module 501
Default verification information is consistent, then generates certification success message;
If first verification information for obtaining the acquisition of module 501 and the described first default verification information are inconsistent,
And verifying number has reached pre-determined threshold, then generates authentification failure message.
Further, in the embodiment of the present invention, information authenticating apparatus can first pass through first information input subpage frame and receive
First verification information, wherein the first verification information is the information sent within a preset time to the first associated account number, if first
Verification information is consistent with the first default verification information, then generates certification success message, if the first verification information is default with first
Verification information is inconsistent, and verifies number and have reached pre-determined threshold, then generates authentification failure message.By the above-mentioned means, providing
It is a kind of to be verified using the information that associated account number is received, the reliability of verifying can be effectively promoted, to realize more
The process of channel verifying, thus increases the practicability of scheme.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention
In another embodiment of authentication device 50,
The acquisition module 501 is specifically used for receiving account switching command by the second information input subpage frame;
The first associated account number is switched to the second associated account number according to the account switching command;
Receive the second verification information, wherein second verification information is within a preset time to the second association account
Number send information;
The generation module 503, if specifically for second verification information that receives of acquisition module 501 and the
Two default verification informations are consistent, then generate certification success message;
If second verification information and the described second default verification information that the acquisition module 501 receives are different
It causes, and verifies number and have reached pre-determined threshold, then generate authentification failure message.
Further, in the embodiment of the present invention, information authenticating apparatus can first pass through the reception of the second information input subpage frame
Then first associated account number is switched to the second associated account number according to account switching command by account switching command, pass through the second letter
Breath input subpage frame receives the second verification information, wherein the second verification information is to send out within a preset time to the second associated account number
The information sent generates certification success message if the second verification information is consistent with the second default verification information, if second tests
It demonstrate,proves information and the second default verification information is inconsistent, and verify number and have reached pre-determined threshold, then generate authentification failure message.It is logical
Cross aforesaid way, provide it is a kind of verified using the information that associated account number is received, can effectively promote verifying can
By property, to realize the process verified by all kinds of means.In addition, additionally providing a kind of verification mode of more equipment switchings, thus increase
The practicability of scheme.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention
In another embodiment of authentication device 50,
The acquisition module 501 is specifically used for sending by third information input subpage towards the first application program and verify
Request, so that first application program sends the checking request to the destination server according to the checking request;
Third verification information is received by first application program, wherein the third verification information is by the mesh
Mark what server generated;
The generation module 503, if being specifically used for the received third verification information of the acquisition module 501 and third
Default verification information matching, then generate certification success message;
If the received third verification information of acquisition module 501 and the third are preset verification information and are mismatched,
And verifying number has reached pre-determined threshold, then generates authentification failure message.
Further, in the embodiment of the present invention, information authenticating apparatus can be by third information input subpage towards first
Application program sends checking request, so that the first application program sends checking request to destination server according to checking request, so
Third verification information is received by the first application program afterwards.If third verification information is preset verification information with third and is matched,
Generate certification success message, if third verification information and third are preset verification information and are mismatched, and verify number have reached it is pre-
Gating limit, then generate authentification failure message.By the above-mentioned means, providing a kind of side verified using security personnel's encoder
Formula can be generated checking request by security personnel's encoder and generate verification result, no longer be verified using single application platform,
To effectively promote the reliability of verifying, the process verified by all kinds of means is realized, thus increase the practicability of scheme.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention
In another embodiment of authentication device 50,
The acquisition module 501 is specifically used for passing through the 4th information input subpage frame receiving device switching command;
Checking request is sent to the second application program according to the equipment switching command, so that the second application program root
The checking request is sent to the destination server according to the checking request;
The 4th verification information is received by second application program, wherein the 4th verification information is by the mesh
Mark what server generated;
The generation module 503, if being specifically used for received 4th verification information of the acquisition module 501 and the 4th
Default verification information matching, then generate certification success message;
If received 4th verification information of acquisition module 501 is mismatched with the described 4th default verification information,
And verifying number has reached pre-determined threshold, then generates authentification failure message.
Further, in the embodiment of the present invention, information authenticating apparatus can be received by the 4th information input subpage frame and be set
Then standby switching command sends checking request to the second application program according to equipment switching command, so that the second application program root
Checking request is sent to destination server according to checking request, receives the 4th verification information finally by the second application program.If
4th verification information is matched with the 4th default verification information, then generates certification success message, if the 4th verification information and the 4th
Default verification information mismatches, and verifies number and have reached pre-determined threshold, then generates authentification failure message.By the above-mentioned means,
Provide it is a kind of by security personnel's encoder verified in the way of, can be generated by security personnel's encoder and checking request and generate verifying
As a result, no longer being verified using single application platform, to effectively promote the reliability of verifying, realization is verified by all kinds of means
Process, thus increase scheme practicability.In addition, additionally provide a kind of verification mode of more equipment switching, thus increase side
The practicability of case.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention
In another embodiment of authentication device 50,
The acquisition module 501 is specifically used for receiving the 5th verification information by the 5th information input subpage frame, wherein
5th verification information is that user presets for carrying out matched information;
The generation module 503, if being specifically used for received 5th verification information of the acquisition module 501 and the 5th
Default verification information matches, then generates certification success message;
If received 5th verification information of acquisition module 501 is mismatched with the 5th default verification information, and is tested
Card number has reached pre-determined threshold, then generates authentification failure message.
Further, in the embodiment of the present invention, information authenticating apparatus can also be received by the 5th information input subpage frame
5th verification information, wherein the 5th verification information is that user presets for carrying out matched information, if the 5th verifying letter
Breath matches with the 5th default verification information, then certification success message can be generated in information authenticating apparatus., whereas if the 5th
Verification information is mismatched with the 5th default verification information, and is verified number and had reached pre-determined threshold, then information authenticating apparatus is raw
At authentification failure message.By the above-mentioned means, being authenticated using fixed password, identifying code on the one hand can be withouted waiting for
The time being issued in equipment is directly authenticated according to customized answer, thus the practicability of lifting scheme.It is another
Aspect has stronger reliability using fixed password certification, prevent non-user because getting identifying code unintentionally and
The case where logon account, thus the feasibility of lifting scheme.
Optionally, on the basis of the embodiment corresponding to above-mentioned Figure 14 or Figure 15, information provided in an embodiment of the present invention
In another embodiment of authentication device 50,
The acquisition module 501 is specifically used for receiving the 6th verification information by the 6th information input subpage frame, wherein
6th verification information is the random information that affiliate application generates within the object time;
The generation module 503, if being specifically used for received 6th verification information of the acquisition module 501 and the 6th
Default verification information is consistent, then generates certification success message;
If received 6th verification information of acquisition module 501 and the 6th default verification information are inconsistent,
And verifying number has reached pre-determined threshold, then generates authentification failure message.
Further, in the embodiment of the present invention, information authenticating apparatus can also be received by the 6th information input subpage frame
6th verification information, wherein the 6th verification information is the random information that affiliate application generates within the object time, if the
Six verification informations are consistent with the 6th default verification information, then information authenticating apparatus generates certification success message.If instead the
Six verification informations and the 6th default verification information are inconsistent, and verify number and have reached pre-determined threshold, then information authenticating apparatus
Generate authentification failure message.By the above-mentioned means, user can also carry out authentication by the way of random cipher.With secret
Code often can be by installing other applications generation on the terminal device, and can just generate one at interval of a period of time
In this case a different random cipher can effectively promote the reliability and safety of certification by the randomness of password.
The embodiment of the invention also provides another information authenticating apparatus, as shown in figure 16, for ease of description, only show
Part related to the embodiment of the present invention, it is disclosed by specific technical details, please refer to present invention method part.It should
Information authenticating apparatus can be include mobile phone, tablet computer, personal digital assistant (personal digital assistant,
PDA), any terminal device such as point-of-sale terminal (point of sales, POS), vehicle-mounted computer, using information authenticating apparatus as mobile phone
For:
Figure 16 shows the block diagram of the part-structure of mobile phone relevant to terminal provided in an embodiment of the present invention.With reference to figure
16, mobile phone includes: radio frequency (radio frequency, RF) circuit 610, memory 620, input unit 630, display unit
640, sensor 650, voicefrequency circuit 660, Wireless Fidelity (wireless fidelity, WiFi) module 670, processor 680,
And the equal components of power supply 690.It will be understood by those skilled in the art that handset structure shown in Figure 16 is not constituted to mobile phone
It limits, may include perhaps combining certain components or different component layouts than illustrating more or fewer components.
It is specifically introduced below with reference to each component parts of the Figure 16 to mobile phone:
RF circuit 610 can be used for receiving and sending messages or communication process in, signal sends and receivees, particularly, by base station
After downlink information receives, handled to processor 680;In addition, the data for designing uplink are sent to base station.In general, RF circuit 610
Including but not limited to antenna, at least one amplifier, transceiver, coupler, low-noise amplifier (low noise
Amplifier, LNA), duplexer etc..In addition, RF circuit 610 can also be communicated with network and other equipment by wireless communication.
Any communication standard or agreement, including but not limited to global system for mobile communications (global can be used in above-mentioned wireless communication
System of mobile communication, GSM), general packet radio service (general packet radio
Service, GPRS), CDMA (code division multiple access, CDMA), wideband code division multiple access
(wideband code division multiple access, WCDMA), long term evolution (long term evolution,
LTE), Email, short message service (short messaging service, SMS) etc..
