CN110401542A - Electronic identity voucher generation method, terminal and server - Google Patents
Electronic identity voucher generation method, terminal and server Download PDFInfo
- Publication number
- CN110401542A CN110401542A CN201910716878.8A CN201910716878A CN110401542A CN 110401542 A CN110401542 A CN 110401542A CN 201910716878 A CN201910716878 A CN 201910716878A CN 110401542 A CN110401542 A CN 110401542A
- Authority
- CN
- China
- Prior art keywords
- information
- identity
- card
- electronic identity
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
A kind of electronic identity voucher generation method provided by the invention, terminal and server, electronic identity voucher is obtained by all information factors in encryption message, each information factor is encrypted according to an identity information, and the cipher mode of at least two information factors is different, and then one side encryption rule is complicated, it is not easy to be stolen, on the other hand, using register user's typing authentication code and biological information as key, when needing to transfer electronic identity voucher, it needs to decrypt using authentication code and biological information, strengthen the safety of electronic identity voucher.
Description
Technical field
The present invention relates to electronic certificate fields, more particularly to a kind of electronic identity voucher generation method, terminal and clothes
Business device.
Background technique
It is continued to develop with trend is changed on service line, such as credit card obtains fraud wind severe outside visitor's field face on line
Danger, also there is an urgent need to identity authentication means on the line of more safe and convenient, and it is crucial effectively to strengthen client identity and wish confirmation etc.
The authenticity management of link, it is ensured that service security, efficient operation.Pass through the authentication means of more safe and convenient, Business Stream
Journey design will more simplify, and the safety of business handling and convenience are promoted.By the authentication of more safe and convenient
Means preferably meet the financial service demand of mobile interchange epoch client, further promote customer service experience.
Summary of the invention
At least one of to solve the above-mentioned problems, the application provides a kind of electronic identity voucher generation method, comprising:
The encryption message that terminal is sent is received, the encryption message includes multiple information factors, and each information factor passes through
Encryption formation is carried out to the identity information of registration user, and the cipher mode of at least two information factors is different, it is described
Identity information includes ID card information;
The encryption message is decrypted, each information factor is obtained;
Electronic identity voucher is generated according to all information factors, and using the authentication code and biological characteristic of registration user's typing
Information stores the electronic identity as key encryption.
In certain embodiments, the ID card information include: address name, user's gender, certificate card number, certificate it is effective
Phase, finger print information and identity card DN code, and/or,
The biological information to be formed by encoding to facial image progress base64.
In certain embodiments, the electronic identity voucher is two dimensional code mark.
In certain embodiments, further includes:
The ID card information is authenticated, determines whether the ID card information is correct;And/or
Further include:
Receive the authentication code of registration user's typing.
In certain embodiments, the identity information further includes reserved customer information.
In certain embodiments, a kind of electronic identity voucher generation method, comprising:
Multiple identity informations of registration user are obtained, the identity information includes ID card information;
The information factor that encryption forms corresponding number is carried out to each identity information using at least one cipher mode;
The information factor is packaged as encryption message and is sent to server, so that the server is to the encryption message
It is decrypted to obtain each information factor, and then generates electronic identity voucher according to all information factors, wherein the electronics body
Part voucher is encrypted using the authentication code and biological information of registration user's typing as key.
In certain embodiments, the ID card information include: address name, user's gender, certificate card number, certificate it is effective
Phase, finger print information and identity card DN code;And/or the biological information is by carrying out base64 coding to facial image
It is formed.
In certain embodiments, the electronic identity voucher is two dimensional code mark.
In certain embodiments, further includes:
The authentication code of typing registration user.
In certain embodiments, the identity information further includes reserved customer information.
The application also provides a kind of for generating the server of electronic identity voucher, comprising:
Message receiving module is encrypted, the encryption message that terminal is sent is received, the encryption message includes multiple information factors,
Each information factor carries out encryption formation by an identity information to registration user, and at least two information factors plus
Close mode is different, and the identity information includes ID card information;
Deciphering module is decrypted the encryption message, obtains each information factor;
Electronic identity voucher generation module generates electronic identity voucher according to all information factors, and using registration user
The authentication code and biological information of typing store the electronic identity as key encryption.
In certain embodiments, the ID card information include: address name, user's gender, certificate card number, certificate it is effective
Phase, finger print information and identity card DN code, and/or,
The biological information to be formed by encoding to facial image progress base64.
In certain embodiments, the electronic identity voucher is two dimensional code mark.
In certain embodiments, further includes:
Just whether ID card information authentication module authenticates the ID card information, determine the ID card information
Really;And/or
Further include:
Authentication code receiving module receives the authentication code of registration user's typing.
In certain embodiments, the identity information further includes reserved customer information.
