Disclosure of Invention
In order to solve the above technical problems, an object of the present invention is to provide an identity verification system for a trading platform based on multidimensional information, wherein standard fingerprint data, standard pressing times and an entry sequence within a plurality of unit entry times are entered through a fingerprint module during registration, and a standard key is generated in cooperation with a key generation module. During login, a fingerprint module is used for collecting a sample key of a login applicant, and a key verification module is used for calculating the matching degree of the sample key and a standard key, so that identity verification is realized. Compared with the prior art that login passwords and payment passwords are separately set, the login method can realize login with different authorities only by clicking the fingerprint module, so that the usability is ensured, and the account security is improved.
The technical problem to be solved by the invention is as follows:
A. how to solve the problem that the digital password or the single biological password in the prior art is stolen at will.
The purpose of the invention can be realized by the following technical scheme:
an identity verification system for a trading platform based on multi-dimensional information comprises a server and a client for accessing the server, wherein the client comprises a request generation module, a fingerprint module, a key generation module and a control module;
the request generation module is used for generating a registration request and a login request according to the operation of a user;
the fingerprint module comprises a fingerprint identification unit and a pressing identification unit, wherein the fingerprint identification unit is used for inputting the fingerprint information of any finger of a registration requester in unit input time after receiving a registration instruction, obtaining standard fingerprint data after inputting a plurality of groups of fingerprint information and recording the input sequence of the fingerprints; the fingerprint acquisition device is also used for acquiring a plurality of fingerprint information of the login applicant in a plurality of unit acquisition time after receiving the login instruction, taking the fingerprint information as sample fingerprint data and recording the acquisition sequence of the fingerprint of the login applicant; the press identification unit is used for recording the press times in unit recording time as standard press times after receiving the registration instruction; the device is also used for recording the pressing times in unit acquisition time as the sample pressing times after receiving the login instruction; the unit recording time is equal to the unit recording time;
the key generation module is used for generating a standard key together with the standard fingerprint data, the recording sequence and the standard pressing times, uploading the standard key to the key verification module for storage, and generating a sample key together with the sample fingerprint data, the acquisition sequence and the sample pressing times;
the control module comprises a display unit and an input unit, wherein the display unit is used for displaying data in the server according to the type of the received authority certificate; the input unit restricts an operation according to the kind of the received authority certificate.
The server comprises an instruction generation module, a key verification module and an authority distribution module;
the instruction generation module is used for generating a registration instruction after receiving the registration request and is also used for generating a login instruction after receiving the login request;
the key verification module is used for comparing the standard key with the sample key and calculating the matching degree of the standard key and the sample key; the matching degree is provided with four gears, namely, low, medium and high;
the authority distribution module is used for sending an authority certificate to the client according to the matching degree obtained by the key verification module; the authority certificate comprises three types, namely a commodity authority certificate, a personal information management authority certificate and a payment authority certificate which are respectively browsed;
further, the client further comprises a vibration feedback module for providing vibration feedback for the fingerprint module during acquisition and recording.
Further, the working method of the system is as follows:
s1, registration step:
s1.1, a request generation module sends a registration request to a server;
s1.2, the instruction generation module receives the registration request and then sends a registration instruction to the fingerprint module;
s1.3, after the fingerprint module receives the registration instruction, the control display unit prompts a user to press the fingerprint module for multiple times by using one finger within unit input time; after the user executes the fingerprint module, the fingerprint module obtains standard fingerprint data and standard pressing times of the finger, and records the standard fingerprint data and the standard pressing times as F1;
s1.4, circularly executing the S1.3 for n times to obtain standard fingerprint data and standard pressing times of a plurality of fingers, and recording the standard fingerprint data and the standard pressing times as F2, F3, … and Fn in sequence;
s1.5, the key generation module constructs a set S which is { F1, F2, F3, …, Fn }, uploads the set S as a standard key to the key verification module for storage, and associates the user as a registered applicant with an account;
s2, a login step:
s2.1, a request generation module sends a login request to a server;
s2.2, the instruction generation module receives the registration request and then sends a login instruction to the fingerprint module;
s2.3, after the fingerprint module receives the login instruction, controlling a display unit to prompt a user to press the fingerprint module for multiple times by using a finger in unit acquisition time, and after the user executes the fingerprint module, obtaining sample fingerprint data and sample pressing times in unit acquisition time, wherein the sample fingerprint data and the sample pressing times are recorded as f 1;
s2.4, circularly executing the S2.3 for n times to obtain sample fingerprint data of a plurality of fingers and sample pressing times, and recording the sample fingerprint data and the sample pressing times as f2, f3, … and fn in sequence;
s2.5, the key generation module constructs a set C ═ { f1, f2, f3, …, fn }; the set C is used as a sample key and is uploaded to a key verification module;
s2.6, the key verification module calculates the matching degree of the standard key and the sample key, and associates the sample key with the matching degree;
s2.7, the authority distribution module does not send any authority certificate for the sample key without matching degree; only sending out a commodity browsing authority certificate for the sample key with low matching degree; sending out a commodity browsing authority certificate and a personal information management authority certificate for the sample key with the medium matching degree; for the sample key with high matching degree, sending out a commodity browsing authority certificate, a personal information management authority certificate and a payment authority certificate;
s2.8, the client accesses the server according to the received authority certificate type; the commodity browsing permission certificate has the permission to search and view commodities, the personal information management permission certificate has the permission to view and modify personal information, and the payment permission certificate has the permission to pay orders.
Further, in S1.3 and S2.3, after the fingerprint module identifies a sample fingerprint data or a standard fingerprint data, the fingerprint identification unit sends an identification feedback instruction to the vibration feedback module, and the vibration feedback module drives the vibration unit in the client to generate vibration with a duration less than a second; after one unit of recording time or one unit of collecting time is over, the fingerprint identification unit sends an end feedback instruction to the vibration feedback module, the vibration feedback module drives the vibration unit in the client to generate vibration with duration longer than b seconds, and a is smaller than b.
Further, in S2.6, a specific calculation method of the matching degree between the standard key and the sample key is as follows:
s2.6.1, taking Fi and Fi as comparison units, wherein i ∈ [1, n ], if the pressing times of all comparison units are the same, marking the comparison units as data matching, and if the pressing times of any comparison units are different, marking the comparison units as data mismatching;
s2.6.2, if there is a comparison unit with sample fingerprint data same as the standard fingerprint data, marking as fingerprint matching, if the sample fingerprint data of all comparison units are different from the standard fingerprint data, marking as fingerprint mismatching; if the sample fingerprint data of all the comparison units is the same as the standard fingerprint data, marking the sample fingerprint data as sequential matching;
s2.6.3, satisfying any item of the fingerprint matching data and fingerprint matching, and marking the matching degree as low; only satisfy data matching and fingerprint matching, the matching degree sets up to well, and sequence matching, data matching and fingerprint matching all satisfy, and the matching degree sets up to the height, and sequence matching, data matching and fingerprint matching all do not satisfy, and the matching degree sets up to nothing.
The invention has the beneficial effects that:
(1) when registering, the fingerprint module is used for recording standard fingerprint data, standard pressing times and recording sequence in a plurality of unit recording time, and the fingerprint module is matched with the key generation module to generate a standard key. During login, a fingerprint module is used for collecting a sample key of a login applicant, and a key verification module is used for calculating the matching degree of the sample key and a standard key, so that identity verification is realized.
(2) Compared with the prior art that login passwords and payment passwords are separately set, the login method can realize login with different authorities only by clicking the fingerprint module, so that the usability is ensured, and the account security is improved.
(3) In the input and collection process, the vibration feedback module is matched to feed back the operation of the user, the input and collection accuracy and the concealment performance can be effectively improved, the input and collection efficiency can be effectively improved, and the theft probability can be reduced.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the embodiment provides an identity verification system for a trading platform based on multidimensional information, which includes a server and a client for accessing the server to implement functions of managing a user account, searching for a commodity, paying an order, and the like, where the client, such as a mobile phone, a tablet, a pc, and the like, includes a request generation module, a fingerprint module, a key generation module, and an operation module.
The request generation module is used for generating a registration request and a login request according to the operation of a user. Initiated after the user clicks the register or sign-on button.
The fingerprint module contains the fingerprint identification unit and presses the identification unit, can adopt the press type fingerprint identification module of integral type, also can adopt touch-sensitive screen cooperation screen fingerprint subassembly down to realize, wherein, the fingerprint identification unit is used for after receiving the registration instruction, in unit input time, types in the fingerprint information of arbitrary one finger of registration requester, obtains standard fingerprint data and the type order of record fingerprint after typing multiunit fingerprint information. And the fingerprint acquisition module is also used for acquiring a plurality of fingerprint information of the login requester in a plurality of unit acquisition time after receiving the login instruction, taking the fingerprint information as sample fingerprint data and recording the acquisition sequence of the fingerprint of the login requester.
The number of the unit acquisition time is positively correlated with the strength of the secret key, and is not less than 3, for example, 3 is set by the client. For non-self login, the number of the unit acquisition time and the type number of the fingerprints in the standard key are unknown, so that the number of the acquired fingerprint information is uncertain, and the anti-theft performance is good.
The press identification unit is used for recording the press times in unit recording time as standard press times after receiving the registration instruction. And the device is also used for recording the pressing times in unit acquisition time as the sample pressing times after receiving the login instruction. And the unit recording time is equal to the unit recording time, such as 2s set by the client.
The key generation module is used for generating a standard key together with the standard fingerprint data, the recording sequence and the standard pressing times, uploading the standard key to the key verification module for storage, and generating a sample key together with the sample fingerprint data, the acquisition sequence and the sample pressing times.
Specifically, for example, when the fingerprint module is pressed 3 times with the index finger within 2s of the first unit entry time during registration, the number of pressing times is marked as 3, and since a plurality of fingerprints are originally stored in the client for unlocking, if the standard fingerprint data is identified as the fingerprint a, F1 is (fingerprint a, number 3), and in the same step, F2 corresponding to three unit entry times is recorded (fingerprint b, number 2) and F3 are (fingerprint a, number 4). So the standard key S { (fingerprint a, degree 3), (fingerprint b, degree 2), (fingerprint a, degree 4) }.
Similarly, at the time of login, collected f1 ═ fingerprint a, time 3, f2 ═ fingerprint b, time 1, f3 { (fingerprint C, time 1), sample key C { (fingerprint a, time 3), (fingerprint b, time 1), (fingerprint C, time 1) }.
The standard key comprises digital information, fingerprint information and input sequence information, and the identity of the logged-in applicant is verified by multiple dimensions, so that the standard key has strong anti-cracking performance.
The control module comprises a display unit and an input unit, wherein the display unit is used for displaying data in the server according to the type of the received authority certificate. The input unit restricts an operation according to the kind of the received authority certificate.
The client side further comprises a vibration feedback module used for providing vibration feedback for the fingerprint module during collection and recording.
The server comprises an instruction generation module, a key verification module and a permission distribution module.
The instruction generation module is used for generating a registration instruction after receiving the registration request and is also used for generating a login instruction after receiving the login request.
The key verification module is used for comparing the standard key with the sample key and calculating the matching degree of the standard key and the sample key, and the matching degree has four gears of low, medium and high.
And the authority distribution module is used for sending an authority certificate to the client according to the matching degree obtained by the key verification module. The authority certificate comprises three types, namely a commodity authority certificate, a personal information management authority certificate and a payment authority certificate which are browsed respectively.
The working method of the system is as follows:
s1, registration step:
s1.1, the request generation module sends a registration request to the server.
S1.2, the instruction generation module receives the registration request and then sends a registration instruction to the fingerprint module.
S1.3, after the fingerprint module receives the registration instruction, the control display unit prompts a user to press the fingerprint module for multiple times by using one finger within unit input time. After the user executes, the fingerprint module obtains standard fingerprint data of the finger and standard number of presses, and records as F1.
And S1.4, circularly executing the S1.3 for n times to obtain standard fingerprint data of a plurality of fingers and standard pressing times, and recording the standard fingerprint data and the standard pressing times as F2, F3, … and Fn in sequence.
And S1.5, constructing a set S of { F1, F2, F3, …, Fn } by the key generation module, uploading the set S as a standard key to the key verification module for storage, and associating the user as a registered applicant with the account.
S2, a login step:
s2.1, the request generation module sends a login request to the server.
And S2.2, the instruction generation module receives the registration request and then sends a login instruction to the fingerprint module.
And S2.3, after the fingerprint module receives the login instruction, the control display unit prompts a user to press the fingerprint module for multiple times by using a finger in unit acquisition time, and after the user executes the fingerprint module, the fingerprint data of the sample and the pressing times of the sample in the unit acquisition time are obtained and recorded as f 1.
In S1.3 and S2.3, after the fingerprint module identifies a sample fingerprint data or a standard fingerprint data, the fingerprint identification unit sends an identification feedback instruction to the vibration feedback module, and the vibration feedback module drives a vibration unit in the client, such as a z-axis linear motor, to generate vibration having a duration less than a seconds. After one unit of recording time or one unit of collecting time is over, the fingerprint identification unit sends an end feedback instruction to the vibration feedback module, the vibration feedback module drives the vibration unit in the client to generate vibration with duration longer than b seconds, and a is smaller than b. E.g., with client settings of a-0.05 and b-0.5. Through the vibration of different time length, give the user input feedback, can improve the accuracy of typeeing and gathering, simultaneously because the disguise of vibration suggestion is higher, can reduce stolen probability.
And S2.4, circularly executing the S2.3 for n times to obtain sample fingerprint data of a plurality of fingers and sample pressing times, and recording the sample fingerprint data and the sample pressing times as f2, f3, … and fn in sequence.
S2.5, the key generation module constructs the set C ═ { f1, f2, f3, …, fn }. And uploading the set C as a sample key to the key verification module.
And S2.6, the key verification module calculates the matching degree of the standard key and the sample key and associates the sample key with the matching degree.
And the specific calculation method of the matching degree of the standard key and the sample key is as follows:
s2.6.1, taking Fi and Fi as comparison units, wherein i ∈ [1, n ], if the pressing times in all comparison units are the same, marking the pressing times as data matching, indicating that the pressing times and the sequence are the same as the standard key, and if the pressing times of any comparison unit are different, marking the pressing times and the sequence as data mismatching, indicating that the pressing times and the sequence are not the same as the standard key;
if the number of presses of the standard key is 3, 5, 1 in sequence and the number of presses of the sample key is 5, 3, 1 in sequence, only the number of presses of the collation cell corresponding to F3 and F3 is the same, and therefore, it should be noted that the data do not match.
S2.6.2, if there is a matching unit where the sample fingerprint data is the same as the standard fingerprint data, it is marked as fingerprint match, indicating that the fingerprint is correct and only the order is wrong. And if the sample fingerprint data of all the comparison units are different from the standard fingerprint data, marking as that the fingerprints are not matched. If the sample fingerprint data of all the comparison units is the same as the standard fingerprint data, the comparison units are marked as sequential matching.
If the standard key is sequentially the fingerprint a, the fingerprint a and the fingerprint b, and the sample key is sequentially the fingerprint a, the fingerprint b and the fingerprint c, only F1 is matched with the F1 fingerprint data, so that the sequence is different, and matched fingerprints exist, so that the fingerprints should be marked as fingerprint matching; if the sample key is sequentially the fingerprint a, the fingerprint a and the fingerprint b, the sequence matching is marked.
S2.6.3, satisfying any one of the fingerprint matching data and the fingerprint matching, and the matching degree is marked as low. Only satisfy data matching and fingerprint matching, the matching degree sets up to well, and sequence matching, data matching and fingerprint matching all satisfy, and the matching degree sets up to the height, and sequence matching, data matching and fingerprint matching all do not satisfy, and the matching degree sets up to nothing.
And S2.7, the permission distribution module does not send out any permission certificate for the sample key without the matching degree. The identity authentication is unqualified, the function of the trading platform cannot be used, only the browse commodity authority certificate is sent for the sample key with low matching degree, namely, the client can only use the basic functions of the trading platform, such as the operations of searching and checking commodities and the like, and personal data is not involved. And sending out a commodity browsing authority certificate and a personal information management authority certificate for the sample key with the medium matching degree. The client can use basic functions of the trading platform and can also add, delete, modify and check personal information in the account, such as shopping cart management, historical order checking, after-sale consultation and the like, and sends a browsing commodity authority certificate, a personal information management authority certificate and a payment authority certificate for a sample key with high matching degree, namely the client can use all functions of the platform, including functions related to money such as payment and refund of orders.
And S2.8, the client accesses the server according to the received authority certificate type. The commodity browsing permission certificate has the permission to search and view commodities, the personal information management permission certificate has the permission to view and modify personal information, and the payment permission certificate has the permission to pay orders.
The foregoing is merely exemplary and illustrative of the present invention and various modifications, additions and substitutions may be made by those skilled in the art to the specific embodiments described without departing from the scope of the invention as defined in the following claims.