Memory 620 can be used for storing software program and module, and processor 680 is stored in memory 620 by operation
Software program and module, thereby executing the various function application and data processing of mobile phone.Memory 620 can mainly include
Storing program area and storage data area, wherein storing program area can application journey needed for storage program area, at least one function
Sequence (such as sound-playing function, image player function etc.) etc.;Storage data area can be stored to be created according to using for mobile phone
Data (such as audio data, phone directory etc.) etc..It, can be in addition, memory 620 may include high-speed random access memory
Including nonvolatile memory, for example, at least a disk memory, flush memory device or other volatile solid-states
Part.
Input unit 630 can be used for receiving the number or character information of input, and generate with the user setting of mobile phone with
And the related key signals input of function control.Specifically, input unit 630 may include that touch panel 631 and other inputs are set
Standby 632.Touch panel 631, also referred to as touch screen, collect user on it or nearby touch operation (such as user use
The operation of any suitable object or attachment such as finger, stylus on touch panel 631 or near touch panel 631), and root
Corresponding attachment device is driven according to preset formula.Optionally, touch panel 631 may include touch detecting apparatus and touch
Two parts of controller.Wherein, the touch orientation of touch detecting apparatus detection user, and touch operation bring signal is detected,
Transmit a signal to touch controller;Touch controller receives touch information from touch detecting apparatus, and is converted into touching
Point coordinate, then gives processor 680, and can receive order that processor 680 is sent and be executed.Furthermore, it is possible to using electricity
The multiple types such as resistive, condenser type, infrared ray and surface acoustic wave realize touch panel 631.In addition to touch panel 631, input
Unit 630 can also include other input equipments 632.Specifically, other input equipments 632 can include but is not limited to secondary or physical bond
One of disk, function key (such as volume control button, switch key etc.), trace ball, mouse, operating stick etc. are a variety of.
Display unit 640 can be used for showing information input by user or be supplied to user information and mobile phone it is various
Menu.Display unit 640 may include display panel 641, optionally, can use liquid crystal display (liquid crystal
Display, LCD), the forms such as Organic Light Emitting Diode (organic light-emitting diode, OLED) it is aobvious to configure
Show panel 641.Further, touch panel 631 can cover display panel 641, when touch panel 631 detect it is on it or attached
After close touch operation, processor 680 is sent to determine the type of touch event, is followed by subsequent processing device 680 according to touch event
Type corresponding visual output is provided on display panel 641.Although in Figure 16, touch panel 631 and display panel 641
It is that the input and input function of mobile phone are realized as two independent components, but in some embodiments it is possible to by touch-control
Panel 631 and display panel 641 are integrated and that realizes mobile phone output and input function.
Mobile phone may also include at least one sensor 650, such as optical sensor, motion sensor and other sensors.
Specifically, optical sensor may include ambient light sensor and proximity sensor, wherein ambient light sensor can be according to ambient light
Light and shade adjust the brightness of display panel 641, proximity sensor can close display panel 641 when mobile phone is moved in one's ear
And/or backlight.As a kind of motion sensor, accelerometer sensor can detect (generally three axis) acceleration in all directions
Size, can detect that size and the direction of gravity when static, can be used to identify the application of mobile phone posture, (for example horizontal/vertical screen is cut
Change, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.;May be used also as mobile phone
The other sensors such as gyroscope, barometer, hygrometer, thermometer, the infrared sensor of configuration, details are not described herein.
Voicefrequency circuit 660, loudspeaker 661, microphone 662 can provide the audio interface between user and mobile phone.Audio-frequency electric
Electric signal after the audio data received conversion can be transferred to loudspeaker 661, be converted to sound by loudspeaker 661 by road 660
Signal output;On the other hand, the voice signal of collection is converted to electric signal by microphone 662, is turned after being received by voicefrequency circuit 660
It is changed to audio data, then by after the processing of audio data output processor 680, such as another mobile phone is sent to through RF circuit 610,
Or audio data is exported to memory 620 to be further processed.
WiFi belongs to short range wireless transmission technology, and mobile phone can help user's transceiver electronics postal by WiFi module 670
Part, browsing webpage and access streaming video etc., it provides wireless broadband internet access for user.Although Figure 16 is shown
WiFi module 670, but it is understood that, and it is not belonging to must be configured into for mobile phone, it can according to need do not changing completely
Become in the range of the essence of invention and omits.
Processor 680 is the control centre of mobile phone, using the various pieces of various interfaces and connection whole mobile phone, is led to
It crosses operation or executes the software program and/or module being stored in memory 620, and call and be stored in memory 620
Data execute the various functions and processing data of mobile phone, to carry out integral monitoring to mobile phone.Optionally, processor 680 can wrap
Include one or more processing units;Optionally, processor 680 can integrate application processor and modem processor, wherein answer
With the main processing operation system of processor, user interface and application program etc., modem processor mainly handles wireless communication.
It is understood that above-mentioned modem processor can not also be integrated into processor 680.
Mobile phone further includes the power supply 690 (such as battery) powered to all parts, and optionally, power supply can pass through power supply pipe
Reason system and processor 680 are logically contiguous, to realize management charging, electric discharge and power managed by power-supply management system
Etc. functions.
Although being not shown, mobile phone can also include camera, bluetooth module etc., and details are not described herein.
In embodiments of the present invention, processor 680 included by the terminal is also with the following functions:
Obtain platform authentication request, wherein carry the clothes of target corresponding to destination server in the platform authentication request
Business device mark;
It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein is described
Target authentication mode and server identification set have matching relationship, and the server identification set includes at least one server
Mark, the destination server mark belong in the server identification set one;
Pass through the target authentication pattern acquiring information to be certified;
Authentification of message result is generated according to the information to be certified.
Optionally, processor 680 is also used to execute following steps:
Receive authentication information, wherein the authentication information includes applying account and password;
The authentication information is sent to the destination server, so that the destination server is to the authentication
Information is verified, and generates authentication result;
If the authentication result is to be proved to be successful, the mesh according in platform authentication request is executed
The step of mark server identification determines target authentication mode;
If the authentication result is authentication failed, the prompting message of authentication failed is shown.
Optionally, processor 680 is specifically used for executing following steps:
It is identified according to the destination server in platform authentication request and determines authentication mode, wherein the certification
Mode is for controlling jumping for the page;
It is identified according to the destination server in platform authentication request and determines certification page information, wherein is described
Certification page information is for showing and the associated page info of the authentication mode;
It is identified according to the destination server in platform authentication request and determines authenticating device information, wherein is described
Authenticating device information is used to indicate the information of equipment to be certified.
Optionally, processor 680 is specifically used for executing following steps:
According to the target authentication schema creation information input page, wherein the information input page includes at least one
A information input subpage frame;
The information to be certified is received by the information input page.
Optionally, processor 680 is specifically used for executing following steps:
Subpage frame is inputted by the first information and receives the first verification information, wherein first verification information is default
The information sent in time to the first associated account number;
If first verification information is consistent with the first default verification information, certification success message is generated;
If first verification information and the described first default verification information are inconsistent, and verify number and have reached pre- gating
Limit, then generate authentification failure message.
Optionally, processor 680 is specifically used for executing following steps:
Account switching command is received by the second information input subpage frame;
The first associated account number is switched to the second associated account number according to the account switching command;
Receive the second verification information, wherein second verification information is within a preset time to the second association account
Number send information;
If second verification information is consistent with the second default verification information, certification success message is generated;
If second verification information and the described second default verification information are inconsistent, and verify number and have reached pre- gating
Limit, then generate authentification failure message.
Optionally, processor 680 is specifically used for executing following steps:
Checking request is sent towards the first application program by third information input subpage, so that first application program
The checking request is sent to the destination server according to the checking request;
Third verification information is received by first application program, wherein the third verification information is by the mesh
Mark what server generated;
If the third verification information is preset verification information with third and matched, certification success message is generated;
If the third verification information and the third are preset verification information and are mismatched, and verify number and have reached pre- gating
Limit, then generate authentification failure message.
Optionally, processor 680 is specifically used for executing following steps:
Pass through the 4th information input subpage frame receiving device switching command;
Checking request is sent to the second application program according to the equipment switching command, so that the second application program root
The checking request is sent to the destination server according to the checking request;
The 4th verification information is received by second application program, wherein the 4th verification information is by the mesh
Mark what server generated;
If the 4th verification information is matched with the 4th default verification information, certification success message is generated;
If the 4th verification information is mismatched with the described 4th default verification information, and is verified number and had reached pre- gating
Limit, then generate authentification failure message.
Optionally, processor 680 is specifically used for executing following steps:
The 5th verification information is received by the 5th information input subpage frame, wherein the 5th verification information is that user is pre-
First it is arranged for carrying out matched information;
If the 5th verification information matches with the 5th default verification information, certification success message is generated;
If the 5th verification information is mismatched with the 5th default verification information, and is verified number and is had reached pre-determined threshold,
Then generate authentification failure message.