The application also provides a kind of for generating the terminal of electronic identity voucher, comprising:
Identity information acquisition module, obtains multiple identity informations of registration user, and the identity information includes identity card letter
Breath;
Encrypting module carries out the information that encryption forms corresponding number to each identity information using at least one cipher mode
The factor;
Message sending module is encrypted, the information factor is packaged as encryption message and is sent to server, so that the clothes
Business device is decrypted to obtain each information factor to the encryption message, so according to all information factors generation electronic identity with
Card, wherein the electronic identity voucher is encrypted using the authentication code and biological information of registration user's typing as key.
In certain embodiments, the ID card information include: address name, user's gender, certificate card number, certificate it is effective
Phase, finger print information and identity card DN code;And/or the biological information is by carrying out base64 coding to facial image
It is formed.
In certain embodiments, the electronic identity voucher is two dimensional code mark.
In certain embodiments, further includes:
Authentication code recording module, authentication code described in typing.
In certain embodiments, the identity information further includes reserved customer information.
The application also provides a kind of computer equipment, including memory, processor and storage on a memory and can located
The step of computer program run on reason device, the processor realizes method as described above when executing described program.
The application also provides a kind of computer readable storage medium, is stored thereon with computer program, the computer program
The step of method as described above is realized when being executed by processor.
The invention has the following beneficial effects:
A kind of electronic identity voucher generation method, terminal and server provided by the invention pass through the institute in encryption message
There is the information factor to obtain electronic identity voucher, each information factor is encrypted according to an identity information, and at least
The cipher mode of two information factors is different, and then one side encryption rule is complicated, is not easy to be stolen, on the other hand, with registration
The authentication code and biological information of user's typing are as key, when needing to transfer electronic identity voucher, need using certification
Code and biological information decryption, strengthen the safety of electronic identity voucher.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 shows credible electronic identity authentication system structure diagram in the application.
Fig. 2 shows a kind of electronic identity voucher generation method flow diagrams that terminal in the application executes.
Fig. 3 shows a kind of electronic identity voucher generation method flow diagram that server executes in the application.
Fig. 4 shows terminal structure schematic diagram in the application.
Fig. 5 shows server architecture schematic diagram in the application.
Fig. 6 is shown in the application to the encryption schematic diagram of field format encryption.
Fig. 7 shows the structural schematic diagram for being suitable for the computer equipment for being used to realize the embodiment of the present application.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Fig. 1 shows a kind of credible electronic identity authentication system comprising terminal 1 and server 5.
Terminal 1 and external information collecting device, such as fingerprint capturer, identity card recognizer 2, recognition of face device etc. are even
It connects, available identity information, such as the address name, user's gender, certificate card number, the certificate that obtain from identity card are effective
Phase, identity card DN code, the finger print information etc. acquired by fingerprint capturer.
Terminal is responsible for carrying out above-mentioned identity information encryption formation encryption message, and encryption message is then sent to service
Device, so that server generates electronic identity voucher according to all information factors in encryption message.
It in the embodiment in figure 1, can also include for the storage server 4 of storage, for Ministry of Public Security's authentication
The authentication server 3 of 8 requests verification of platform, carries out sign test server 7 of signature verification etc..
Further, ciphering process can not execute in server, can execute solution by the encryption equipment being separately provided
Close, this will not be repeated here.
Since the above- mentioned information factor is uniquely, according to preset generating algorithm, to can be generated with uniqueness
Electronic identity voucher.
Fig. 2 shows the electronic identity voucher generation methods that the application terminal is implemented, and specifically include:
S11: multiple identity informations of registration user are obtained, the identity information includes ID card information;
S12: the information factor that encryption forms corresponding number is carried out to each identity information using at least one cipher mode;
S13: the information factor is packaged as encryption message and is sent to server, so that the server is to the encryption
Message is decrypted to obtain each information factor, and then generates electronic identity voucher according to all information factors, wherein the electricity
Sub- identity documents are encrypted using the authentication code and biological information of registration user's typing as key.
It is appreciated that a kind of electronic identity voucher generation method provided by the invention implemented by terminal, is reported by encryption
All information factors in text obtain electronic identity voucher, and each information factor is encrypted according to an identity information,
And the cipher mode of at least two information factors is different, and then one side encryption rule is complicated, is not easy to be stolen, another party
Face is needed when needing to transfer electronic identity voucher using the authentication code and biological information of registering user's typing as key
It is decrypted using authentication code and biological information, strengthens the safety of electronic identity voucher.
It describes in detail below to electronic identity voucher generation method.
It is appreciated that DN code is the unique identification of identity card, if a citizen possesses multiple identity cards, every identity card
DN code is also all different.
Terminal is encrypted using a variety of cipher modes, specifically, first by all identity informations according to format classification into
Row classification, is then normalized the identity information of classification, uses to the other identity information of every type after normalization
A kind of cipher mode is encrypted.Specifically, being encrypted using information of the dynamic encryption to number format, using following encryptions
The information of field format is encrypted.
As shown in fig. 6, be illustrated below one specifically the cipher mode to field format data by way of example, it will be appreciated that
Following Encryption Algorithm cannot be considered as the limitation to the application Encryption Algorithm.
S71: original field data 1, original field data 2, original field data 3 to original field data N are to encrypt
Information field, N represents one or more, and system can calculate the specific value of N automatically.
For a certain original field data N, one of customized set of algorithms M algorithm can be used, it is encrypted.
Symmetry algorithm and asymmetric arithmetic can be used in set of algorithms M.Symmetry algorithm includes 3DES, SM4, AES etc., and the key of every kind of algorithm can
According to configuration requirement by the second, point, when, day, week, the moon, year different cycles carry out dynamic update, asymmetric arithmetic includes SM2, RSA
Deng.System is that each field N selects a kind of Encryption Algorithm, and generating algorithm sequence from set of algorithms M according to the specific value of N
K1K2K3...Kn, Kn indicate a kind of Encryption Algorithm, and sequence of algorithms K1K2K3...Kn is encrypted using national secret algorithm SM4, close
Key supports dynamic to update.The key of above-mentioned symmetry algorithm is always consistent in terminal and server.
S72: by previous step rule, system to original field data 1, original field data 2, original field data 3 to
Original field data N is encrypted according to the algorithm that sequence of algorithms K1K2K3...Kn chooses, to sequence of algorithms K1K2K3...Kn
It is encrypted.Ciphertext L is spliced into using list separator between data, and list separator is customized character visible or can in system
See character string.
After each field data completes encryption, electronic identity voucher terminal sends to electronic identity voucher server and instructs, and makes
Private key is generated in electronic identity voucher server with asymmetric SM2 national secret algorithm, and corresponding public key is returned into electronic identity
Voucher terminal.The public and private key that asymmetric SM2 national secret algorithm generates to can press the second, point, when, day, week, the moon, year different cycles it is dynamic
State updates.Ciphertext L is encrypted to ciphertext X using the public key that asymmetric SM2 national secret algorithm generates.
S73: carrying out base64 coding to ciphertext X, at the same after base64 coding the front F of bit string, middle part Y or after
The out-of-order character of portion B supplement safety, safety random ordering character is consistent with the character visible range that base64 is encoded, safety random ordering character
Quantity is 12 multiple, and the out-of-order character string system of the safety of front F, middle part Y or rear portion B can be defined and combine, and according to
System ultimately produces base64 encoded information format message and is sent.
In some embodiments, the biological information to be formed by encoding to facial image progress base64.
In addition, in certain embodiments, the electronic identity voucher is two dimensional code mark.
Further, the above method further include: the authentication code of typing registration user.
Authentication code is the identifying code of user's typing, and the application is added by combining biological information with authentication code
Close decryption, and then identifying code and biological information acquisition electronic certificate are needed while inputting, improve the safety of electronic certificate
Property.
In certain embodiments, above-mentioned identity information further includes reserved customer information.
By taking banking system as an example, customer information includes existing customer's number, cell-phone number of client etc..
In addition, the above method further includes the steps that authentication: according to the DN code, being transferred from the server of public security department
Corresponding authentication information is compared with the identity information of reading, if unanimously, authentication passes through.
Fig. 3 shows a kind of electronic identity voucher generation method by server implementation, comprising:
S21: the encryption message that terminal is sent is received, the encryption message includes multiple information factors, each information factor
Encryption formation is carried out by an identity information to registration user, and the cipher mode of at least two information factors is different,
The identity information includes ID card information;
S22: the encryption message is decrypted, each information factor is obtained;
S23: electronic identity voucher is generated according to all information factors, and using the authentication code and biology of registration user's typing
Characteristic information stores the electronic identity as key encryption.
It is appreciated that a kind of electronic identity voucher generation method provided by the invention implemented by terminal, is reported by encryption
All information factors in text obtain electronic identity voucher, and each information factor is encrypted according to an identity information,
And the cipher mode of at least two information factors is different, and then one side encryption rule is complicated, is not easy to be stolen, another party
Face is needed when needing to transfer electronic identity voucher using the authentication code and biological information of registering user's typing as key
It is decrypted using authentication code and biological information, strengthens the safety of electronic identity voucher.
It is appreciated that be based on identical inventive concept, in some embodiments, the ID card information include: address name,
User's gender, certificate card number, certificate validity period, finger print information and identity card DN code.
Based on identical inventive concept, in some embodiments, the biological information is by carrying out facial image
Base64 encodes to be formed.
Based on identical inventive concept, in some embodiments, the electronic identity voucher is two dimensional code mark.
Based on identical inventive concept, in some embodiments, further includes:
The ID card information is authenticated, determines whether the ID card information is correct.
Authentication information is transferred from public security server by DN code in the embodiment to be authenticated.
Based on identical inventive concept, in some embodiments, further includes:
Receive the authentication code of registration user's typing.
Authentication code is the customized identifying code of user, can be existed in a manner of 6 bit digitals or 8 bit digitals etc..
In the embodiment of the present application, client can be new client or frequent customer, and frequent customer is stored with corresponding in systems
Identity information, such as fingerprint, face feature and identity card etc..
Terminal and server is described in detail below.
Fig. 4 shows the virtual architecture schematic diagram of terminal, specifically includes: identity information acquisition module 11, obtains registration and uses
Multiple identity informations at family, the identity information include ID card information;Encrypting module 12, using at least one cipher mode pair
Each identity information carries out the information factor that encryption forms corresponding number;Message sending module 13 is encrypted, by the information factor
Be packaged as encryption message and be sent to server so that the server to the encryption message be decrypted to obtain each information because
Son, and then electronic identity voucher is generated according to all information factors, wherein the electronic identity voucher is using registration user's typing
Authentication code and biological information as key encrypt.
In some embodiments, terminal and external information collecting device, for example, fingerprint capturer, identity card recognizer,
The connection such as recognition of face device.
Based on identical inventive concept, in an embodiment, the ID card information includes: address name, user's gender, card
Part card number, certificate validity period, finger print information and identity card DN code;And/or the biological information passes through to facial image
Base64 is carried out to encode to be formed.
Based on identical inventive concept, in an embodiment, the electronic identity voucher is two dimensional code mark.
Based on identical inventive concept, in an embodiment, terminal further include:
Authentication code recording module, authentication code described in typing.
Based on identical inventive concept, in an embodiment, the identity information further includes reserved customer information.
Fig. 5 shows the concrete structure schematic diagram of server, as shown in figure 5, comprising: encrypt message receiving module 21,
The encryption message that terminal is sent is received, the encryption message includes multiple information factors, and each information factor is by using registration
One identity information at family carries out encryption formation, and the cipher mode of at least two information factors is different, the identity information
Including ID card information;Deciphering module 22 is decrypted the encryption message, obtains each information factor;Electronic identity with
Generation module 23 is demonstrate,proved, generates electronic identity voucher according to all information factors, and using the authentication code of registration user's typing and life
Object characteristic information stores the electronic identity as key encryption.
It is appreciated that server provided by the present application, obtains electronic identity by all information factors in encryption message
Voucher, each information factor are encrypted according to an identity information, and the cipher mode of at least two information factors
Difference, and then one side encryption rule is complicated, is not easy to be stolen, on the other hand, to register the authentication code and biology of user's typing
Characteristic information is as key, when needing to transfer electronic identity voucher, needs to decrypt using authentication code and biological information, add
The strong safety of electronic identity voucher.
Based on identical inventive concept, the ID card information includes: address name, user's gender, certificate card number, certificate
Validity period, finger print information and identity card DN code, and/or, the biological information is by carrying out base64 to facial image
Coding is formed.
The electronic identity voucher is two dimensional code mark.
Based on identical inventive concept, further includes:
Just whether ID card information authentication module authenticates the ID card information, determine the ID card information
Really;And/or, further includes:
Authentication code receiving module receives the authentication code of registration user's typing.
Based on identical inventive concept, the identity information further includes reserved customer information.
The generation scene and application scenarios of electronic certificate is illustrated below.
Step S501: when client's arrival bank outlets' sales counter handles registration electronic certificate business, terminal is initiated to read two generation bodies
The instruction of part card information, client pass through the credible 2 brush China second-generation identity card of card-reading apparatus in cabinet face outside sales counter, and service terminal takes DN
After the second-generation identification card informations such as code, customer name, identification card number and fingerprint, pass through encryption and generate message, then by data
Server is sent to be handled.
Step S502: server receives the data of terminal request, is analyzed and processed to message, is carried out according to type of message
Processing.If client is new client, the corresponding customer number of new client is generated, terminal sends the finger of typing electronic certificate authentication code
It enables, client is passed through by code keyboard typing double probate code, system veritification, client's success typing authentication code.
Step S503 terminal calls portrait living body control, and system obtains qualified facial image and is used for recognition of face, and right
It carries out base64 coding, while by facial image, Client handset number and the electronic certificate authentication code related data after coding into
Row processing, and it is sent to server, server network handles data, then transmits data to private server 3, Special clothes
Business device 3 transmits data to Ministry of Public Security's identity authentication platform 8 by network special line and is verified, and verifies successful result original road and returns
Return to terminal.If client is registered to cross electronic certificate, 5 electronic certificate message processing module 53 of application server is remembered according to system
Record prompts the actual conditions of client enrollment electronic certificate.If user, there are multiple identity cards, system judges that certificate validity period originates
Whether date or date of expiry are less than the validity period in system in the customer information, such as less than, it is desirable that and client holds new certificate acquiring,
Or it is handled again after the customer information of more new system.
Step S504: terminal receives unsuccessful verification as a result, registration electronic certificate success, application server 5 compile client
Number, the information such as electronic certificate, customer name, passport NO., fingerprint and transaction code be sent to storage server 4 and saved,
Wherein, be related to the sensitive datas such as electronic certificate, customer name, passport NO., fingerprint by encryption equipment encryption and decryption handle after again into
Row saves.
The scene that client uses electronic certificate is illustrated below.
Step S701: client reaches bank outlets' sales counter, and the mobile device of installation Mobile banking app shows that client nets card two
It ties up code (electronic certificate), the service terminal that channel accesses 1 site cabinet face 11 reads net card two dimensional code using scanning means, passes through people
As living body control shooting facial image photo, and base64 coding is carried out, passes through code keyboard input authentication code, sets of relational data
Dress is message, is sent to application server 5.
Step S702: application server 5 splits message, sends the data to encryption equipment 5 and carries out data encrypting and deciphering
Processing splits type of message, customer name, identification card number, certificate validity period, the facial image of base64 coding, base64 volume
Finger print information, Client handset number, net card authentication code, the net of code demonstrate,prove the data of information and each field of transaction code, and request is authenticated
Data be sent to sign test server 7 and sign, service-specific is sent by application server 5 by the data after signature
Device, then Ministry of Public Security's identity authentication platform 8 is accessed by network special line and is verified.Application server 5 receives the verification knot returned
Fruit transmits data to sign test server 7 and carries out sign test processing, after the encrypted machine of the data of return encrypts, is saved in storage clothes
Business device 4, the customer information and Transaction Information of former message are also needed through encryption equipment encrypting storing.Application server 5 is by authentication result
Return to site service terminal.
Step S703: terminal receive net identification card as a result, system is automatically performed the process of transfer transactions, winding-up.
It is appreciated that the application can simplify bank transaction process, access unified management by all kinds of means is realized, verification process can
To form complete business handling chain of evidence electronic record, powerful measure is provided for verification, retrospect, proof client's actual wishes.
The problem of can effectively solve bank client identification safety authentication realizes client in the case where not carrying China second-generation identity card medium
It also can be the bank safety transacting business the problem of.During banking is handled, reduction and the cumbersome interactive step of client are mentioned
Rise customer service experience, raising efficiency.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer equipment, specifically, computer is set
It is standby for example can for personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant,
Media player, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment
In any equipment combination.
Computer equipment specifically includes memory, processor and storage on a memory simultaneously in a typical example
The computer program that can be run on a processor is realized when the processor executes described program and is held as described above by client
Capable method, alternatively, the processor realizes the method executed as described above by server when executing described program.
Below with reference to Fig. 7, it illustrates the structural schematic diagrams for the computer equipment for being suitable for being used to realize the embodiment of the present application.
As shown in fig. 7, computer equipment 600 includes central processing unit (CPU) 601, it can be read-only according to being stored in
Program in memory (ROM) 602 is loaded into random access storage device (RAM) from storage section 608) program in 603
And execute various work appropriate and processing.In RAM603, also it is stored with system 600 and operates required various program sum numbers
According to.CPU601, ROM602 and RAM603 are connected with each other by bus 604.Input/output (I/O) interface 605 is also connected to
Bus 604.
I/O interface 605 is connected to lower component: the importation 606 including keyboard, mouse etc.;It is penetrated including such as cathode
The output par, c 607 of spool (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage section 608 including hard disk etc.;
And including such as LAN card, the communications portion 609 of the network interface card of modem etc..Communications portion 609 via such as because
The network of spy's net executes communication process.Driver 610 is also connected to I/O interface 606 as needed.Detachable media 611, such as
Disk, CD, magneto-optic disk, semiconductor memory etc. are mounted on as needed on driver 610, in order to read from thereon
Computer program be mounted as needed such as storage section 608.
Particularly, according to an embodiment of the invention, may be implemented as computer above with reference to the process of flow chart description
Software program.For example, the embodiment of the present invention includes a kind of computer program product comprising be tangibly embodied in machine readable
Computer program on medium, the computer program include the program code for method shown in execution flow chart.At this
In the embodiment of sample, which can be downloaded and installed from network by communications portion 609, and/or from removable
Medium 611 is unloaded to be mounted.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
For convenience of description, it is divided into various units when description apparatus above with function to describe respectively.Certainly, implementing this
The function of each unit can be realized in the same or multiple software and or hardware when application.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want
There is also other identical elements in the process, method of element, commodity or equipment.
It will be understood by those skilled in the art that embodiments herein can provide as method, system or computer program product.
Therefore, complete hardware embodiment, complete software embodiment or embodiment combining software and hardware aspects can be used in the application
Form.It is deposited moreover, the application can be used to can be used in the computer that one or more wherein includes computer usable program code
The shape for the computer program product implemented on storage media (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
Formula.
The application can describe in the general context of computer-executable instructions executed by a computer, such as program
Module.Generally, program module includes routines performing specific tasks or implementing specific abstract data types, programs, objects, group
Part, data structure etc..The application can also be practiced in a distributed computing environment, in these distributed computing environments, by
Task is executed by the connected remote processing devices of communication network.In a distributed computing environment, program module can be with
In the local and remote computer storage media including storage equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
The above description is only an example of the present application, is not intended to limit this application.For those skilled in the art
For, various changes and changes are possible in this application.All any modifications made within the spirit and principles of the present application are equal
Replacement, improvement etc., should be included within the scope of the claims of this application.
Claims (22)
1. a kind of electronic identity voucher generation method characterized by comprising
The encryption message that terminal is sent is received, the encryption message includes multiple information factors, and each information factor passes through to note
The identity information of volume user carries out encryption formation, and the cipher mode of at least two information factors is different, the identity
Information includes ID card information;
The encryption message is decrypted, each information factor is obtained;
Electronic identity voucher is generated according to all information factors, and using the authentication code and biological information of registration user's typing
The electronic identity is stored as key encryption.
2. electronic identity voucher generation method according to claim 1, which is characterized in that the ID card information includes:
Address name, user's gender, certificate card number, certificate validity period, finger print information and identity card DN code, and/or,
The biological information to be formed by encoding to facial image progress base64.
3. electronic identity voucher generation method according to claim 1, which is characterized in that the electronic identity voucher is two
Tie up code mark.
4. electronic identity voucher generation method according to claim 1, which is characterized in that further include:
The ID card information is authenticated, determines whether the ID card information is correct;And/or
Further include:
Receive the authentication code of registration user's typing.
5. electronic identity voucher generation method according to claim 1, which is characterized in that the identity information further includes pre-
Stay customer information.
6. a kind of electronic identity voucher generation method characterized by comprising
Multiple identity informations of registration user are obtained, the identity information includes ID card information;
The information factor that encryption forms corresponding number is carried out to each identity information using at least one cipher mode;
The information factor is packaged as encryption message and is sent to server, so that the server carries out the encryption message
Decryption obtains each information factor, and then generates electronic identity voucher according to all information factors, wherein the electronic identity with
Card is encrypted using the authentication code and biological information of registration user's typing as key.
7. electronic identity voucher generation method according to claim 6, which is characterized in that the ID card information includes:
Address name, user's gender, certificate card number, certificate validity period, finger print information and identity card DN code;And/or the biology spy
Reference breath to be formed by encoding to facial image progress base64.
8. electronic identity voucher generation method according to claim 6, which is characterized in that the electronic identity voucher is two
Tie up code mark.
9. electronic identity voucher generation method according to claim 6, which is characterized in that further include:
The authentication code of typing registration user.
10. electronic identity voucher generation method according to claim 6, which is characterized in that the identity information further includes
Reserved customer information.
11. a kind of for generating the server of electronic identity voucher characterized by comprising
Message receiving module is encrypted, receives the encryption message that terminal is sent, the encryption message includes multiple information factors, each
The information factor carries out encryption formation, and the encryption side of at least two information factors by an identity information to registration user
Formula is different, and the identity information includes ID card information;
Deciphering module is decrypted the encryption message, obtains each information factor;
Electronic identity voucher generation module generates electronic identity voucher according to all information factors, and using registration user's typing
Authentication code and biological information as key encryption store the electronic identity.
12. server according to claim 11, which is characterized in that the ID card information includes: address name, user
Gender, certificate card number, certificate validity period, finger print information and identity card DN code, and/or,
The biological information to be formed by encoding to facial image progress base64.
13. server according to claim 11, which is characterized in that the electronic identity voucher is two dimensional code mark.
14. server according to claim 11, which is characterized in that further include:
ID card information authentication module authenticates the ID card information, determines whether the ID card information is correct;
And/or
Further include:
Authentication code receiving module receives the authentication code of registration user's typing.
15. server according to claim 11, which is characterized in that the identity information further includes reserved customer information.
16. a kind of for generating the terminal of electronic identity voucher characterized by comprising
Identity information acquisition module obtains multiple identity informations of registration user, and the identity information includes ID card information;
Encrypting module, using at least one cipher mode to each identity information carry out encryption formed the information of corresponding number because
Son;
Message sending module is encrypted, the information factor is packaged as encryption message and is sent to server, so that the server
The encryption message is decrypted to obtain each information factor, and then generates electronic identity voucher according to all information factors,
Wherein the electronic identity voucher is encrypted using the authentication code and biological information of registration user's typing as key.
17. terminal according to claim 16, which is characterized in that the ID card information includes: address name, Yong Huxing
Not, certificate card number, certificate validity period, finger print information and identity card DN code;And/or the biological information passes through to people
Face image carries out base64 and encodes to be formed.
18. terminal according to claim 16, which is characterized in that the electronic identity voucher is two dimensional code mark.
19. terminal according to claim 16, which is characterized in that further include:
Authentication code recording module, authentication code described in typing.
20. terminal according to claim 16, which is characterized in that the identity information further includes reserved customer information.
21. a kind of computer equipment including memory, processor and stores the meter that can be run on a memory and on a processor
Calculation machine program, which is characterized in that the processor realizes the described in any item methods of claims 1 to 10 when executing described program
The step of.
22. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program quilt
The step of claims 1 to 10 described in any item methods are realized when processor executes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910716878.8A CN110401542A (en) | 2019-08-05 | 2019-08-05 | Electronic identity voucher generation method, terminal and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910716878.8A CN110401542A (en) | 2019-08-05 | 2019-08-05 | Electronic identity voucher generation method, terminal and server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110401542A true CN110401542A (en) | 2019-11-01 |
Family
ID=68327431
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910716878.8A Pending CN110401542A (en) | 2019-08-05 | 2019-08-05 | Electronic identity voucher generation method, terminal and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110401542A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110955858A (en) * | 2019-11-12 | 2020-04-03 | 广州大白互联网科技有限公司 | Information management method of network license platform |
| CN110995659A (en) * | 2019-11-12 | 2020-04-10 | 广州大白互联网科技有限公司 | Method and system for generating network authentication data |
| CN111431873A (en) * | 2020-03-11 | 2020-07-17 | 山东超越数控电子股份有限公司 | Method, system, device and medium for reporting information |
| CN112383399A (en) * | 2020-11-06 | 2021-02-19 | 新大陆(福建)公共服务有限公司 | Key processing method, system, device and medium for self-adaptive matching identity platform |
| CN112597458A (en) * | 2020-12-22 | 2021-04-02 | 北京八分量信息科技有限公司 | Method and device for identity authentication based on trusted authentication and related product |
| CN113691366A (en) * | 2020-05-16 | 2021-11-23 | 成都天瑞芯安科技有限公司 | Desensitized secure biometric identity authentication system |
| CN114022335A (en) * | 2022-01-10 | 2022-02-08 | 中航信移动科技有限公司 | Electronic identity authentication method and device based on dynamic timeliness and electronic equipment |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104601325A (en) * | 2013-10-31 | 2015-05-06 | 华为技术有限公司 | Data encryption method, device, equipment and system and data decryption method, device, equipment and system |
| CN104881280A (en) * | 2015-05-13 | 2015-09-02 | 南京邮电大学 | Multi-search supporting design method for encrypted database middleware |
| CN105429761A (en) * | 2015-12-29 | 2016-03-23 | 宇龙计算机通信科技(深圳)有限公司 | Key generation method and device |
| CN105656870A (en) * | 2015-06-29 | 2016-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method, device and system |
| CN105847233A (en) * | 2016-03-10 | 2016-08-10 | 浪潮集团有限公司 | Switch which carries out encrypted transmission according to fields |
| CN106375083A (en) * | 2016-09-30 | 2017-02-01 | 广东网金控股股份有限公司 | Encryption-decryption method based on Base64 and device thereof |
| US20180069696A1 (en) * | 2015-04-14 | 2018-03-08 | Samsung Sds Co., Ltd. | Encrypted data management method and device |
| CN108540470A (en) * | 2018-04-04 | 2018-09-14 | 中国工商银行股份有限公司 | Verification System and method based on digital certificate label |
| CN108595971A (en) * | 2018-04-25 | 2018-09-28 | 杭州闪捷信息科技股份有限公司 | A kind of database adaptive refinement method |
| CN109005151A (en) * | 2018-06-13 | 2018-12-14 | 四川斐讯信息技术有限公司 | A kind of encryption of information, decryption processing method and processing terminal |
| CN109450642A (en) * | 2018-11-05 | 2019-03-08 | 郑州云海信息技术有限公司 | The treating method and apparatus of network ciphertext data |
-
2019
- 2019-08-05 CN CN201910716878.8A patent/CN110401542A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104601325A (en) * | 2013-10-31 | 2015-05-06 | 华为技术有限公司 | Data encryption method, device, equipment and system and data decryption method, device, equipment and system |
| US20180069696A1 (en) * | 2015-04-14 | 2018-03-08 | Samsung Sds Co., Ltd. | Encrypted data management method and device |
| CN104881280A (en) * | 2015-05-13 | 2015-09-02 | 南京邮电大学 | Multi-search supporting design method for encrypted database middleware |
| CN105656870A (en) * | 2015-06-29 | 2016-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method, device and system |
| CN105429761A (en) * | 2015-12-29 | 2016-03-23 | 宇龙计算机通信科技(深圳)有限公司 | Key generation method and device |
| CN105847233A (en) * | 2016-03-10 | 2016-08-10 | 浪潮集团有限公司 | Switch which carries out encrypted transmission according to fields |
| CN106375083A (en) * | 2016-09-30 | 2017-02-01 | 广东网金控股股份有限公司 | Encryption-decryption method based on Base64 and device thereof |
| CN108540470A (en) * | 2018-04-04 | 2018-09-14 | 中国工商银行股份有限公司 | Verification System and method based on digital certificate label |
| CN108595971A (en) * | 2018-04-25 | 2018-09-28 | 杭州闪捷信息科技股份有限公司 | A kind of database adaptive refinement method |
| CN109005151A (en) * | 2018-06-13 | 2018-12-14 | 四川斐讯信息技术有限公司 | A kind of encryption of information, decryption processing method and processing terminal |
| CN109450642A (en) * | 2018-11-05 | 2019-03-08 | 郑州云海信息技术有限公司 | The treating method and apparatus of network ciphertext data |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110955858A (en) * | 2019-11-12 | 2020-04-03 | 广州大白互联网科技有限公司 | Information management method of network license platform |
| CN110995659A (en) * | 2019-11-12 | 2020-04-10 | 广州大白互联网科技有限公司 | Method and system for generating network authentication data |
| CN110995659B (en) * | 2019-11-12 | 2022-02-22 | 广州大白互联网科技有限公司 | Method and system for generating network authentication data |
| CN111431873A (en) * | 2020-03-11 | 2020-07-17 | 山东超越数控电子股份有限公司 | Method, system, device and medium for reporting information |
| CN113691366A (en) * | 2020-05-16 | 2021-11-23 | 成都天瑞芯安科技有限公司 | Desensitized secure biometric identity authentication system |
| CN112383399A (en) * | 2020-11-06 | 2021-02-19 | 新大陆(福建)公共服务有限公司 | Key processing method, system, device and medium for self-adaptive matching identity platform |
| CN112383399B (en) * | 2020-11-06 | 2024-01-26 | 新大陆(福建)公共服务有限公司 | Key processing method, system, equipment and medium of self-adaptive matching identity platform |
| CN112597458A (en) * | 2020-12-22 | 2021-04-02 | 北京八分量信息科技有限公司 | Method and device for identity authentication based on trusted authentication and related product |
| CN112597458B (en) * | 2020-12-22 | 2023-12-01 | 北京八分量信息科技有限公司 | Method, device and related product for identity authentication based on trusted authentication |
| CN114022335A (en) * | 2022-01-10 | 2022-02-08 | 中航信移动科技有限公司 | Electronic identity authentication method and device based on dynamic timeliness and electronic equipment |
| CN114022335B (en) * | 2022-01-10 | 2022-03-18 | 中航信移动科技有限公司 | Electronic identity authentication method and device based on dynamic timeliness and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11799668B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| EP3721578B1 (en) | Methods and systems for recovering data using dynamic passwords | |
| CN110401542A (en) | Electronic identity voucher generation method, terminal and server | |
| CN105453483B (en) | For method and apparatus derived from the key based on image | |
| US10318932B2 (en) | Payment card processing system with structure preserving encryption | |
| CN110383757A (en) | System and method for safe handling electronic identity | |
| US20170026180A1 (en) | Method and database system for secure storage and communication of information | |
| WO2018145127A1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN107566117A (en) | A kind of block chain key management system and method | |
| CN110462658A (en) | For providing system and method for the digital identity record to verify the identity of user | |
| CN109583219A (en) | A kind of data signature, encryption and preservation method, apparatus and equipment | |
| CN110326251A (en) | The system and method that the general dispersion solution of user is verified using cross validation feature are provided | |
| CN207489017U (en) | Data desensitization system | |
| CN106452775A (en) | Method and apparatus for accomplishing electronic signing and signing server | |
| US20160098698A1 (en) | Methods for enabling mobile payments | |
| CN104462949B (en) | The call method and device of a kind of plug-in unit | |
| CN108876593A (en) | A kind of online transaction method and apparatus | |
| CN110290134A (en) | A kind of identity identifying method, device, storage medium and processor | |
| EP4049403A2 (en) | Optimized private biometric matching | |
| Saranya et al. | Efficient mobile security for E health care application in cloud for secure payment using key distribution | |
| CN103942896A (en) | System for money withdrawing without card on ATM | |
| CN108805574B (en) | Transaction method and system based on privacy protection | |
| CN111222178A (en) | Data signature method and device | |
| CN109903052A (en) | A kind of block chain endorsement method and mobile device | |
| US20230154260A1 (en) | Token based secure access to a locker system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191101 |
|
| RJ01 | Rejection of invention patent application after publication |