CN110704867B - Integral anti-theft method, system, medium and device - Google Patents
Integral anti-theft method, system, medium and device Download PDFInfo
- Publication number
- CN110704867B CN110704867B CN201910842064.9A CN201910842064A CN110704867B CN 110704867 B CN110704867 B CN 110704867B CN 201910842064 A CN201910842064 A CN 201910842064A CN 110704867 B CN110704867 B CN 110704867B
- Authority
- CN
- China
- Prior art keywords
- target data
- client
- preset
- data
- integral
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0207—Discounts or incentives, e.g. coupons or rebates
- G06Q30/0208—Trade or exchange of goods or services in exchange for incentives or rewards
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention provides an integration anti-theft method, an integration anti-theft system, a medium and a device, wherein the method comprises the following steps: generating first preset number of target data, and establishing a one-to-one correspondence between the target data and service data; dividing the target data into partial target data of a preset part, and respectively inserting the partial target data into data of a preset integral deduction page or encrypting the partial target data and sending the partial target data to a client; and receiving target data acquired by the client, and generating early warning information when the target data acquired by the client exceeding a preset percentage in a preset time period cannot find one-to-one corresponding service data. The method, the system, the medium and the device for preventing the point from being stolen by a third party merchant under the condition that a user does not know, are used for preventing the third party merchant from stealing the point of the user based on the one-to-one correspondence between the target data and the service data, effectively reducing the point exchange risk and protecting the point asset security of the user.
Description
Technical Field
The invention relates to the technical field of integration, in particular to an integration anti-theft method, an integration anti-theft system, a medium and an integration anti-theft device.
Background
After the point exchange capability is developed into an industry capability from the inside of an organization, the point exchange capability becomes a standard capability of a plurality of enterprises, and is taken as a provider of the standard capability, the safety of point use scenes is managed, the foundation guarantee that the point exchange capability is moved out is formed, the background of each organization and company on the market is complex, the situation that the point exchange capability cannot be used by the third party can not be guaranteed, some irregular measures can be adopted, the use of the point is confused finally, the obstruction is brought to the movement of the point, the point exchange capability provider can timely find out irregular and illegal point use scenes of the third party merchant, and timely gives early warning, under the background, the point operation technology group is deeply researched, the irregular and illegal measures possibly adopted by the third party merchant are greatly influenced at present, the point of the user can not be guaranteed by the third party merchant, the point capability provided by the point company (comprising the point capability providing service end and the data acquisition analysis center) is packaged in the client, the point is not stolen, and the whole point is completely sensed by the user after the client is completely lost, and the app is completely lost, and the user is completely lost.
Therefore, it is desirable to be able to address how third party merchants are prevented from stealing user credits without the user's knowledge, preventing credit theft, and protecting the security of the user's credit assets.
Disclosure of Invention
In view of the above drawbacks of the prior art, the present invention is directed to providing an anti-theft method, system, medium and device for points, which are used for solving the problems of how to prevent third-party merchants from stealing the user points without the knowledge of the user, preventing the point from being stolen, and protecting the security of the user's point assets in the prior art.
To achieve the above and other related objects, the present invention provides an integration anti-theft method, comprising the steps of: generating first preset number of target data, and establishing a one-to-one correspondence between the target data and service data; dividing the target data into partial target data of a preset part, and respectively inserting the partial target data into data of a preset integral deduction page or encrypting the partial target data and sending the partial target data to a client; and receiving target data acquired by the client, and generating early warning information when the target data acquired by the client exceeding a preset percentage in a preset time period cannot find one-to-one corresponding service data.
In an embodiment of the present invention, the dividing the target data into partial target data of a predetermined portion, and inserting the partial target data into data of a predetermined point deduction page or encrypting and transmitting the partial target data to a client includes: dividing the target data into a second preset number of first partial target data, a third preset number of second partial target data and a fourth preset number of third partial target data; encrypting the first part of target data, and sending the encrypted first part of target data to a client to be inserted into a Cookie of the client; randomly inserting the second part of target data into a fifth preset number of html elements, wherein the fifth preset number is larger than or equal to a preset multiple of the third preset number, and the html elements exist in an integral deduction page; generating prefix IDs according to the fourth preset quantity by the third part of target data, and inserting the prefix IDs into the html hidden domain data of the integral deduction page; and sending the point deduction page to the client so as to enable the client to perform point exchange.
In an embodiment of the present invention, the service data is: order number, point redemption line number, point customer number or device number.
In one embodiment of the invention, the portion of target data is encrypted using a 3DES encryption algorithm.
In an embodiment of the invention, the preset percentage is 20%.
In an embodiment of the present invention, the method further includes sending the early warning information to a preset receiving end.
In order to achieve the above object, the present invention also provides an integration anti-theft system, comprising: the system comprises a corresponding module, an inserting module and an early warning module; the corresponding module is used for generating target data of a first preset quantity, and establishing a one-to-one correspondence between the target data and service data; the inserting module is used for dividing the target data into partial target data of a preset part, and inserting the partial target data into data of a preset integral deduction page respectively or encrypting the partial target data and sending the partial target data to a client; the early warning module is used for receiving target data collected by the client, and generating early warning information when the target data collected by the client exceeding a preset percentage in a preset time period cannot find one-to-one corresponding service data.
To achieve the above object, the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements any one of the above-described integration theft prevention methods.
In order to achieve the above object, the present invention also provides an integration anti-theft device, comprising: a processor and a memory; the memory is used for storing a computer program; the processor is connected with the memory and is used for executing the computer program stored in the memory so that the integral anti-theft device can execute any integral anti-theft method.
Finally, the present invention also provides an integration anti-theft system, comprising: the integration anti-theft device comprises the integration anti-theft device and a client; the client is used for collecting target data and sending the target data to the point anti-theft device.
As described above, the integration anti-theft method, system, medium and device have the following beneficial effects: the third-party merchant is prevented from stealing the user points under the condition that the user does not know, the point exchange risk is effectively reduced, and the point asset security of the user is protected.
Drawings
FIG. 1 is a flow chart of an integration anti-theft method according to an embodiment of the invention;
FIG. 2 is a flow chart of an integration anti-theft method according to the present invention in a further embodiment;
FIG. 3 is a schematic diagram of an integrated anti-theft system according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an anti-theft device according to an embodiment of the present invention;
fig. 5 is a schematic diagram of an integration anti-theft system according to another embodiment of the present invention.
Description of element reference numerals
31. Corresponding module
32. Plug-in module
33. Early warning module
41. Processor and method for controlling the same
42. Memory device
51. Integral anti-theft device
52. Client terminal
Detailed Description
Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be noted that the following embodiments and features in the embodiments may be combined with each other without conflict.
It should be noted that the illustrations provided in the following embodiments merely illustrate the basic concept of the present invention by way of illustration, so that only the components related to the present invention are shown in the drawings and are not drawn according to the number, shape and size of the components in actual implementation, the form, number and proportion of each component in actual implementation may be arbitrarily changed, and the layout of the components may be more complicated.
The method, the system, the medium and the device for preventing the point from being stolen effectively prevent third-party merchants from stealing the user points without the knowledge of the user, reduce the point exchange risk and protect the point asset security of the user.
As shown in fig. 1, in an embodiment, the method for integrating anti-theft according to the present invention includes the following steps:
and S11, generating target data of a first preset quantity, and establishing a one-to-one correspondence between the target data and service data.
Specifically, the target data is a number of randomly generated preset digits.
Specifically, the first preset number may be 11, 12, 13, 14, or 15.
Specifically, the service data is: order number, point redemption line number, point customer number or device number.
Specifically, a one-to-one correspondence is established between the target data and the service data, and a one-to-one correspondence is established between the target data and the service data.
And S12, dividing the target data into partial target data of a preset part, and respectively inserting the partial target data into data of a preset integral deduction page or encrypting and transmitting the partial target data to a client.
Specifically, the dividing the target data into partial target data of a preset part, and inserting the partial target data into data of a preset point deduction page or encrypting and sending the partial target data to a client side respectively includes: dividing the target data into a second preset number of first partial target data, a third preset number of second partial target data and a fourth preset number of third partial target data; encrypting the first part of target data, and sending the encrypted first part of target data to a client to be inserted into a Cookie of the client; randomly inserting the second part of target data into a fifth preset number of html elements, wherein the fifth preset number is larger than or equal to a preset multiple of the third preset number, and the html elements exist in an integral deduction page; generating prefix IDs according to the fourth preset quantity by the third part of target data, and inserting the prefix IDs into the html hidden domain data of the integral deduction page; and sending the point deduction page to the client so as to enable the client to perform point exchange.
Specifically, the first preset number of target data is 11. Dividing the target data into a second preset number of first partial target data, a third preset number of second partial target data and a fourth preset number of third partial target data. The second preset number is 1, the third preset number is 5, and the fourth preset number is 5. And encrypting the 1 first part of target data by adopting a 3DES encryption algorithm, and sending the encrypted first part of target data to a client. 3DES, also known as Triple DES, is a mode of DES (Data Encryption Algorithm) encryption algorithm that uses 3-bar 56-bit keys to encrypt data three times. The client inserts the first portion of target data into a Cookie. Cookies, sometimes also referred to as Cookies in their plural form, refer to data (typically encrypted) stored on a user's local terminal by some web sites for purposes of identifying the user's identity and performing session tracking. Specifically, the Cookie inserted into the first portion of target data is disguised as service data, and is named UserInfo. Randomly inserting the second part of target data with the third preset number of 5 into a fifth preset number of html elements, wherein the fifth preset number is larger than or equal to a preset multiple of the third preset number, and the html elements exist in an integral deduction page. For example, the third preset number is 5, and the preset multiple is 4 times, and the fifth preset number is greater than or equal to 20. An Html (an application under standard universal markup language) element refers to all codes from a start tag (start tag) to an end tag (end tag), an Html element starts with the start tag, an Html element ends with the end tag, the content of the element is between the start tag and the end tag, some Html elements have empty content (empty content), the empty element is closed in the start tag (end with the end of the start tag), and most Html elements may have attributes. Most html elements may be nested (other html elements may be included). An Html document is made up of nested Html elements. And randomly inserting the second part of target data with the third preset number of 5 into the fifth preset number of 20 html elements, namely selecting 5 html elements for insertion. The html element exists in an integral deduction page, and the integral deduction page is displayed on the client when the user exchanges the integral. The html elements may be pictures, tags, controls, etc. The html element, which is inserted with the third preset number 5 of second partial target data, but whose naming convention strictly follows the business convention and cannot be exposed by id, is assembled with target data. Then, the remaining 5 pieces of target data, that is, the fourth preset number of third portion of target data, generate a prefix ID according to the fourth preset number, for example, the fourth preset number is 5, and then add a value to the fixed prefix ID (this value refers to all the remaining target data numbers, for example, the fourth preset number is 5, and then this value is 5) to form an html hidden field. And randomly inserting the html hidden fields inserted into the fourth preset number of third partial target data into html codes of the integral deduction page. The hidden fields are not visible to the user in the page and the purpose of inserting the hidden fields in the form is to collect or send information to facilitate use by the program handling the form. When the browser clicks the send button to send the form, the information of the hidden field is also sent to the server together.
And S13, receiving target data acquired by the client, and generating early warning information when the target data acquired by the client exceeding a preset percentage in a preset time period cannot find one-to-one corresponding service data.
Specifically, the client searches target data in Cookie, html element and html hidden field. And receiving target data acquired by the client.
Specifically, the client searches target data in a Cookie, html element and html hidden domain through a first JS script, namely Javascript, wherein the Javascript is a script language developed by LiveScript of Netscape. The client acquires the target data and other data at the same time, and performs multi-layer processing such as sequencing, coding, encryption and the like on the acquired data to obtain processed data. The client acquires the integral anti-theft device and sends a second JS script, the processed data is decrypted and decoded through the second JS script, then target data is separated from the second JS script, and the separated target data is sent to a target data analysis center of the integral anti-theft device after being encoded and 3DES encrypted.
Specifically, the first JS script and the second JS script are both generated by the point anti-theft device, and sent to the client. The integral anti-theft device can perform irregular change and upgrade by continuously upgrading and editing the first JS script and the second JS script, increase interference elements, increase cracking complexity and prevent integral theft.
Specifically, the target data collected by the client is received, and whether the proportion of the service data which can not find one-to-one correspondence of the target data collected by the client is lower than 20% is judged within 5 minutes every interval. I.e. the preset time period is 5 minutes and the preset percentage is 20%. And when the proportion of the target data collected by the client in every five minutes is more than or equal to 20%, the service data corresponding to one cannot be found, and early warning information is generated. Thus timely controlling the integration anti-theft and reminding timely.
Specifically, the method further comprises the step of sending the early warning information to a preset receiving end.
Specifically, the message and the mail are sent to a preset receiving end. The preset receiving end is a preset mailbox and a mobile phone. Users of the mailbox and the mobile phone log in the target data analysis center to pull the service data details for research and judgment, and if the target data without reverse data marks are all of the same cooperative merchant and the qualification, grade and the like of the cooperative merchant are not clear, the users can judge the operations as point embezzlement, and perform one-key shutdown operation on the access rights of the cooperative merchant. Therefore, the use risk of the point exchange capability of the cooperative merchants can be effectively controlled, and the security of the point assets of the user is ensured.
As shown in fig. 2, in an embodiment, in the point anti-theft method of the present invention, a client (user app in fig. 2) displays a third party merchant service page, a user confirms whether to exchange points, if not, the third party merchant service end is sent a point exchange request if not, the third party merchant service end is checked for user identity, if the third party merchant service end is checked for user identity information, the client displays a point exchange page, and sends a request for user point exchange to the point anti-theft device (including a point capability providing service end and a data acquisition analysis center). The point capacity providing server of the point anti-theft device verifies payment information of third-party merchants, and after verification, first preset number of target data are generated, and a one-to-one correspondence relationship is established between the target data and service data; dividing the target data into partial target data of preset parts, and respectively inserting the partial target data into data of a preset integral deduction page or encrypting and transmitting the partial target data to a client (user app in fig. 2); the integrating capability providing server sends the one-to-one correspondence between the target data and the service data to a data acquisition and analysis center (the link for generating the target data and the service data shown in fig. 2). And the client displays the integral deduction page and sends a secondary authentication random code to the integral capacity providing server. And the integral capacity providing server verifies that the secondary authentication random code is correct, then carries out integral deduction, sends an integral deduction result to the client, and sends successful integral deduction to a third-party merchant server. And the third-party merchant server processes corresponding business for the user. The data acquisition and analysis center receives the target data acquired by the client, and generates short message early warning information when the target data acquired by the client exceeding 20% of the preset percentage in the preset time period cannot find one-to-one corresponding service data. The method is used for preventing the third-party merchant server (for the third-party merchant) from stealing the points of the user without the knowledge of the user. The third-party merchant packages the point capability provided by the point company in the client, the surface of the client is not abnormal, once the user installs the client, the client simulates the user behavior in the background to finish point deduction, and the user does not feel in the whole point embezzling process. The method can establish a one-to-one correspondence relationship based on the target data and the service data, and verify whether the point exchange is initiated by the user, so that the point exchange of the user is prevented from being stolen by a third-party merchant server under the condition that the user is unaware, and the point exchange is performed. Thus, the third-party merchant server is prevented from using the client app to simulate user behaviors in the background, for example, the third-party merchant server benefits the client app to send a point redemption request to the point capability providing server, and the user does not know the point redemption request at the moment and performs point deduction. However, the user does not know that the point deduction page is not generated at the client, and the client cannot send the collected target data to the data collection analysis center, so that the point exchange by the fake user at the third-party merchant server can be detected.
As shown in fig. 2, in one embodiment, the integrating anti-theft system of the present invention includes: the corresponding module 31, the inserting module 32 and the pre-warning module 33.
The corresponding module 31 is configured to generate a first preset number of target data, and establish a one-to-one correspondence between the target data and service data.
Specifically, the target data is a number of randomly generated preset digits.
Specifically, the first preset number may be 11, 12, 13, 14, or 15.
Specifically, the service data is: order number, point redemption line number, point customer number or device number.
Specifically, a one-to-one correspondence is established between the target data and the service data, and a one-to-one correspondence is established between the target data and the service data.
The inserting module 32 is configured to divide the target data into partial target data of a preset portion, and insert the partial target data into data of a preset point deduction page, or encrypt and send the partial target data to a client.
Specifically, the dividing the target data into partial target data of a preset part, and inserting the partial target data into data of a preset point deduction page or encrypting and sending the partial target data to a client side respectively includes: dividing the target data into a second preset number of first partial target data, a third preset number of second partial target data and a fourth preset number of third partial target data; encrypting the first part of target data, and sending the encrypted first part of target data to a client to be inserted into a Cookie of the client; randomly inserting the second part of target data into a fifth preset number of html elements, wherein the fifth preset number is larger than or equal to a preset multiple of the third preset number, and the html elements exist in an integral deduction page; generating prefix IDs according to the fourth preset quantity by the third part of target data, and inserting the prefix IDs into the html hidden domain data of the integral deduction page; and sending the point deduction page to the client so as to enable the client to perform point exchange.
Specifically, the first preset number of target data is 11. Dividing the target data into a second preset number of first partial target data, a third preset number of second partial target data and a fourth preset number of third partial target data. The second preset number is 1, the third preset number is 5, and the fourth preset number is 5. And encrypting the 1 first part of target data by adopting a 3DES encryption algorithm, and sending the encrypted first part of target data to a client. 3DES, also known as Triple DES, is a mode of DES (Data Encryption Algorithm) encryption algorithm that uses 3-bar 56-bit keys to encrypt data three times. The client inserts the first portion of target data into a Cookie. Cookies, sometimes also referred to as Cookies in their plural form, refer to data (typically encrypted) stored on a user's local terminal by some web sites for purposes of identifying the user's identity and performing session tracking. Specifically, the Cookie inserted into the first portion of target data is disguised as service data, and is named UserInfo. Randomly inserting the second part of target data with the third preset number of 5 into a fifth preset number of html elements, wherein the fifth preset number is larger than or equal to a preset multiple of the third preset number, and the html elements exist in an integral deduction page. For example, the third preset number is 5, and the preset multiple is 4 times, and the fifth preset number is greater than or equal to 20. An Html (an application under standard universal markup language) element refers to all codes from a start tag (start tag) to an end tag (end tag), an Html element starts with the start tag, an Html element ends with the end tag, the content of the element is between the start tag and the end tag, some Html elements have empty content (empty content), the empty element is closed in the start tag (end with the end of the start tag), and most Html elements may have attributes. Most html elements may be nested (other html elements may be included). An Html document is made up of nested Html elements. And randomly inserting the second part of target data with the third preset number of 5 into the fifth preset number of 20 html elements, namely selecting 5 html elements for insertion. The html element exists in an integral deduction page, and the integral deduction page is displayed on the client when the user exchanges the integral. The html elements may be pictures, tags, controls, etc. The html element, which is inserted with the third preset number 5 of second partial target data, but whose naming convention strictly follows the business convention and cannot be exposed by id, is assembled with target data. Then, the remaining 5 pieces of target data, that is, the fourth preset number of third portion of target data, generate a prefix ID according to the fourth preset number, for example, the fourth preset number is 5, and then add a value to the fixed prefix ID (this value refers to all the remaining target data numbers, for example, the fourth preset number is 5, and then this value is 5) to form an html hidden field. And randomly inserting the html hidden fields inserted into the fourth preset number of third partial target data into html codes of the integral deduction page. The hidden fields are not visible to the user in the page and the purpose of inserting the hidden fields in the form is to collect or send information to facilitate use by the program handling the form. When the browser clicks the send button to send the form, the information of the hidden field is also sent to the server together.
The early warning module 33 is configured to receive target data collected by the client, and generate early warning information when target data collected by the client exceeding a preset percentage in a preset time period cannot find one-to-one corresponding service data.
Specifically, the client searches target data in Cookie, html element and html hidden field. Receiving target data collected by the client,
specifically, the client searches target data in a Cookie, html element and html hidden domain through a first JS script, namely Javascript, wherein the Javascript is a script language developed by LiveScript of Netscape. The client acquires the target data and other data through the first JS script, and performs multi-layer processing such as sequencing, coding, encryption and the like on the acquired data to obtain processed data. The client acquires the integral anti-theft device and sends a second JS script, the processed data is decrypted and decoded through the second JS script, then target data is separated from the second JS script, and the separated target data is sent to a target data analysis center of the integral anti-theft device after being encoded and 3DES encrypted.
Specifically, the target data collected by the client is received, and whether the proportion of the service data which can not find one-to-one correspondence of the target data collected by the client is lower than 20% is judged within 5 minutes every interval. I.e. the preset time period is 5 minutes and the preset percentage is 20%. And when the proportion of the target data collected by the client in every five minutes is more than or equal to 20%, the service data corresponding to one cannot be found, and early warning information is generated. Thus timely controlling the integration anti-theft and reminding timely.
Specifically, the method further comprises the step of sending the early warning information to a preset receiving end.
Specifically, the message and the mail are sent to a preset receiving end. The preset receiving end is a preset mailbox and a mobile phone. Users of the mailbox and the mobile phone log in the target data analysis center to pull the service data details for research and judgment, and if the target data without reverse data marks are all of the same cooperative merchant and the qualification, grade and the like of the cooperative merchant are not clear, the users can judge the operations as point embezzlement, and perform one-key shutdown operation on the access rights of the cooperative merchant. Therefore, the use risk of the point exchange capability of the cooperative merchants can be effectively controlled, and the security of the point assets of the user is ensured.
It should be noted that, it should be understood that the division of the modules of the above system is merely a division of a logic function, and may be fully or partially integrated into a physical entity or may be physically separated. And these modules may all be implemented in software in the form of calls by the processing element; or can be realized in hardware; the method can also be realized in a form of calling software by a processing element, and the method can be realized in a form of hardware by a part of modules. For example, the x module may be a processing element that is set up separately, may be implemented in a chip of the apparatus, or may be stored in a memory of the apparatus in the form of program code, and the function of the x module may be called and executed by a processing element of the apparatus. The implementation of the other modules is similar. In addition, all or part of the modules can be integrated together or can be independently implemented. The processing element described herein may be an integrated circuit having signal processing capabilities. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in a software form.
For example, the modules above may be one or more integrated circuits configured to implement the methods above, such as: one or more application specific integrated circuits (Application Specific Integrated Circuit, abbreviated as ASIC), or one or more microprocessors (Digital Singnal Processor, abbreviated as DSP), or one or more field programmable gate arrays (Field Programmable Gate Array, abbreviated as FPGA), or the like. For another example, when a module above is implemented in the form of a processing element scheduler code, the processing element may be a general-purpose processor, such as a central processing unit (Central Processing Unit, CPU) or other processor that may invoke the program code. For another example, the modules may be integrated together and implemented in the form of a system-on-a-chip (SOC).
In an embodiment of the present invention, the present invention further includes a computer readable storage medium having a computer program stored thereon, which when executed by a processor, implements any of the above-described methods for integral theft protection.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the method embodiments described above may be performed by computer program related hardware. The aforementioned computer program may be stored in a computer readable storage medium. The program, when executed, performs steps including the method embodiments described above; and the aforementioned storage medium includes: various media that can store program code, such as ROM, RAM, magnetic or optical disks.
As shown in fig. 3, in one embodiment, the integral anti-theft device of the present invention includes: a processor 41 and a memory 42; the memory 42 is used for storing a computer program; the processor 41 is connected to the memory 42 for executing a computer program stored in the memory 42 for causing the integral theft prevention apparatus to execute any one of the integral theft prevention methods.
Specifically, the memory 42 includes: various media capable of storing program codes, such as ROM, RAM, magnetic disk, U-disk, memory card, or optical disk.
Preferably, the processor 41 may be a general-purpose processor, including a central processing unit (Central Processing Unit, abbreviated as CPU), a network processor (Network Processor, abbreviated as NP), etc.; but also digital signal processors (Digital Signal Processor, DSP for short), application specific integrated circuits (Application Specific Integrated Circuit, ASIC for short), field programmable gate arrays (Field Programmable Gate Array, FPGA for short) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
As shown in fig. 4, in an embodiment, the anti-theft system for integration according to the present invention includes the anti-theft device 51 and the client 52.
The client 52 is configured to collect target data and send the target data to the point anti-theft device 51.
Specifically, the client 52 looks for target data in Cookie, html elements, and html hidden fields. The point anti-theft device 51 is configured to receive target data collected by the client 52,
specifically, the client 52 searches for target data in the Cookie, html element and html hidden fields through the first JS script, where JS is Javascript, and Javascript is a script language developed by LiveScript of Netscape. The client 52 collects the target data and other data through the first JS script, and performs multi-layer processing such as ordering, encoding, encrypting and the like on the collected data to obtain processed data. The client 52 obtains the integration anti-theft device 51, sends the second JS script, decrypts and decodes the processed data through the second JS script, separates the target data from the decrypted data, encodes and encrypts the separated target data again, and sends the encoded target data to the target data analysis center of the integration anti-theft device 51.
Specifically, the first JS script and the second JS script are both generated by the anti-theft device for integration 51, and sent to the client 52. The integration anti-theft device 51 can perform irregular changes and upgrades by continuously upgrading and editing the first JS script and the second JS script, and increase interference elements, increase the complexity of cracking, and prevent integration theft.
In summary, the method, the system, the medium and the device for preventing the point theft effectively prevent third-party merchants from stealing the user points without the knowledge of the user, reduce the point exchange risk and protect the point asset security of the user. Therefore, the invention effectively overcomes various defects in the prior art and has high industrial utilization value.
The above embodiments are merely illustrative of the principles of the present invention and its effectiveness, and are not intended to limit the invention. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the invention. Accordingly, it is intended that all equivalent modifications and variations of the invention be covered by the claims, which are within the ordinary skill of the art, be within the spirit and scope of the present disclosure.
Claims (10)
1. An integral anti-theft method is characterized by comprising the following steps:
generating first preset number of target data, and establishing a one-to-one correspondence between the target data and service data;
dividing the target data into partial target data of a preset part, and respectively inserting the partial target data into data of a preset integral deduction page or encrypting the partial target data and sending the partial target data to a client; the client displays an integral deduction page and sends a secondary authentication random code to an integral capacity providing server; the integral capacity providing server verifies that the secondary authentication random code is correct, then carries out integral deduction, sends an integral deduction result to the client, and sends successful integral deduction to a third-party merchant server;
receiving target data acquired by the client, generating early warning information when the target data acquired by the client exceeding a preset percentage in a preset time period cannot find one-to-one corresponding service data, and transmitting the early warning information to a preset receiving end;
the client addresses the targeting data in Cookie, html element and html hidden domain through a first script; the first script is generated for the point anti-theft device and sent to the client.
2. The method of claim 1, wherein dividing the target data into partial target data of a predetermined portion, and inserting each of the partial target data into data of a predetermined point deduction page or encrypting and transmitting the partial target data to a client comprises:
dividing the target data into a second preset number of first partial target data, a third preset number of second partial target data and a fourth preset number of third partial target data;
encrypting the first part of target data, and sending the encrypted first part of target data to a client to be inserted into a Cookie of the client;
randomly inserting the second part of target data into a fifth preset number of html elements, wherein the fifth preset number is larger than or equal to a preset multiple of the third preset number, and the html elements exist in an integral deduction page;
generating prefix IDs according to the fourth preset quantity by the third part of target data, and inserting the prefix IDs into the html hidden domain data of the integral deduction page;
and sending the point deduction page to the client so as to enable the client to perform point exchange.
3. The method for point theft protection according to claim 2, wherein the service data is: order number, point redemption line number, point customer number or device number.
4. The method of claim 1, wherein the portion of the target data is encrypted using a 3DES encryption algorithm.
5. The method of claim 1, wherein the predetermined percentage is 20%.
6. The method for preventing burglary by integration according to claim 1, further comprising sending the early warning information to a preset receiving end.
7. An integral anti-theft system, comprising: the system comprises a corresponding module, an inserting module and an early warning module;
the corresponding module is used for generating target data of a first preset quantity, and establishing a one-to-one correspondence between the target data and service data;
the inserting module is used for dividing the target data into partial target data of a preset part, and inserting the partial target data into data of a preset integral deduction page respectively or encrypting the partial target data and sending the partial target data to a client; the client displays an integral deduction page and sends a secondary authentication random code to an integral capacity providing server; the integral capacity providing server verifies that the secondary authentication random code is correct, then carries out integral deduction, sends an integral deduction result to the client, and sends successful integral deduction to a third-party merchant server;
the early warning module is used for receiving target data acquired by the client, generating early warning information when the target data acquired by the client exceeding a preset percentage in a preset time period cannot find one-to-one corresponding service data, and sending the early warning information to a preset receiving end;
the client addresses the targeting data in Cookie, html element and html hidden domain through a first script; the first script is generated for the point anti-theft device and sent to the client.
8. A computer-readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the integration theft protection method according to any one of claims 1 to 6.
9. An integral anti-theft device, comprising: a processor and a memory;
the memory is used for storing a computer program;
the processor is connected to the memory for executing a computer program stored by the memory for causing the integration anti-theft device to perform the integration anti-theft method of any one of claims 1 to 6.
10. An integral anti-theft system, comprising the integral anti-theft device and a client of claim 9; the client is used for collecting target data and sending the target data to the point anti-theft device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910842064.9A CN110704867B (en) | 2019-09-06 | 2019-09-06 | Integral anti-theft method, system, medium and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910842064.9A CN110704867B (en) | 2019-09-06 | 2019-09-06 | Integral anti-theft method, system, medium and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110704867A CN110704867A (en) | 2020-01-17 |
| CN110704867B true CN110704867B (en) | 2023-06-16 |
Family
ID=69194415
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910842064.9A Active CN110704867B (en) | 2019-09-06 | 2019-09-06 | Integral anti-theft method, system, medium and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110704867B (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7006993B1 (en) * | 1999-05-28 | 2006-02-28 | The Coca-Cola Company | Method and apparatus for surrogate control of network-based electronic transactions |
| CN101393631A (en) * | 2007-09-19 | 2009-03-25 | 麦比罗株式会社 | Integration method employing mobile communication terminal |
| CN101751635A (en) * | 2008-12-22 | 2010-06-23 | 中国移动通信集团辽宁有限公司 | Point reward exchanging system, device and method |
| CN102968736A (en) * | 2012-11-20 | 2013-03-13 | 北京思特奇信息技术股份有限公司 | Credits exchange method and system |
| CN104200375A (en) * | 2014-08-18 | 2014-12-10 | 中国建设银行股份有限公司 | Information processing method and information processing system for exchanging credits |
| CN104778584A (en) * | 2015-03-31 | 2015-07-15 | 杨欲奇 | Commodity exchange method and system |
| KR20160014799A (en) * | 2014-07-28 | 2016-02-12 | 원투씨엠 주식회사 | Method for Providing Exchanging Right by using Touch Module |
| CN105574738A (en) * | 2015-12-15 | 2016-05-11 | 武汉德瑞斯商贸有限公司 | Cross-platform integral exchange system |
| CN106790056A (en) * | 2016-12-20 | 2017-05-31 | 中国科学院苏州生物医学工程技术研究所 | Reduce the method and system of the data theft risk of data bank |
| US9972047B1 (en) * | 2008-04-18 | 2018-05-15 | Capital One Services, Llc | Systems and methods for performing a purchase transaction using rewards points |
| CN108683666A (en) * | 2018-05-16 | 2018-10-19 | 新华三信息安全技术有限公司 | A kind of web page identification method and device |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040107135A1 (en) * | 2002-12-03 | 2004-06-03 | Craig Deatherage | Electronic coupon distribution and redemption system and method |
| CA2516402A1 (en) * | 2003-02-28 | 2004-09-10 | Yasushi Shiomi | Calculation device and method and point or coupon service system |
| US20170011387A1 (en) * | 2015-07-08 | 2017-01-12 | Outerwall Inc. | Systems and associated methods for exchanging gift cards |
| US10498761B2 (en) * | 2016-08-23 | 2019-12-03 | Duo Security, Inc. | Method for identifying phishing websites and hindering associated activity |
-
2019
- 2019-09-06 CN CN201910842064.9A patent/CN110704867B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7006993B1 (en) * | 1999-05-28 | 2006-02-28 | The Coca-Cola Company | Method and apparatus for surrogate control of network-based electronic transactions |
| CN101393631A (en) * | 2007-09-19 | 2009-03-25 | 麦比罗株式会社 | Integration method employing mobile communication terminal |
| US9972047B1 (en) * | 2008-04-18 | 2018-05-15 | Capital One Services, Llc | Systems and methods for performing a purchase transaction using rewards points |
| CN101751635A (en) * | 2008-12-22 | 2010-06-23 | 中国移动通信集团辽宁有限公司 | Point reward exchanging system, device and method |
| CN102968736A (en) * | 2012-11-20 | 2013-03-13 | 北京思特奇信息技术股份有限公司 | Credits exchange method and system |
| KR20160014799A (en) * | 2014-07-28 | 2016-02-12 | 원투씨엠 주식회사 | Method for Providing Exchanging Right by using Touch Module |
| CN104200375A (en) * | 2014-08-18 | 2014-12-10 | 中国建设银行股份有限公司 | Information processing method and information processing system for exchanging credits |
| CN104778584A (en) * | 2015-03-31 | 2015-07-15 | 杨欲奇 | Commodity exchange method and system |
| CN105574738A (en) * | 2015-12-15 | 2016-05-11 | 武汉德瑞斯商贸有限公司 | Cross-platform integral exchange system |
| CN106790056A (en) * | 2016-12-20 | 2017-05-31 | 中国科学院苏州生物医学工程技术研究所 | Reduce the method and system of the data theft risk of data bank |
| CN108683666A (en) * | 2018-05-16 | 2018-10-19 | 新华三信息安全技术有限公司 | A kind of web page identification method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110704867A (en) | 2020-01-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108681853B (en) | Logistics information transmission method, system and device based on block chain | |
| CN110036613B (en) | System and method for providing identity authentication for decentralized applications | |
| US8608487B2 (en) | Phishing redirect for consumer education: fraud detection | |
| CN108734028B (en) | Data management method based on block chain, block chain link point and storage medium | |
| CN1909447B (en) | Method for network data communication by using dynamic encryption algorithm | |
| CN109412812B (en) | Data security processing system, method, device and storage medium | |
| EP2924916A1 (en) | Security scheme for authenticating digital entities and aggregate object origins | |
| CN112333198A (en) | Secure cross-domain login method, system and server | |
| CN108073821B (en) | Data security processing method and device | |
| JP2013512503A (en) | Secure mobile payment processing | |
| CN110688662A (en) | Sensitive data desensitization and inverse desensitization method and electronic equipment | |
| WO2011082082A1 (en) | System and method for securing data | |
| WO2012045128A1 (en) | System and method of conducting transactions | |
| CN102223354B (en) | Network payment authentication method, server and system | |
| CN104794626B (en) | A kind of method for anti-counterfeit and device based on hardware information | |
| WO2017157185A1 (en) | Method and device for linking to account and providing service process | |
| CN104199657A (en) | Call method and device for open platform | |
| CN111914279B (en) | Efficient and accurate privacy intersection system, method and device | |
| CN105591746B (en) | A kind of processing method and processing system of online binding accepting terminal | |
| CN109872223B (en) | Virtual article transaction method, device, equipment and storage medium | |
| CN110704867B (en) | Integral anti-theft method, system, medium and device | |
| CN109871703B (en) | Big data transaction management method, device, storage medium and server | |
| TW201619880A (en) | Network authentication method using card device | |
| CN110070448B (en) | Electronic policy processing method and server | |
| CN111582954A (en) | False data identification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 3011A, 3rd Floor, No. 379 and 383 Quyang Road, Hongkou District, Shanghai, 200081 Applicant after: Yijifen (Shanghai) Digital Technology Co.,Ltd. Address before: Room 3011A, 3rd Floor, No. 379 and 383 Quyang Road, Hongkou District, Shanghai 200080 Applicant before: Yijifen e-commerce (Shanghai) Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |