CN110704822A - Method, device, server and system for improving user identity authentication security - Google Patents
Method, device, server and system for improving user identity authentication security Download PDFInfo
- Publication number
- CN110704822A CN110704822A CN201910817139.8A CN201910817139A CN110704822A CN 110704822 A CN110704822 A CN 110704822A CN 201910817139 A CN201910817139 A CN 201910817139A CN 110704822 A CN110704822 A CN 110704822A
- Authority
- CN
- China
- Prior art keywords
- voice
- information
- voice data
- preset
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 238000012795 verification Methods 0.000 claims description 85
- 238000012545 processing Methods 0.000 claims description 7
- 238000001514 detection method Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 239000011521 glass Substances 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G10—MUSICAL INSTRUMENTS; ACOUSTICS
- G10L—SPEECH ANALYSIS OR SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING; SPEECH OR AUDIO CODING OR DECODING
- G10L17/00—Speaker identification or verification
- G10L17/22—Interactive procedures; Man-machine interfaces
Abstract
The invention relates to the field of identity authentication, and discloses a method, a device, a server and a system for improving the security of user identity authentication. The user must read out the relevant authentication information according to the requirement of the prompt message, and the voice characteristics of the generated voice data must be matched with the preset voice information to pass the user authentication, so the method can improve the security of the user authentication.
Description
Technical Field
The present invention relates to the field of identity authentication, and more particularly, to a method, an apparatus, a server, and a system for improving security of user identity authentication.
Background
With the development of voiceprint recognition technology, more and more business scenes need to use the voiceprint recognition technology to recognize the user identity, for example, scenes such as a household electronic lock, an internet bank and the like need to complete the verification of the user identity first, so that the next operation can be completed.
When the user identity is verified by using the voiceprint recognition technology, the character string is randomly generated each time, the voice signal of the character string read out by the user is recorded, and the voice signal is input into the voiceprint recognition model to be compared so as to verify whether the user is allowed to pass.
In some conventional technologies, it may also perform authentication again on the user based on the above-mentioned voiceprint recognition technology in combination with a video mode or a fingerprint recognition mode.
However, on one hand, the number of the character strings is limited, and the target character string is relatively easily searched out by logging in the multiple machines for verification respectively, and the target character string is read out, so that an illegal user can pass the verification relatively easily, and therefore, the identity verification security of the mode is not high enough, and on the other hand, the mode of combining a video mode or a fingerprint identification mode to assist in verifying the identity of the user needs to build corresponding hardware, so that the deployment is relatively troublesome, and the cost is relatively high.
Disclosure of Invention
The embodiment of the invention aims to provide a method, a device, a server and a system for improving the safety of user identity authentication so as to improve the safety of user identity authentication.
In order to solve the technical problems, the invention provides the following technical scheme:
in a first aspect, an embodiment of the present invention provides a method for improving security of user authentication, where the method is applied to a server, and the method includes:
sending verification information and prompt information to a terminal, wherein the prompt information is used for prompting a user to read out the verification information according to corresponding requirements;
acquiring voice data, wherein the voice data is acquired by the terminal;
identifying speech features in the speech data;
and generating an identity verification result according to the voice characteristics of the voice data and preset voice information.
In some embodiments, the voice feature includes text information of the voice data, the preset voice information includes preset text information, and the generating an authentication result according to the voice feature of the voice data and the preset voice information includes:
and calculating the matching degree of the voice characteristics of the voice data and the preset text information to obtain a first matching degree.
In some embodiments, the voice feature includes a reading mode of the voice data, the preset voice information includes a preset prompting mode, and generating the authentication result according to the voice feature of the voice data and the preset voice information includes:
and calculating the matching degree of the reading mode of the voice data and the preset prompting mode to obtain a second matching degree.
In some embodiments, the voice feature includes a voiceprint feature of the voice data, the preset voice message includes a preset voiceprint feature, and the generating an authentication result according to the voice feature of the voice data and the preset voice message includes:
and calculating the matching degree of the voiceprint features of the voice data and the preset voiceprint features to obtain a third matching degree.
In some embodiments, the generating an authentication result according to the voice feature of the voice data and preset voice information includes:
if the first matching degree reaches a first preset threshold, the second matching degree reaches a second preset threshold, and the third matching degree reaches a third preset threshold, generating an identity verification passing result;
otherwise, generating an identity authentication failure result.
In some embodiments, the method further comprises:
judging whether the sending time length of the verification information meets a preset sending condition or not;
and if so, updating the verification information and the prompt information.
In some embodiments, the preset sending condition includes a preset sending duration, and the determining whether the sending duration of the verification information satisfies the preset sending condition includes:
and judging whether the sending time length of the verification information is greater than or equal to the preset sending time length.
In some embodiments, the verification information is comprised of a plurality of characters arranged in a sequence, the method further comprising:
detecting whether characters in each order have been read out based on the voice data;
if so, the character that has been read is marked.
In a second aspect, an embodiment of the present invention provides an apparatus for improving security of user authentication, including:
the sending module is used for sending the verification information and the prompt information to the terminal, and the prompt information is used for prompting a user to read out the verification information according to corresponding requirements;
the terminal comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring voice data, and the voice data is acquired by the terminal;
the recognition module is used for recognizing the voice characteristics of the voice data;
and the generating module is used for generating an identity verification result according to the voice characteristics of the voice data and preset voice information.
In some embodiments, the apparatus further comprises:
a detection module for detecting whether the characters in each order have been read out according to the voice data;
and the marking module is used for marking the read characters.
In a third aspect, an embodiment of the present invention provides a server, where the server includes:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the memory stores a program of instructions executable by the at least one processor to cause the at least one processor to perform the method described above.
In a fourth aspect, an embodiment of the present invention provides a system for improving security of user authentication, including: the terminal equipment is used for acquiring voice data and displaying the verification information and the prompt information;
the memory is used for storing the verification information, the prompt information and the preset voice information;
the controller is used for receiving the voice data transmitted by the terminal equipment, analyzing the voice data and generating a verification result;
in some embodiments, the terminal device comprises:
a microphone for collecting the voice data;
and the display screen is used for displaying the verification information and the prompt information.
Based on the technical scheme, the embodiment of the invention provides a method for improving the security of user identity authentication, which is applied to a server, and the method comprises the steps of sending authentication information and prompt information to a terminal, wherein the prompt information is used for prompting the user to read out the authentication information according to corresponding requirements, then acquiring voice data, wherein the voice data is acquired by the terminal, then recognizing voice characteristics in the voice data, and finally generating an identity authentication result according to the voice characteristics of the voice data and preset voice information. The user must read out the relevant authentication information according to the requirement of the prompt message, and the voice characteristics of the generated voice data must be matched with the preset voice information to pass the user authentication, so the method can improve the security of the user authentication.
Drawings
One or more embodiments are illustrated by way of example in the accompanying drawings, which correspond to the figures in which like reference numerals refer to similar elements and which are not to scale unless otherwise specified.
Fig. 1 is a schematic diagram of an exemplary system structure of an embodiment of a method for improving user authentication security or an apparatus for improving user authentication security applied to the present invention;
fig. 2 is a schematic structural diagram of a system for improving user authentication security according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of an interface for user authentication according to an embodiment of the present invention;
FIG. 4 is a schematic interface diagram of a process for improving user authentication security according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a system for improving user authentication security according to another embodiment of the present invention;
fig. 6 is a schematic flow chart of a method for improving security of user authentication according to an embodiment of the present invention;
fig. 7 is a schematic flow chart of a method for improving security of user authentication according to another embodiment of the method of the present invention;
fig. 8 is a schematic flow chart of a method for improving the security of user authentication according to another embodiment of the method of the present invention;
FIG. 9 is a schematic flow chart of step 43 of FIG. 8;
fig. 10 is a schematic structural diagram of an apparatus for improving security of user authentication according to an embodiment of the present invention;
fig. 11 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The user identity authentication method provided by the embodiment of the invention can be executed in any suitable type of electronic equipment with processing and analyzing capabilities or computing capabilities, such as identity authentication equipment, servers, desktop computers, smart phones, tablet computers and other electronic products.
In some embodiments, the electronic device may be configured in any suitable shape and applied to any suitable service location, for example, the electronic device may be a device having a user authentication function, the device may perform a user authentication method as described below, when a user performs authentication through the user authentication device, it is necessary to read out relevant authentication information according to a prompt message requirement, and then the device collects voice data read out by the user, identifies voice features in the voice data, and matches with pre-stored preset voice information, if matching is successful, authentication is passed, and if matching is unsuccessful, authentication is not passed.
Referring to fig. 1, fig. 1 is a schematic diagram of an exemplary system structure of an embodiment of a method for improving user authentication security or an apparatus for improving user authentication security applied in the present invention. As shown in fig. 1, the system configuration 10 includes a terminal device 11, a server 12, and a network 13. The network 13 is a medium for providing a communication link between the terminal device 11 and the server 12. Network 13 may include various types of connections, such as wire, wireless communication links, or fiber optic cables.
A user may use terminal device 11 to interact with server 12 via network 13 to receive or send messages. The terminal device 11 may be any electronic device with a display screen, including but not limited to a smart phone, a tablet computer, a smart watch, an electronic reader, a smart appliance, AR/VR glasses, etc. The terminal device 11 may also be equipped with various user authentication applications, such as a human-computer interaction device and some selection buttons, and the terminal device 11 may also collect voice data and may transmit the voice data to the server 12.
The server 12 may be a server that locally stores data in response to terminal device requests. For example, verification information and prompt information are sent to the terminal device 11, so that the terminal device 11 displays the verification information, the prompt information may be displayed on the terminal device 11 or displayed to a user by another terminal device, the user requests to read out the verification information according to the prompt information in the prompt information, the terminal device 11 collects voice data read out by the user and transmits the voice data to the server 12, the server analyzes the voice data, identifies voice features of the voice data, thereby obtains the voice features of the voice data, further matches the voice features of the voice data with preset voice information stored inside, and generates a verification result according to the matching result, for example, the verification is passed or the verification is not passed.
The server 12 may also be a server that remotely obtains data from a third party server in response to a request from the terminal device 11. For example, when the user uses the terminal device 11 to transmit voice data, the server 12 remotely obtains preset voice information from a third-party server according to the voice data, further analyzes the voice data transmitted by the terminal device to obtain voice features in the voice data, matches the voice features of the voice data with the preset voice information, and generates a verification result.
It should be noted that, the method for improving the security of the user authentication provided by the embodiment of the present invention is generally executed by the server 12, and accordingly, the apparatus for improving the security of the user authentication is generally disposed in the server 12.
It should be understood that the number of terminal devices 11, servers 12, and networks 13 in fig. 1 is merely illustrative. There may be any number of terminal devices 11, servers 12, and networks 13, as desired for implementation.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a system 20 for improving user authentication security according to an embodiment of the present invention. As shown in fig. 2, the system for improving the security of user authentication includes a terminal device 21, a controller 22, and a memory 23.
The controller 22 includes the above-mentioned server, which is located at the network side and is a service device for providing services for users, where the server may be a physical server or a logical server formed by virtualizing a plurality of physical servers. The server may also be a server cluster formed by a plurality of servers capable of communicating with each other, and each functional module may be respectively distributed on each server in the server cluster.
The terminal device 21 includes a microphone 211 and a display screen 212, when user authentication is required, the controller 22 first sends authentication information and prompt information to the terminal device 21, the authentication information and the prompt information are stored in the memory 23, the terminal device 21 displays the authentication information and the prompt information through the display screen 212, wherein the authentication information and the prompt information can be displayed simultaneously or not simultaneously, for example, the authentication information is displayed first and then the prompt information is displayed, or the authentication information and the prompt information appear alternately, or the prompt information is displayed first and then the prompt information disappears or changes, then the authentication information appears again, or the authentication information is displayed first and the prompt information appears in a pop-up screen form, and the specific display mode can be set according to user requirements. The verification information can be numbers, letters, characters or other information which can be identified and read by a user, and the prompt information can be a sound recording, a static or dynamic picture, a short video, a video and other display modes, or prompt information can be obtained by answering some questions. For example: referring to fig. 3, after the user enters the authentication interface, the controller 22 sends a string of numbers "12345" to the terminal device 21, that is, the authentication information is "12345", and requests the user to read the string of numbers, a specific display interface may be as shown in fig. 3, please refer to fig. 4, and then the controller 22 sends a prompt message to the terminal device 21, where the prompt message is to select the middle number 3 to read slowly, or to select the number 2 to read again, and the prompt message may also appear together with or alternate with the authentication information "12345", and may be placed in parentheses or underlined or indicated in other ways in the prompt message, and the specific display interface may be as shown in fig. 4.
Referring to fig. 2, the user reads the verification information according to the requirement of the prompt information, the microphone 211 collects the voice data read by the user and transmits the voice data to the controller 22, the controller 22 first identifies the voice feature of the voice data to obtain the voice feature of the voice data, and then matches the voice feature of the voice data with the pre-stored preset voice information, wherein the preset voice information is correct voice data corresponding to the verification information read according to the prompt information and is stored in the memory 23, so that the controller 22 matches the identified voice feature with the preset voice information to determine whether the user correctly reads the verification information according to the prompt information. Specifically, the method comprises the following steps: the voice features of the voice data include text information of the voice data, the preset voice information includes preset text information, the controller 22 calculates a matching degree between the text information of the voice data and the preset text information to obtain a first matching degree, and then determines whether the first matching degree between the text information of the voice data and the preset text information reaches a first preset threshold, the larger the first preset threshold is, the higher the matching degree between the text information of the voice data and the preset text information is required to be, the smaller the first preset threshold is, the smaller the matching degree between the text information of the voice data and the preset text information is required to be, the larger the first matching degree is, the more the text information and the preset text information are matched, the smaller the first matching degree is, the more the text information and the preset text information are not matched. The voice characteristics further include a reading mode of the voice data, and the preset voice information further includes a preset prompting mode, so that the controller 22 further calculates a matching degree between the reading mode of the voice data and the preset prompting mode to obtain a second matching degree, and the preset prompting mode refers to a correct reading mode for reading the content information according to the prompting information, and includes a tone, a repetition mode, and the like. Then judging whether the second matching degree of the reading mode of the voice data and the preset prompting mode reaches a second preset threshold value or not, if the second matching degree of the reading mode of the voice data and the preset prompting mode reaches the second preset threshold value, the intonation or repetition pattern representing the voice data matches the read pattern required by the prompt message, the voice characteristics further include voice print characteristics of the voice data, the preset voice information further includes preset voice print characteristics, therefore, the controller 22 may further calculate a matching degree between the voiceprint feature of the voice data and the preset voiceprint feature to obtain a third matching degree, determine whether the third matching degree between the voiceprint feature of the voice data and the preset voiceprint feature reaches a third preset threshold, where the preset voiceprint feature is the voiceprint feature of the user, and if the third matching degree reaches the third preset threshold, represent that the acquired voice data is from the user. If the first matching degree reaches the first preset threshold, the second matching degree reaches the second preset threshold, and the third matching degree reaches the third preset threshold, the controller 22 generates an authentication passing result, and if one of the matching degrees does not reach the corresponding preset threshold, the controller 22 generates an authentication failing result, and the controller 22 may further transmit the authentication result to the display screen 212 of the terminal device 21, and the display screen 212 displays the authentication result to inform the user of the authentication result. Therefore, the user can read the verification information in real time according to the prompt information and can pass the verification only if the verification information is correctly read, so that the user identity verification system is safer, only devices such as a microphone, a display screen, a controller and the like are needed, the cost is lower, and the limitation on the network speed or the use scene is smaller.
In addition, the verification information is composed of a plurality of characters arranged in sequence, one character is arranged in each sequence, when the user reads the verification information, the microphone 211 collects voice data read by the user, when the controller 22 receives the voice data, whether the characters in each sequence are read or not is detected, if yes, the read characters are marked to be distinguished from the unread characters, and the user can be better reminded. The manner of marking is not limited, and the background color of the read character may be changed, or underlines may be drawn below the read character.
The verification information and the prompt information sent by the controller 22 are not fixed, but dynamically variable, and when a certain condition is reached, the controller 22 updates the verification information and the prompt information, specifically: after the controller 22 sends the verification information and the prompt information to the terminal device 21, the controller 22 may determine whether the sending time of the verification information satisfies a preset condition, if so, the controller 22 updates the verification information and the prompt information, and sends the updated verification information and the updated prompt information to the terminal device 21, if not, the controller 22 may not update the verification information and the updated prompt information, and continuously controls the display screen 212 of the terminal device 21 to display the original verification information and prompt information. The preset condition may be customized according to a user, in some embodiments, the preset condition includes a preset display duration, and the controller 22 determines whether the sending duration of the verification information is greater than or equal to the preset display duration, if so, the verification information and the prompt information are updated, and if not, the original verification information and the prompt information are continuously displayed.
The updated prompt information may be the same as or different from the original prompt information, for example: the information that needs to be read by the user is "1 a2b3 c" and the prompt information is "slow read 3" at the beginning of display, if the user does not speak the above content within a certain time, the verification information becomes another content, such as "9 q3 fu", and the prompt information to be retransmitted may be "slow read 3" or may be new prompt information different from the original prompt information.
The embodiment of the invention can enable the controller 22 to send the verification information and the prompt information to the terminal device 21, enable the display screen 212 of the terminal device 21 to display the verification information and the prompt information, then enable the user to read out the verification information according to the prompt information, enable the microphone 211 to collect the voice data read out by the user and transmit the voice data to the controller 22, enable the controller 22 to recognize the voice characteristics of the voice data according to the voice data, further obtain the voice characteristics of the voice data, further match the voice characteristics of the voice data with the preset voice information stored in the memory 23, and generate the identity verification result. The user must read out the relevant authentication information according to the requirement of the prompt message, and the voice characteristics of the voice data generated by the user must be matched with the preset voice information to ensure that the user authentication is passed, so that the method can improve the security of the user authentication.
Referring to fig. 5, an embodiment of the present invention provides another system for improving user authentication security, which is different from the above embodiment, in that the user authentication system 30 includes a first terminal device 31, a second terminal device 32, a controller 33 and a memory 34, where the first terminal device 31 and the second terminal device 32 are respectively connected to the controller 33, the first terminal device 31 includes a microphone 311 and a display 312, and the second terminal device 32 is various electronic devices with a display, including but not limited to a smart phone, a tablet computer, a smart watch, an electronic reader, a smart home appliance, AR/VR glasses, and the like.
As shown in fig. 5, if the user wants to perform authentication, the display screen 312 displays a user authentication interface, the controller 33 sends authentication information to the display screen 312 and sends prompt information to the second terminal device 32, the prompt information is used to inform the user of a request for reading the authentication information, the user obtains the prompt information through the second terminal device 32, that is, the user obtains the authentication information and the prompt information through two different terminal devices, for example, the authentication information is displayed on the display screen 312, the authentication information is "12345", then the controller 33 sends prompt information to the second terminal device 32, if the second terminal device is a mobile phone, the prompt information can inform the user in a call form, the user receives the call, the call content is that the user randomly takes 3 middle slow reads or selects 2 rereads, the prompt information does not appear together with the number "12345", or the controller 33 informs the user of the prompt information in the form of a short message. Then, the user reads out the verification information according to the prompt information requirement, the microphone 311 on the first terminal device 31 collects the read voice of the user, and transmits the voice data to the controller 33, the controller 33 recognizes the voice feature of the voice data to obtain the voice feature of the voice data, and then matches the voice feature of the voice data with the preset voice information in the memory 34, and a user verification result is generated according to the matching degree.
When the microphone 311 collects the read voice of the user, the controller 33 may also mark the verification information read by the user, and the marking may be performed in a color, underline, or comment, for example: as shown in fig. 4, the authentication information is a character string "12345", the prompt information is "please read this number slowly", and the prompt information is indicated under the number "3", when the user reads the number "2", the background color of the authentication information "12" that has been read changes, and the authentication information that has been read is marked with yellow in the drawing. This may enable the user to more clearly and quickly distinguish between read content and unread content.
The embodiment of the invention sends the verification information and the prompt information to two different terminal devices, thereby further improving the safety of user identity verification.
On the other hand, an embodiment of the present invention provides a method for improving security of user authentication, which is applied to a server, referring to fig. 6, as shown in fig. 6, the method 40 for improving security of user authentication may include the following steps:
and step 44, generating an identity verification result according to the voice characteristics of the voice data and preset voice information.
In some embodiments, referring to fig. 7, as shown in fig. 7, the method 40 for improving the security of user authentication further includes:
In some embodiments, referring to fig. 8, the user authentication method 40 further includes:
and 48, if so, updating the verification information and the prompt information.
In some embodiments, the speech feature includes text information of the speech data, the preset speech information includes preset text information, and step 44 includes:
step 441, calculating the matching degree of the text information of the voice data and the preset text information to obtain a first matching degree.
In some embodiments, the voice feature includes a reading mode of the voice data, the preset voice message includes a preset prompting mode, and step 44 further includes:
step 442, calculating the matching degree of the reading mode of the voice data and the preset prompting mode to obtain a second matching degree.
In some embodiments, the voice feature includes a voiceprint feature of the voice data, the preset voice information includes a preset voiceprint feature, and step 44 further includes:
and calculating the matching degree of the voiceprint features of the voice data and the preset voiceprint features to obtain a third matching degree.
In some embodiments, referring to fig. 9, as shown in fig. 9, step 44 further includes:
step 444, if the first matching degree reaches a first preset threshold, the second matching degree reaches a second preset threshold, and the third matching degree reaches a third preset threshold, generating an identity verification passing result;
The embodiment of the invention provides a user identity authentication method, which is applied to a server and is used for sending authentication information and prompt information to a terminal, wherein the prompt information is used for prompting a user to read out the authentication information according to corresponding requirements and then acquiring voice data, the voice data is acquired by the terminal, the voice characteristics of the voice data are identified to obtain the voice characteristics of the voice data, and finally, an identity authentication result is generated according to the voice characteristics of the voice data and preset voice information. The user must read out the relevant authentication information according to the requirement of the prompt message, and the generated voice data must be matched with the preset voice information to ensure that the user authentication is passed, so the method can improve the security of the user authentication.
Referring to fig. 10, fig. 10 is a schematic structural diagram of an apparatus for improving user authentication security according to an embodiment of the present invention, and as shown in the drawing, the apparatus 50 for improving user authentication security includes: a sending module 51, configured to send the verification information and the prompt information to the terminal, where the prompt information is used to prompt a user to read out the verification information according to a corresponding requirement; an obtaining module 52, configured to obtain voice data, where the voice data is collected by the terminal; the recognition module 53 is configured to recognize a voice feature of the voice data to obtain the voice feature of the voice data; and the generating module 54 is configured to generate an authentication result according to the voice feature of the voice data and preset voice information.
In some embodiments, as shown in fig. 10, the apparatus 50 for improving the security of user authentication further includes:
a detection module 55, configured to detect whether characters in each order have been read out according to the voice data;
a marking module 56 for marking the characters that have been read.
Referring to fig. 10, the apparatus 50 for improving the security of user authentication further includes:
a judging module 57, configured to judge whether a sending duration of the verification information meets a preset sending condition; an updating module 58, configured to update the verification information and the prompt information.
Continuing to refer to fig. 10, generation module 54 includes: a first calculating unit 541, configured to calculate a matching degree between the text information of the voice data and the preset text information, so as to obtain a first matching degree;
the second calculating unit 542 is configured to calculate a matching degree between the reading mode of the voice data and the preset prompting mode, so as to obtain a second matching degree;
a third calculating unit 543, configured to calculate a matching degree between a voiceprint feature of the voice data and the preset voiceprint feature, so as to obtain a third matching degree;
a first generating unit 544, configured to generate an identity verification passing result if the first matching degree reaches a first preset threshold, the second matching degree reaches a second preset threshold, and the third matching degree reaches a third preset threshold;
the second generating unit 545 is configured to generate a verification failure result.
It should be noted that, because the contents of information interaction, execution process, and the like between the modules in the apparatus are based on the same concept as the method embodiment of the present invention, specific contents may refer to the description in the method embodiment of the present invention, and are not described herein again.
The embodiment of the invention provides a device for improving the safety of user identity authentication, which sends authentication information and prompt information to a terminal, wherein the prompt information is used for prompting the user to read the authentication information according to corresponding requirements and then acquiring voice data, the voice data is acquired by the terminal, the voice characteristics of the voice data are identified to obtain the voice characteristics of the voice data, and finally, an identity authentication result is generated according to the voice characteristics of the voice data and preset voice information. The user must read out the relevant authentication information according to the requirement of the prompt message, and the generated voice data must be matched with the preset voice information to ensure that the user authentication is passed, so the method can improve the security of the user authentication.
Referring to fig. 11, fig. 11 is a schematic diagram of a hardware structure of an electronic device 60 for performing the method for improving the security of user authentication according to the embodiment of the present invention, as shown in fig. 11, the electronic device 60 includes:
one or more processors 61 and a memory 62, with one processor 61 being an example in fig. 11.
The processor 61 and the memory 62 may be connected by a bus or other means, and fig. 11 illustrates the connection by a bus as an example.
The memory 62 is a non-volatile computer-readable storage medium and can be used for storing non-volatile software programs, non-volatile computer-executable programs, and modules, such as program instructions/modules (for example, the modules shown in fig. 10) corresponding to the method for improving the security of user authentication in the embodiment of the present invention. The processor 61 executes various functional applications of the server and data processing by executing nonvolatile software programs, instructions and modules stored in the memory 62, that is, implements the user authentication method of the above-described method embodiment.
The memory 62 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created from use of a device that improves user authentication security, and the like. Further, the memory 62 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, the memory 62 may optionally include a memory located remotely from the processor 61, which may be connected to the user authentication device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 62, and when executed by the one or more processors 61, perform the user authentication method in any of the above-described method embodiments, for example, perform the method steps of fig. 6 to 9 described above, and implement the functions of the modules and units in fig. 10.
The product can execute the method provided by the embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method. For technical details that are not described in detail in this embodiment, reference may be made to the method provided by the embodiment of the present invention.
The electronic devices of embodiments of the present invention exist in a variety of forms, including but not limited to;
(1) the server is similar to a general computer architecture, but has higher requirements on processing capability, stability, reliability, safety, expandability, manageability and the like because of the need of providing highly reliable services.
(2) And other electronic devices with data interaction functions.
Embodiments of the present invention provide a non-transitory computer-readable storage medium storing computer-executable instructions for execution by one or more processors, e.g., to perform the method steps of fig. 6-9 described above, to implement the functions of the modules and units of fig. 10.
Embodiments of the present invention provide a computer program product comprising a computer program stored on a non-volatile computer-readable storage medium, the computer program comprising program instructions that, when executed by a computer, cause the computer to perform the method for improving user authentication security in any of the above-described method embodiments, for example, to perform the method steps of fig. 6 to 9 described above, and implement the functions of the modules and units in fig. 10.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
Through the above description of the embodiments, those skilled in the art will clearly understand that the embodiments may be implemented by software plus a general hardware platform, and may also be implemented by hardware. It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware related to instructions of a computer program, which can be stored in a computer readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-only memory (ROM), a Random Access Memory (RAM), or the like.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; within the idea of the invention, also technical features in the above embodiments or in different embodiments may be combined, steps may be implemented in any order, and there are many other variations of the different aspects of the invention as described above, which are not provided in detail for the sake of brevity; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (13)
1. A method for improving the security of user authentication is applied to a server, and is characterized in that the method comprises the following steps:
sending verification information and prompt information to a terminal, wherein the prompt information is used for prompting a user to read out the verification information according to corresponding requirements;
acquiring voice data, wherein the voice data is acquired by the terminal;
recognizing voice features in the voice data to obtain the voice features of the voice data;
and generating an identity verification result according to the voice characteristics of the voice data and preset voice information.
2. The method of claim 1, wherein the voice feature comprises text information of the voice data, the preset voice information comprises preset text information, and the generating the authentication result according to the voice feature of the voice data and the preset voice information comprises:
and calculating the matching degree of the text information of the voice data and the preset text information to obtain a first matching degree.
3. The method according to claim 2, wherein the voice feature comprises a reading mode of the voice data, the preset voice message comprises a preset prompting mode, and the generating the authentication result according to the voice feature of the voice data and the preset voice message comprises:
and calculating the matching degree of the reading mode of the voice data and the preset prompting mode to obtain a second matching degree.
4. The method according to claim 3, wherein the voice feature comprises a voiceprint feature of the voice data, the preset voice message comprises a preset voiceprint feature, and the generating the authentication result according to the voice feature of the voice data and the preset voice message comprises:
and calculating the matching degree of the voiceprint features of the voice data and the preset voiceprint features to obtain a third matching degree.
5. The method of claim 4, wherein the generating the authentication result according to the voice feature of the voice data and the preset voice message comprises:
if the first matching degree reaches a first preset threshold, the second matching degree reaches a second preset threshold, and the third matching degree reaches a third preset threshold, generating an identity verification passing result;
otherwise, generating an identity authentication failure result.
6. The method of claim 1, further comprising:
judging whether the sending time length of the verification information meets a preset sending condition or not;
and if so, updating the verification information and the prompt information.
7. The method according to claim 6, wherein the preset sending condition comprises a preset sending duration, and the determining whether the sending duration of the verification information satisfies the preset sending condition comprises:
and judging whether the sending time length of the verification information is greater than or equal to the preset sending time length.
8. The method according to any one of claims 1 to 7, wherein the authentication information is composed of a plurality of characters arranged in order, the method further comprising:
detecting whether characters in each order have been read out based on the voice data;
if so, the character that has been read is marked.
9. An apparatus for improving security of user authentication, the apparatus comprising:
the sending module is used for sending the verification information and the prompt information to the terminal, and the prompt information is used for prompting a user to read out the verification information according to corresponding requirements;
the terminal comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring voice data, and the voice data is acquired by the terminal;
the recognition module is used for recognizing the voice characteristics of the voice data;
and the generating module is used for generating an identity verification result according to the voice characteristics of the voice data and preset voice information.
10. The apparatus for improving security of user authentication according to claim 9, further comprising:
a detection module for detecting whether the characters in each order have been read out according to the voice data;
and the marking module is used for marking the read characters.
11. A server, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the memory stores a program of instructions executable by the at least one processor to cause the at least one processor to perform the method of user authentication of any one of claims 1-8.
12. A system for improving user authentication security, comprising:
the terminal equipment is used for acquiring voice data and displaying the verification information and the prompt information;
the memory is used for storing the verification information, the prompt information and the preset voice information; and
and the controller is used for receiving the voice data transmitted by the terminal equipment, analyzing the voice data and generating a verification result.
13. The system for improving user authentication security as claimed in claim 12, wherein the terminal device comprises:
a microphone for collecting the voice data;
and the display screen is used for displaying the verification information and the prompt information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910817139.8A CN110704822A (en) | 2019-08-30 | 2019-08-30 | Method, device, server and system for improving user identity authentication security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910817139.8A CN110704822A (en) | 2019-08-30 | 2019-08-30 | Method, device, server and system for improving user identity authentication security |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110704822A true CN110704822A (en) | 2020-01-17 |
Family
ID=69194180
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910817139.8A Pending CN110704822A (en) | 2019-08-30 | 2019-08-30 | Method, device, server and system for improving user identity authentication security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110704822A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111885178A (en) * | 2020-07-28 | 2020-11-03 | 北京中科麒麟信息工程有限责任公司 | External terminal protection equipment and protection system including voice information verification |
| CN112201245A (en) * | 2020-09-30 | 2021-01-08 | 中国银行股份有限公司 | Information processing method, device, equipment and storage medium |
| CN112397072A (en) * | 2021-01-18 | 2021-02-23 | 深圳市声扬科技有限公司 | Voice detection method and device, electronic equipment and storage medium |
| CN112530441A (en) * | 2020-10-23 | 2021-03-19 | 深圳市声扬科技有限公司 | Method and device for authenticating legal user, computer equipment and storage medium |
| CN113742697A (en) * | 2021-08-09 | 2021-12-03 | 杭州华橙软件技术有限公司 | Equipment ownership changing method, device, equipment and medium |
| CN113946260A (en) * | 2021-10-28 | 2022-01-18 | 支付宝(杭州)信息技术有限公司 | Data processing method, device and equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102708867A (en) * | 2012-05-30 | 2012-10-03 | 北京正鹰科技有限责任公司 | Method and system for identifying faked identity by preventing faked recordings based on voiceprint and voice |
| CN104348621A (en) * | 2013-08-02 | 2015-02-11 | 成都林海电子有限责任公司 | Authentication system based on voiceprint recognition and method thereof |
| CN104575492A (en) * | 2014-12-31 | 2015-04-29 | 深圳市航盛电子股份有限公司 | Voiceprint recognition method, device and keyless safety lock system and implementing method |
| CN106486113A (en) * | 2015-08-26 | 2017-03-08 | 重庆西线科技有限公司 | A kind of minutes method |
| CN107395352A (en) * | 2016-05-16 | 2017-11-24 | 腾讯科技(深圳)有限公司 | Personal identification method and device based on vocal print |
| US20180366125A1 (en) * | 2017-06-16 | 2018-12-20 | Alibaba Group Holding Limited | Voice identification feature optimization and dynamic registration methods, client, and server |
| CN109218269A (en) * | 2017-07-05 | 2019-01-15 | 阿里巴巴集团控股有限公司 | Identity authentication method, device, equipment and data processing method |
-
2019
- 2019-08-30 CN CN201910817139.8A patent/CN110704822A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102708867A (en) * | 2012-05-30 | 2012-10-03 | 北京正鹰科技有限责任公司 | Method and system for identifying faked identity by preventing faked recordings based on voiceprint and voice |
| CN104348621A (en) * | 2013-08-02 | 2015-02-11 | 成都林海电子有限责任公司 | Authentication system based on voiceprint recognition and method thereof |
| CN104575492A (en) * | 2014-12-31 | 2015-04-29 | 深圳市航盛电子股份有限公司 | Voiceprint recognition method, device and keyless safety lock system and implementing method |
| CN106486113A (en) * | 2015-08-26 | 2017-03-08 | 重庆西线科技有限公司 | A kind of minutes method |
| CN107395352A (en) * | 2016-05-16 | 2017-11-24 | 腾讯科技(深圳)有限公司 | Personal identification method and device based on vocal print |
| US20180366125A1 (en) * | 2017-06-16 | 2018-12-20 | Alibaba Group Holding Limited | Voice identification feature optimization and dynamic registration methods, client, and server |
| CN109218269A (en) * | 2017-07-05 | 2019-01-15 | 阿里巴巴集团控股有限公司 | Identity authentication method, device, equipment and data processing method |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111885178A (en) * | 2020-07-28 | 2020-11-03 | 北京中科麒麟信息工程有限责任公司 | External terminal protection equipment and protection system including voice information verification |
| CN112201245A (en) * | 2020-09-30 | 2021-01-08 | 中国银行股份有限公司 | Information processing method, device, equipment and storage medium |
| CN112201245B (en) * | 2020-09-30 | 2024-02-06 | 中国银行股份有限公司 | Information processing method, device, equipment and storage medium |
| CN112530441A (en) * | 2020-10-23 | 2021-03-19 | 深圳市声扬科技有限公司 | Method and device for authenticating legal user, computer equipment and storage medium |
| CN112397072A (en) * | 2021-01-18 | 2021-02-23 | 深圳市声扬科技有限公司 | Voice detection method and device, electronic equipment and storage medium |
| CN113742697A (en) * | 2021-08-09 | 2021-12-03 | 杭州华橙软件技术有限公司 | Equipment ownership changing method, device, equipment and medium |
| CN113946260A (en) * | 2021-10-28 | 2022-01-18 | 支付宝(杭州)信息技术有限公司 | Data processing method, device and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110704822A (en) | Method, device, server and system for improving user identity authentication security | |
| EP3451328B1 (en) | Method and apparatus for verifying information | |
| US9979721B2 (en) | Method, server, client and system for verifying verification codes | |
| CN104270404B (en) | A kind of login method and device based on terminal iidentification | |
| CN105404809B (en) | A kind of identity identifying method and user terminal | |
| WO2016165557A1 (en) | Method and device for realizing verification code | |
| US10789474B2 (en) | System, method and apparatus for displaying information | |
| US11404052B2 (en) | Service data processing method and apparatus and related device | |
| CN110392054A (en) | Log in method of calibration, device, system, equipment and readable storage medium storing program for executing | |
| CN109410675B (en) | Exercise recommendation method based on student portrait and family education equipment | |
| CN109194689B (en) | Abnormal behavior recognition method, device, server and storage medium | |
| CN108173835B (en) | Verification method, device, server and terminal | |
| CN110247898B (en) | Identity verification method, identity verification device, identity verification medium and electronic equipment | |
| CN107995170A (en) | Auth method, device, computer equipment and computer-readable recording medium | |
| CN109145590A (en) | A kind of function hook detection method, detection device and computer-readable medium | |
| CN111353140B (en) | Verification code generation and display method, device and system | |
| TW202042136A (en) | Mobile payment self-service signing method, device and system | |
| CN109995751B (en) | Internet access equipment marking method and device, storage medium and computer equipment | |
| CN107276962B (en) | Dynamic password voice authentication system capable of combining any gesture | |
| CN112992158A (en) | Identity authentication method and equipment | |
| CN106936840B (en) | Information prompting method and device | |
| CN111933133A (en) | Intelligent customer service response method and device, electronic equipment and storage medium | |
| CN112580762A (en) | Dynamic two-dimensional code and identification method and identification device thereof | |
| CN111078082A (en) | Point reading method based on image recognition and electronic equipment | |
| CN113836509B (en) | Information acquisition method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200117 |