Optionally, processor 680 is specifically used for executing following steps:
The 6th verification information is received by the 6th information input subpage frame, wherein the 6th verification information is that association is answered
The random information generated within the object time with program;
If the 6th verification information is consistent with the 6th default verification information, certification success message is generated;
If the 6th verification information and the 6th default verification information are inconsistent, and verify number and have reached pre- gating
Limit, then generate authentification failure message.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided by the present invention, it should be understood that disclosed system, device and method can be with
It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, for example, the unit
It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components
It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or
The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit
It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially
The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words
It embodies, which is stored in a storage medium, including some instructions are used so that a computer
Equipment (can be personal computer, server or the network equipment etc.) executes the complete of each embodiment the method for the present invention
Portion or part steps.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory (read-only memory,
ROM), random access memory (random access memory, RAM), magnetic or disk etc. are various can store program
The medium of code.
The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although referring to before
Stating embodiment, invention is explained in detail, those skilled in the art should understand that: it still can be to preceding
Technical solution documented by each embodiment is stated to modify or equivalent replacement of some of the technical features;And these
It modifies or replaces, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.
Claims (15)
1. a kind of method of authentification of message characterized by comprising
Obtain platform authentication request, wherein carry destination server corresponding to destination server in the platform authentication request
Mark;
It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein the target
Certification mode and server identification set have matching relationship, and the server identification set includes at least one server mark
Know, the destination server mark belongs in the server identification set one;
Pass through the target authentication pattern acquiring information to be certified;
Authentification of message result is generated according to the information to be certified.
2. the method according to claim 1, wherein the method is also after acquisition platform authentication request
Include:
Receive authentication information, wherein the authentication information includes applying account and password;
The authentication information is sent to the destination server, so that the destination server is to the authentication information
It is verified, and generates authentication result;
If the authentication result is to be proved to be successful, executes the target according in platform authentication request and take
The step of device mark of being engaged in determines target authentication mode;
If the authentication result is authentication failed, the prompting message of authentication failed is shown.
3. the method according to claim 1, wherein the target according in platform authentication request
Server identification determines target authentication mode, comprising:
It is identified according to the destination server in platform authentication request and determines authentication mode, wherein the authentication mode
For controlling jumping for the page;
It is identified according to the destination server in platform authentication request and determines certification page information, wherein the certification
Page info is for showing and the associated page info of the authentication mode;
It is identified according to the destination server in platform authentication request and determines authenticating device information, wherein the certification
Facility information is used to indicate the information of equipment to be certified.
4. according to the method in any one of claims 1 to 3, which is characterized in that described to pass through the target authentication mode
Obtain information to be certified, comprising:
According to the target authentication schema creation information input page;
The information to be certified is received by the information input page.
5. according to the method described in claim 4, it is characterized in that, the information input page includes at least one information input
Subpage frame;
It is described that the information to be certified is received by the information input page, comprising:
Subpage frame is inputted by the first information and receives the first verification information, wherein first verification information is in preset time
The information that introversive first associated account number is sent;
It is described that authentification of message result is generated according to the information to be certified, comprising:
If first verification information is consistent with the first default verification information, certification success message is generated;
If first verification information and the described first default verification information are inconsistent, and verify number and have reached pre-determined threshold,
Then generate authentification failure message.
6. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception
Demonstrate,prove information, comprising:
Account switching command is received by the second information input subpage frame;
The first associated account number is switched to the second associated account number according to the account switching command;
Receive the second verification information, wherein second verification information is to send out within a preset time to second associated account number
The information sent;
It is described that authentification of message result is generated according to the information to be certified, comprising:
If second verification information is consistent with the second default verification information, certification success message is generated;
If second verification information and the described second default verification information are inconsistent, and verify number and have reached pre-determined threshold,
Then generate authentification failure message.
7. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception
Demonstrate,prove information, comprising:
By third information input subpage towards the first application program send checking request so that first application program according to
The checking request sends the checking request to the destination server;
Third verification information is received by first application program, wherein the third verification information is taken by the target
It is engaged in what device generated;
It is described that authentification of message result is generated according to the information to be certified, comprising:
If the third verification information is preset verification information with third and matched, certification success message is generated;
If the third verification information and the third are preset verification information and mismatched, and verify number and have reached pre-determined threshold,
Then generate authentification failure message.
8. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception
Demonstrate,prove information, comprising:
Pass through the 4th information input subpage frame receiving device switching command;
Checking request is sent to the second application program according to the equipment switching command, so that second application program is according to institute
It states checking request and sends the checking request to the destination server;
The 4th verification information is received by second application program, wherein the 4th verification information is taken by the target
It is engaged in what device generated;
It is described that authentification of message result is generated according to the information to be certified, comprising:
If the 4th verification information is matched with the 4th default verification information, certification success message is generated;
If the 4th verification information is mismatched with the described 4th default verification information, and is verified number and is had reached pre-determined threshold,
Then generate authentification failure message.
9. according to the method described in claim 5, it is characterized in that, described described wait recognize by information input page reception
Demonstrate,prove information, comprising:
The 5th verification information is received by the 5th information input subpage frame, wherein the 5th verification information is that user sets in advance
It sets for carrying out matched information;
It is described that authentification of message result is generated according to the information to be certified, comprising:
If the 5th verification information matches with the 5th default verification information, certification success message is generated;
If the 5th verification information is mismatched with the 5th default verification information, and is verified number and had reached pre-determined threshold, then give birth to
At authentification failure message.
10. according to the method described in claim 5, it is characterized in that, it is described by the information input page receive it is described to
Authentication information, comprising:
The 6th verification information is received by the 6th information input subpage frame, wherein the 6th verification information is associated application journey
The random information that sequence generates within the object time;
It is described that authentification of message result is generated according to the information to be certified, comprising:
If the 6th verification information is consistent with the 6th default verification information, certification success message is generated;
If the 6th verification information and the 6th default verification information are inconsistent, and verify number and have reached pre-determined threshold,
Then generate authentification failure message.
11. a kind of information authenticating apparatus characterized by comprising
Module is obtained, for obtaining platform authentication request, wherein carry corresponding to destination server in the platform authentication request
Destination server mark;
Determining module, the destination server in platform authentication request for being obtained according to the acquisition module identify
Determine target authentication mode, wherein the target authentication mode and server identification set have matching relationship, the server
Logo collection includes at least one server identification, and the destination server mark belongs to one in the server identification set
It is a;
The acquisition module is also used to the target authentication pattern acquiring information to be certified determined by the determining module;
Generation module, the information to be certified for being obtained according to the acquisition module generate authentification of message result.
12. information authenticating apparatus according to claim 11, which is characterized in that the information authenticating apparatus further includes receiving
Module, sending module, execution module and cue module;
The receiving module receives authentication information after obtaining platform authentication request for the acquisition module, wherein
The authentication information includes applying account and password;
The sending module, for sending the received authentication information of receiving module to the destination server,
So that the destination server verifies the authentication information, and generate authentication result;
The execution module executes institute if being to be proved to be successful for the authentication result that the sending module is sent
It states and the step of determining target authentication mode is identified according to the destination server in platform authentication request;
The cue module, if being authentication failed for the authentication result that the sending module is sent, display is tested
Demonstrate,prove the prompting message of failure.
13. a kind of information authenticating apparatus characterized by comprising memory, processor and bus system;
Wherein, the memory is for storing program;
The processor is used to execute the program in the memory, includes the following steps:
Obtain platform authentication request, wherein carry destination server corresponding to destination server in the platform authentication request
Mark;
It is identified according to the destination server in platform authentication request and determines target authentication mode, wherein the target
Certification mode and server identification set have matching relationship, and the server identification set includes at least one server mark
Know, the destination server mark belongs in the server identification set one;
Pass through the target authentication pattern acquiring information to be certified;
Authentification of message result is generated according to the information to be certified;
The bus system is for connecting the memory and the processor, so that the memory and the processor
It is communicated.
14. information authenticating apparatus according to claim 13, which is characterized in that the processor is also used to execute following step
It is rapid:
Receive authentication information, wherein the authentication information includes applying account and password;
The authentication information is sent to the destination server, so that the destination server is to the authentication information
It is verified, and generates authentication result;
If the authentication result is to be proved to be successful, executes the target according in platform authentication request and take
The step of device mark of being engaged in determines target authentication mode;
If the authentication result is authentication failed, the prompting message of authentication failed is shown.
15. a kind of computer readable storage medium, including instruction, when run on a computer, so that computer executes such as
Method described in any one of claims 1 to 10.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810847542.0A CN110399713B (en) | 2018-07-27 | 2018-07-27 | Information authentication method and related device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810847542.0A CN110399713B (en) | 2018-07-27 | 2018-07-27 | Information authentication method and related device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110399713A true CN110399713A (en) | 2019-11-01 |
CN110399713B CN110399713B (en) | 2024-06-25 |
Family
ID=68322470
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810847542.0A Active CN110399713B (en) | 2018-07-27 | 2018-07-27 | Information authentication method and related device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110399713B (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111027931A (en) * | 2019-12-09 | 2020-04-17 | 南京苏测测绘科技有限公司 | Real estate data sharing system and data sharing method based on WCF technology |
CN111046372A (en) * | 2019-12-04 | 2020-04-21 | 深圳模微半导体有限公司 | Method, chip and electronic equipment for information security authentication between communication equipment |
CN111083657A (en) * | 2019-12-27 | 2020-04-28 | 广州骏伯网络科技有限公司 | Mobile phone traffic recharging method and device |
CN111262830A (en) * | 2020-01-07 | 2020-06-09 | 广州虎牙科技有限公司 | Security authentication method, device, system, electronic equipment and storage medium |
CN111552942A (en) * | 2020-04-27 | 2020-08-18 | 北京三快在线科技有限公司 | Identity authentication method, system, device and computer storage medium |
CN111865935A (en) * | 2020-06-30 | 2020-10-30 | 北京天融信网络安全技术有限公司 | Data transmission system |
CN112804224A (en) * | 2021-01-07 | 2021-05-14 | 沈阳麟龙科技股份有限公司 | Authentication method, device, medium and electronic equipment based on micro service |
CN113378130A (en) * | 2021-06-22 | 2021-09-10 | 深圳市链融科技股份有限公司 | Login authentication method and device, computer equipment and storage medium |
CN113836509A (en) * | 2021-09-23 | 2021-12-24 | 百度在线网络技术(北京)有限公司 | Information acquisition method and device, electronic equipment and storage medium |
CN114363054A (en) * | 2021-12-31 | 2022-04-15 | 杭州数梦工场科技有限公司 | Interface request conversion method, interface conversion device, electronic device and storage medium |
CN114422246A (en) * | 2022-01-20 | 2022-04-29 | 国家药品监督管理局信息中心(中国食品药品监管数据中心) | Data reading method and system and electronic equipment |
CN114676411A (en) * | 2020-12-24 | 2022-06-28 | 航天信息股份有限公司 | Authentication mode identification method and equipment |
CN115022004A (en) * | 2022-05-27 | 2022-09-06 | 中国银行股份有限公司 | Data processing method and device and server |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039311A (en) * | 2006-03-16 | 2007-09-19 | 华为技术有限公司 | Identification web page service network system and its authentication method |
CN102368768A (en) * | 2011-10-12 | 2012-03-07 | 北京星网锐捷网络技术有限公司 | Identification method, equipment and system as well as identification server |
US8613055B1 (en) * | 2013-02-22 | 2013-12-17 | Ping Identity Corporation | Methods and apparatus for selecting an authentication mode at time of issuance of an access token |
CN104270368A (en) * | 2014-10-08 | 2015-01-07 | 福建星网锐捷网络有限公司 | Authentication method, authentication server and authentication system |
CN105791249A (en) * | 2014-12-26 | 2016-07-20 | 深圳云之家网络有限公司 | Third-party application processing method, device and system |
CN106790194A (en) * | 2016-12-30 | 2017-05-31 | 中国银联股份有限公司 | A kind of access control method and device based on ssl protocol |
US20170286954A1 (en) * | 2016-03-31 | 2017-10-05 | Shashank Mehta | Method and system of authentication of electronic payments |
CN107835155A (en) * | 2017-10-11 | 2018-03-23 | 飞天诚信科技股份有限公司 | A kind of double authentication protection methods and device |
CN108076018A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | Identity authorization system, method, apparatus and account authentication method |
-
2018
- 2018-07-27 CN CN201810847542.0A patent/CN110399713B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039311A (en) * | 2006-03-16 | 2007-09-19 | 华为技术有限公司 | Identification web page service network system and its authentication method |
CN102368768A (en) * | 2011-10-12 | 2012-03-07 | 北京星网锐捷网络技术有限公司 | Identification method, equipment and system as well as identification server |
US8613055B1 (en) * | 2013-02-22 | 2013-12-17 | Ping Identity Corporation | Methods and apparatus for selecting an authentication mode at time of issuance of an access token |
CN104270368A (en) * | 2014-10-08 | 2015-01-07 | 福建星网锐捷网络有限公司 | Authentication method, authentication server and authentication system |
CN105791249A (en) * | 2014-12-26 | 2016-07-20 | 深圳云之家网络有限公司 | Third-party application processing method, device and system |
US20170286954A1 (en) * | 2016-03-31 | 2017-10-05 | Shashank Mehta | Method and system of authentication of electronic payments |
CN108076018A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | Identity authorization system, method, apparatus and account authentication method |
CN106790194A (en) * | 2016-12-30 | 2017-05-31 | 中国银联股份有限公司 | A kind of access control method and device based on ssl protocol |
CN107835155A (en) * | 2017-10-11 | 2018-03-23 | 飞天诚信科技股份有限公司 | A kind of double authentication protection methods and device |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111046372A (en) * | 2019-12-04 | 2020-04-21 | 深圳模微半导体有限公司 | Method, chip and electronic equipment for information security authentication between communication equipment |
CN111027931A (en) * | 2019-12-09 | 2020-04-17 | 南京苏测测绘科技有限公司 | Real estate data sharing system and data sharing method based on WCF technology |
CN111083657B (en) * | 2019-12-27 | 2020-12-15 | 广州骏伯网络科技有限公司 | Mobile phone traffic recharging method and device |
CN111083657A (en) * | 2019-12-27 | 2020-04-28 | 广州骏伯网络科技有限公司 | Mobile phone traffic recharging method and device |
CN111262830A (en) * | 2020-01-07 | 2020-06-09 | 广州虎牙科技有限公司 | Security authentication method, device, system, electronic equipment and storage medium |
CN111262830B (en) * | 2020-01-07 | 2022-08-19 | 广州虎牙科技有限公司 | Security authentication method, device, system, electronic equipment and storage medium |
CN111552942A (en) * | 2020-04-27 | 2020-08-18 | 北京三快在线科技有限公司 | Identity authentication method, system, device and computer storage medium |
CN111552942B (en) * | 2020-04-27 | 2023-02-10 | 北京三快在线科技有限公司 | Identity authentication method, system, device and computer storage medium |
CN111865935A (en) * | 2020-06-30 | 2020-10-30 | 北京天融信网络安全技术有限公司 | Data transmission system |
CN111865935B (en) * | 2020-06-30 | 2022-05-17 | 北京天融信网络安全技术有限公司 | Data transmission system |
CN114676411A (en) * | 2020-12-24 | 2022-06-28 | 航天信息股份有限公司 | Authentication mode identification method and equipment |
CN112804224A (en) * | 2021-01-07 | 2021-05-14 | 沈阳麟龙科技股份有限公司 | Authentication method, device, medium and electronic equipment based on micro service |
CN113378130A (en) * | 2021-06-22 | 2021-09-10 | 深圳市链融科技股份有限公司 | Login authentication method and device, computer equipment and storage medium |
CN113836509A (en) * | 2021-09-23 | 2021-12-24 | 百度在线网络技术(北京)有限公司 | Information acquisition method and device, electronic equipment and storage medium |
CN113836509B (en) * | 2021-09-23 | 2024-03-01 | 百度在线网络技术(北京)有限公司 | Information acquisition method, device, electronic equipment and storage medium |
CN114363054A (en) * | 2021-12-31 | 2022-04-15 | 杭州数梦工场科技有限公司 | Interface request conversion method, interface conversion device, electronic device and storage medium |
CN114363054B (en) * | 2021-12-31 | 2023-12-01 | 杭州数梦工场科技有限公司 | Interface request conversion method, interface conversion device, electronic equipment and storage medium |
CN114422246A (en) * | 2022-01-20 | 2022-04-29 | 国家药品监督管理局信息中心(中国食品药品监管数据中心) | Data reading method and system and electronic equipment |
CN115022004A (en) * | 2022-05-27 | 2022-09-06 | 中国银行股份有限公司 | Data processing method and device and server |
CN115022004B (en) * | 2022-05-27 | 2024-04-16 | 中国银行股份有限公司 | Data processing method, device and server |
Also Published As
Publication number | Publication date |
---|---|
CN110399713B (en) | 2024-06-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110399713A (en) | A kind of method and relevant apparatus of authentification of message | |
CN112733107B (en) | Information verification method, related device, equipment and storage medium | |
US10637668B2 (en) | Authentication method, system and equipment | |
CN107395343B (en) | Certificate management method and system | |
CN110198301B (en) | Service data acquisition method, device and equipment | |
JP4755866B2 (en) | Authentication system, authentication server, authentication method, and authentication program | |
CN109472166A (en) | A kind of electronic signature method, device, equipment and medium | |
CN107453870A (en) | Mobile terminal authentication management method, device and corresponding mobile terminal based on block chain | |
CN110826043A (en) | Digital identity application system and method, identity authentication system and method | |
CN108234124B (en) | Identity verification method, device and system | |
CN104901805B (en) | A kind of identification authentication methods, devices and systems | |
CN103368928A (en) | System and method for resetting account password | |
CN110365684A (en) | Access control method, device and the electronic equipment of application cluster | |
CN110795737A (en) | Method and terminal equipment for upgrading service application range of electronic identity card | |
CN108259458A (en) | Application software account relating method, apparatus and storage medium | |
CN107113613A (en) | Server, mobile terminal, real-name network authentication system and method | |
CN109102297A (en) | Revocable payment method and device | |
CN105847007A (en) | Identity verification method for terminal device and computer device | |
CN111489172B (en) | Qualification information authentication method, terminal and server | |
US20150326558A1 (en) | Architecture for platform security using a dedicated security device for user interaction | |
CN108234412B (en) | Identity verification method and device | |
CN108234113B (en) | Identity verification method, device and system | |
JP5418361B2 (en) | User authentication system, user authentication method and program | |
CN108234409B (en) | Identity verification method and device | |
WO2021106381A1 (en) | Information processing device, information processing method, authentication device, authentication method, authentication system, authentication method in authentication system, and computer program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant |