CN110738503B

CN110738503B - Identity verification method and device

Info

Publication number: CN110738503B
Application number: CN201911002071.4A
Authority: CN
Inventors: 罗路遥
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2019-10-21
Filing date: 2019-10-21
Publication date: 2022-09-09
Anticipated expiration: 2039-10-21
Also published as: CN110738503A

Abstract

The embodiment of the specification provides an identity authentication method and an identity authentication device, wherein the identity authentication method comprises the following steps: acquiring target face image information of a target user; performing identity verification on the target user based on the target face image information; under the condition of failed verification, acquiring an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type by the target user; decoding the identity characteristic character string to generate decoded identity information corresponding to the at least one identity information type; and performing identity verification on the target user based on the decoded identity information, and returning a verification result to the target user.

Description

Identity verification method and device

Technical Field

The embodiment of the specification relates to the technical field of face recognition, in particular to an identity verification method. One or more embodiments of the present specification also relate to an authentication apparatus, an information encoding method, an information encoding apparatus, two computing devices, and two computer-readable storage media.

Background

Face recognition is a biometric technology for identity recognition based on facial feature information of a person. A series of related technologies, also commonly called face recognition and face recognition, are used to collect images or video streams containing faces by using a camera or a video camera, automatically detect and track the faces in the images, and then perform face recognition on the detected faces. The face recognition system takes a face recognition technology as a core, widely adopts a regional characteristic analysis algorithm, integrates a computer image processing technology and a biological statistics principle, extracts a face characteristic point from a video by using the computer image processing technology, analyzes and establishes a mathematical model by using the biological statistics principle, and has wide development prospect.

With the development of face recognition technology, face recognition technology has been applied to various fields. The face-brushing payment based on the face recognition is a novel payment means of the current offline scene, and particularly, a commodity payment system capable of recognizing the face features is adopted in a market or a supermarket so as to reduce the queuing and closing time of customers and improve the payment speed. However, with the improvement of safety awareness of people, under the condition that the payment fails by adopting face recognition, how to perform identity verification through other information to ensure the security of the payment becomes a problem of great concern of people.

Disclosure of Invention

In view of this, the embodiments of the present disclosure provide an identity authentication method. One or more embodiments of the present disclosure also relate to an authentication apparatus, an information encoding method, an information encoding apparatus, two computing devices, and two computer-readable storage media, so as to solve the technical defects in the prior art.

According to a first aspect of embodiments herein, there is provided an identity verification method, comprising:

acquiring target face image information of a target user;

performing identity verification on the target user based on the target face image information;

under the condition of failed verification, acquiring an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type by the target user;

decoding the identity characteristic character string to generate decoded identity information corresponding to the at least one identity information type;

and performing identity authentication on the target user based on the decoded identity information, and returning an authentication result to the target user.

Optionally, the authenticating the target user based on the target face image information includes:

acquiring historical face image information of at least one historical user stored in a database;

matching the target face image information with the historical face image information to obtain a matching result;

sending prompt information for inputting a mobile phone number associated with a payment platform to the target user under the condition that the matching result is that the matching fails;

acquiring a registered account of the target user on the payment platform according to the mobile phone number, and acquiring registered face image information associated with the registered account;

and performing identity verification on the target user based on the target face image information and the registered face image information.

Optionally, the decoding the identity feature character string to generate decoded identity information corresponding to the at least one identity information type includes:

acquiring a preset encoding rule of initial identity information corresponding to the at least one identity information type associated with the registered account;

determining a decoding rule corresponding to the preset encoding rule;

and decoding the identity characteristic character string according to the decoding rule to generate decoding identity information corresponding to the at least one identity information type.

Optionally, the authenticating the target user based on the decoded identity information and returning an authentication result to the target user includes:

acquiring initial identity information which is associated in the registered account and corresponds to the at least one identity information type;

judging whether the decoding identity information is consistent with the initial identity information;

if yes, returning prompt information of successful verification to the target user;

if not, returning prompt information of verification failure to the target user.

Optionally, the authenticating the target user based on the target face image information and the registered face image information includes:

calculating the similarity between the target face image information and the registered face image information;

if the similarity is larger than a preset similarity threshold, the verification is successful;

and if the similarity is smaller than the preset similarity threshold, the verification fails.

Optionally, the identity character string is generated by:

acquiring and storing registered face image information of the target user;

under the condition that the registered face image information is acquired, sending an initial identity information input request to the target user, wherein the initial identity information input request comprises at least one selectable identity information type;

detecting the identity information type selected by the target user, and acquiring initial identity information which is input by the target user and corresponds to the identity information type and an information coding rule of the initial identity information;

encoding the initial identity information based on the information encoding rule and outputting an information encoding result;

and associating and storing the registered face image information, the initial identity information and the information coding result of the initial identity information with a registered account of the target user on the payment platform.

Optionally, the detecting the identity information type selected by the target user, and obtaining initial identity information corresponding to the identity information type and an information encoding rule of the initial identity information, which are input by the target user, includes:

detecting the identity information type selected by the target user;

determining and displaying an information coding rule template corresponding to the identity information type according to the identity information type;

and acquiring initial identity information corresponding to the identity information type and input by the target user and an information encoding rule of the initial identity information selected based on the information encoding rule template.

Optionally, after the step of detecting the identity information type selected by the target user, and acquiring the initial identity information corresponding to the identity information type and the information encoding rule of the initial identity information input by the target user is executed, before the step of encoding the initial identity information based on the information encoding rule and outputting an information encoding result is executed, the method further includes:

calculating the complexity of the information coding rule;

determining a preset information coding rule complexity threshold corresponding to the identity information type;

judging whether the complexity is greater than or equal to a complexity threshold of the preset information coding rule;

and if so, executing the steps of encoding the initial identity information based on the information encoding rule and outputting an information encoding result.

According to a second aspect of embodiments herein, there is provided an information encoding method including:

acquiring and storing registered face image information of a target user;

detecting the identity information type selected by the target user, and acquiring initial identity information corresponding to the identity information type and an information coding rule of the initial identity information, which are input by the target user;

and associating and storing the registered face image information, the initial identity information and the information coding result of the initial identity information with a registered account of the target user on a payment platform.

Optionally, the detecting an identity information type selected by the target user, and obtaining initial identity information corresponding to the identity information type and an information encoding rule of the initial identity information, which are input by the target user, includes:

detecting the identity information type selected by the target user;

calculating the complexity of the information coding rule;

determining a preset information coding rule complexity threshold value corresponding to the identity information type;

and if so, executing the step of encoding the initial identity information based on the information encoding rule and outputting an information encoding result.

According to a third aspect of embodiments herein, there is provided an authentication apparatus comprising:

the first information acquisition module is configured to acquire target face image information of a target user;

a first authentication module configured to authenticate the target user based on the target face image information;

under the condition that the verification fails, operating a character string acquisition module;

the character string acquisition module is configured to acquire an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type by the target user;

a decoding module configured to decode the identity character string to generate decoded identity information corresponding to the at least one identity information type;

and the second identity authentication module is configured to authenticate the target user based on the decoded identity information and return an authentication result to the target user.

According to a fourth aspect of embodiments herein, there is provided an information encoding apparatus including:

the second information acquisition module is configured to acquire and store registered face image information of a target user;

under the condition that the registered face image information is acquired, operating an information input request sending module;

the information input request sending module is configured to send an initial identity information input request to the target user, wherein the initial identity information input request comprises at least one selectable identity information type;

the information coding rule acquisition module is configured to detect the identity information type selected by the target user and acquire initial identity information corresponding to the identity information type and an information coding rule of the initial identity information, which are input by the target user;

the encoding module is configured to encode the initial identity information based on the information encoding rule and output an information encoding result;

and the association module is configured to associate and store the registered facial image information, the initial identity information and the information coding result of the initial identity information with the registered account of the target user on a payment platform.

According to a fifth aspect of embodiments herein, there is provided a computing device comprising:

a memory and a processor;

the memory is to store computer-executable instructions, and the processor is to execute the computer-executable instructions to:

acquiring target face image information of a target user;

under the condition that the verification fails, acquiring an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type of the target user;

According to a sixth aspect of embodiments herein, there is provided another computing device, comprising:

a memory and a processor;

acquiring and storing registered face image information of a target user;

According to a seventh aspect of embodiments herein, there is provided a computer-readable storage medium storing computer-executable instructions that, when executed by a processor, implement the steps of any one of the authentication methods.

According to an eighth aspect of embodiments herein, there is provided another computer-readable storage medium storing computer-executable instructions that, when executed by a processor, implement the steps of any one of the information encoding methods.

One embodiment of the present description collects target face image information of a target user; performing identity verification on the target user based on the target face image information; under the condition of failed verification, acquiring an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type by the target user; decoding the identity characteristic character string to generate decoded identity information corresponding to the at least one identity information type; and performing identity verification on the target user based on the decoded identity information, and returning a verification result to the target user.

According to the embodiment of the specification, under the condition that the target user is authenticated by acquiring the face image information of the target user and the authentication fails, other authentication modes are provided for the target user, namely the target user can perform the authentication by inputting the identity characteristic character string generated after the encoding conversion of other identity information, and the probability of identity information leakage of the target user can be effectively reduced by the mode.

Drawings

Fig. 1 is a process flow diagram of an authentication method provided in an embodiment of the present specification;

fig. 2 is a flowchart of a processing procedure of applying an authentication method to an offline payment scenario according to an embodiment of the present specification;

FIG. 3 is a process flow diagram of a method for encoding information provided by one embodiment of the present description;

fig. 4 is a schematic diagram of an authentication device provided in an embodiment of the present description;

fig. 5 is a schematic diagram of an information encoding apparatus according to an embodiment of the present specification;

FIG. 6 is a block diagram of a computing device, provided in one embodiment of the present description;

FIG. 7 is a block diagram of another computing device provided in one embodiment of the present description.

Detailed Description

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present description. This description may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, as those skilled in the art will be able to make and use the present disclosure without departing from the spirit and scope of the present disclosure.

The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification refers to and encompasses any and all possible combinations of one or more of the associated listed items.

It will be understood that, although the terms first, second, etc. may be used herein in one or more embodiments to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first can also be referred to as a second and, similarly, a second can also be referred to as a first without departing from the scope of one or more embodiments of the present description. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.

In the present specification, an authentication method is provided, and the present specification relates to an authentication apparatus, an information encoding method, an information encoding apparatus, two kinds of computing devices, and two kinds of computer-readable storage media, which are described in detail one by one in the following embodiments.

Fig. 1 shows a flowchart of an authentication method provided according to an embodiment of the present specification, which includes steps 102 to 110.

Step 102, collecting target face image information of a target user.

The identity authentication method provided by the specification can be applied to offline face recognition payment or other scenes in which the identity of the user needs to be authenticated through face recognition.

In the embodiment of the specification, face recognition payment is taken as an example, if a target user is a user U, the user U purchases a commodity in a store S, after the user U selects the commodity to be purchased, the commodity amount is settled in a payment machine (a device capable of being used for face payment) in the store S, and payment is selected through face recognition (the payment through face recognition can be selected on the premise that the user U starts a function of 'swiping face payment to the store' on a payment platform and finishes face recognition authentication on the payment platform), after the payment machine receives a face recognition payment instruction of the user U, the target face image information of the user U is acquired, and after the acquisition is finished, the identity verification can be performed on the user U according to the acquired target face image information of the user U.

And 104, performing identity verification on the target user based on the target face image information.

In an embodiment provided by the present specification, the identity verification of the target user based on the target face image information may specifically be implemented by the following steps:

if the matching result is that the matching is failed, sending prompt information for inputting a mobile phone number associated with a payment platform to the target user;

Specifically, taking face recognition payment as an example, after a payment tool of a store S finishes collecting target face image information of a user U, matching the target face image information with historical face image information stored in a database of the store S, wherein the database of the store S comprises the historical face image information collected by all payment tools in the store S, and the historical face image information is also associated with a face recognition result of a historical user and is also associated with registered account information of a payment platform of the historical user in the historical face image information after face recognition is successful;

the target face image information is matched with historical face image information stored in a database of a shop S, that is, similarity calculation is performed between the target face image information and historical face image information stored in the database of the shop S, if a preset similarity threshold is 99%, if the similarity between the target face image information and any historical face image information I with successful face recognition exists in a calculation result of the similarity calculation is greater than or equal to 99%, it is indicated that the result of identity verification performed by the user U through face recognition in the shop S before the target face image information is successful, and at this time, a payment machine can directly deduct the commodity amount of a registered account number of the user U associated in the historical face image information I in a payment platform to complete payment.

In addition, if the similarity between the target face image information and any one piece of historical face image information with successful face recognition is less than 99% according to the calculation result of the similarity calculation, the fact that the user U does not perform identity verification through face recognition in the shop S before the target face image information or the result of performing identity verification through face recognition is verification failure is indicated, the payment tool displays a mobile phone number input page to the user U, and prompt information for inputting the mobile phone number associated with the payment platform is sent to the user U through the page; under the condition that a user inputs a mobile phone number, a registered account number of the user U on a payment platform is obtained according to the mobile phone number, when the user U is opened and carries out face recognition authentication, the payment platform associates registered face image information which passes the authentication with the registered account number of the user U on the payment platform, the registered account numbers of most users on the payment platform are mobile phone numbers at present, if the registered account numbers are other forms of account numbers except the mobile phone number, the mobile phone numbers need to be associated, therefore, a payment machine tool can obtain the registered account number of the user U on the payment platform according to the mobile phone number input by the user U, obtain the registered face image information which passes the authentication and is associated in the registered account numbers, and carry out identity verification according to the registered face image information and target face image information.

Matching the target facial image information with historical facial image information stored in a database, and under the condition of successful matching, not needing the user to input the mobile phone number again for identity verification, thereby being beneficial to shortening the total time of the user payment process and improving the service efficiency; and under the condition of failed matching, determining a registered account number of the user on the payment platform through the mobile phone number input by the user, and authenticating the identity of the user based on the target facial image information and the registered facial image information associated in the registered account number, so that the payment safety can be ensured.

In an embodiment provided in this specification, the identity authentication of the target user based on the target face image information and the registered face image information may specifically be implemented by the following steps:

Specifically, identity authentication is performed on a target user based on target face image information and registered face image information, that is, similarity calculation is performed on the target face image information and the registered face image information of the user U, if a preset similarity threshold is 95%, if a calculation result of the similarity calculation is greater than or equal to 95%, it is indicated that the result of identity authentication performed by the user U through face recognition in the store S is successful, and at this time, a payment machine can directly deduct the commodity amount from a registered account number of the user U in a payment platform to complete payment.

The identity of the user is verified by calculating the similarity between the target face image information and the registered face image information and comparing the similarity calculation result with a preset similarity threshold, so that the safety of payment of an online payment machine of the user is improved.

It should be noted that the identity authentication method provided in the embodiment of the present specification is mainly used for processing a case that a result of identity authentication performed by a target user through face recognition is a failure of authentication, and if a calculation result of the similarity calculation is smaller than a preset similarity threshold, step 106 is executed.

And 106, under the condition that the verification fails, acquiring an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type of the target user.

Specifically, when the verification result of the target user performing the identity verification through the face recognition is that the verification fails, another identity verification manner is provided for the target user, specifically, an information input page is presented to the target user, where the information input page includes at least one selectable identity information type, for example: identification number, name, payment password, etc.; after the target user selects the identity information type, receiving an identity characteristic character string input instruction of the target user, wherein the identity characteristic character string is generated by encoding the initial identity information corresponding to the identity information type by the target user; and acquiring the identity characteristic character string input by the target user, and performing identity verification on the target user through the identity characteristic character string.

When the target user fails to verify through face recognition, other identity verification modes are provided for the target user, and when the target user verifies through other identity information, the input information is an identity characteristic character string generated after the identity information is coded, so that the probability of identity information leakage of the target user is favorably reduced. In addition, if the target user selects to pay through face recognition, if the face recognition verification fails, the target user can select to perform identity verification through other identity information, so that payment is completed, the target user can still complete commodity payment under the condition that other mobile terminal equipment which can be used for payment is not used, and the information input when the target user verifies through other identity verification modes is an identity characteristic character string generated after the identity information is coded, so that the probability of identity information leakage is favorably reduced, and the payment safety is ensured.

In an embodiment provided by the present specification, the identity character string is generated by:

acquiring and storing registered face image information of the target user;

Specifically, still taking face recognition payment as an example, the identity characteristic character string of the user U may be acquired during the face recognition authentication process of the payment platform, that is, when the user U requests to activate the function of "pay by brushing face to store", the payment platform needs to acquire the registered face image information of the user U first, store the registered face image information after the acquisition is completed, and display an initial identity information input page to the user U to send an initial identity information input request to the user U; in addition, the initial identity information input page includes an initial identity information input box and an information encoding rule input box of the initial identity information, and at least one selectable identity information type can be displayed in the initial identity information input box, for example: identity card number, name or payment password, etc.; after detecting the identity information type selected by the user U, the payment platform sets requirements for the user U to display the encoding rule of the initial identity information corresponding to the identity information type under the information encoding rule input box according to the identity information type; acquiring initial identity information and an information coding rule which are input by a user U and correspond to the identity information type;

the identity information type selected by the user U is used as an identity card number, the input identity card number is 123456789123456789, and the input information coding rule is as follows: generating two random numbers, performing modulus taking on the odd-digit number of the identity card plus a first random number 10, and performing modulus taking on the even-digit number plus a second random number 10, wherein the two random numbers are respectively 5 and 7 after the payment platform acquires the information, encoding the identity card number of the user U according to an information encoding rule, outputting an encoding result of 698103254870921436, and finally associating and storing the registered face image information, the identity card information, the information encoding rule and the encoding result with a registered account number of the user U on the payment platform.

When the similarity between the target face image information and the registered face image information is determined to be smaller than the preset similarity threshold according to the calculation result obtained by calculating the similarity between the target face image information and the registered face image information, that is, when the result of the identity verification performed by the target user through face recognition is that the verification fails, the user U may input the identity feature character string 698103254870921436 for identity verification.

The target user is prompted to input initial identity information and a corresponding information coding rule in the process of face recognition authentication of a payment platform, the initial identity information is coded according to the information coding rule, an identity characteristic character string generated by coding is returned to the target user, when the target user fails in face recognition authentication, the identity characteristic character string can be used for identity authentication again, particularly when the target user selects to pay through face recognition, if the face recognition authentication fails, the target user can use the identity characteristic character string for identity authentication, thereby completing payment, ensuring that the target user can still complete commodity payment under the condition of not using other mobile terminal equipment which can be used for payment, and the identity characteristic character string generated after the identity information is coded is used for authentication, the method is favorable for reducing the probability of identity information leakage and ensuring the safety of payment.

In an embodiment provided in this specification, detecting an identity information type selected by the target user, and acquiring initial identity information corresponding to the identity information type and an information encoding rule of the initial identity information, which are input by the target user, may specifically be implemented by the following steps:

detecting the identity information type selected by the target user;

Specifically, since the information encoding rules that can be set for different types of initial identity information are different, the payment platform can determine the information encoding rule template corresponding to the identity information type according to the identity information type selected by the user U. For example, if the identity information type selected by the user U is an identity card number and the identity card number input by the user U is a pure digital type, the payment platform may present an information encoding rule template including an encoding rule suitable for encoding a number for the user U; if the identity information type selected by the user U is a name and the name input by the user U is a Chinese character, the payment platform can display an information coding rule template containing a coding rule suitable for coding letters for the user U, and specifically, if the name input by the user U is a Chinese character, the payment platform needs to acquire a pinyin character string corresponding to the Chinese character before coding, then codes the pinyin character string based on the information coding rule selected by the user U, and outputs an information coding result.

After the payment platform displays the information coding rule template to the user U, the initial identity information corresponding to the identity information type and input by the user U and the information coding rule selected based on the information coding rule template are obtained.

In the embodiment of the specification, a target user can directly select an information coding rule corresponding to an identity information type in an information coding rule template and can also customize the information coding rule, the information coding rule in the information coding rule template is taken as an example, and the target user can refer to the information coding rule template when setting the information coding rule, so that the rule setting time is favorably reduced, the information coding rule set by the target user can be effectively ensured to meet a preset difficulty level, the probability that the target user needs to repeatedly set the information coding rule is reduced, the work efficiency is favorably improved, and the user experience is favorably improved.

In an embodiment provided in this specification, after the step of detecting the identity information type selected by the target user, and acquiring the initial identity information corresponding to the identity information type and the information encoding rule of the initial identity information input by the target user is executed, and before the step of encoding the initial identity information based on the information encoding rule and outputting an information encoding result is executed, the method further includes:

calculating the complexity of the information coding rule;

Specifically, in order to ensure the security of the encoded identity characteristic character string, the difficulty of the information encoding rules required by the payment platform for the initial identity information of different identity information types is different, so that after the payment platform acquires the information encoding rules input by the target user, the complexity of the information encoding rules needs to be calculated, and the corresponding preset information encoding rule complexity threshold value is determined according to the identity information type, and under the condition that the complexity of the information encoding rules input by the target user meets the preset information encoding rule complexity threshold value, the identity information of the target user can be encoded according to the information encoding rules.

In addition, if the judgment result of judging whether the complexity is greater than or equal to the preset information coding rule complexity threshold is negative, no processing is needed.

And 108, decoding the identity characteristic character string to generate decoded identity information corresponding to the at least one identity information type.

In an embodiment provided in this specification, decoding the identity characteristic character string to generate decoded identity information corresponding to the at least one identity information type may specifically be implemented by:

determining a decoding rule corresponding to the preset encoding rule;

Specifically, still taking face recognition payment as an example, the payment tool obtains a registered account number of the user U on the payment platform according to a mobile phone number input by the user U, and since the user U associates a preset information coding rule of initial identity information corresponding to an identity information type with the registered account number in the process of face recognition authentication of the payment platform, the payment tool can obtain the preset information coding rule corresponding to the identity information type in the registered account number;

taking the identity information type corresponding to the identity characteristic character string input by the user U as the identity card number as an example, the preset information coding rule corresponding to the identity card number acquired by the payment machine tool is as follows: generating two random numbers (the first random number is 5, the second random number is 7), adding the first random number to the odd digit of the identity card and taking the modulus of 10, adding the second random number to the even digit and taking the modulus of 10, and determining that the corresponding decoding rule is: adding 5 to odd digits of the identity card and taking a module for 10, adding 3 to even digits and taking a module for 10; the decoding result obtained by decoding 698103254870921436 according to the decoding rule is 12345671234567.

And step 110, performing identity authentication on the target user based on the decoded identity information, and returning an authentication result to the target user.

In an embodiment provided in this specification, the identity authentication of the target user is performed based on the decoded identity information, and an authentication result is returned to the target user, which may specifically be implemented by the following steps:

Specifically, still taking face recognition payment as an example, the payment implement acquires a registered account of the user U on the payment platform according to a mobile phone number input by the user U, and since the initial identity information corresponding to the identity information type is associated with the registered account in the process of face recognition authentication of the user U on the payment platform, the payment implement can acquire the initial identity information corresponding to the identity information type in the registered account; after the initial identity information is obtained, comparing the decoding identity information with the initial identity information; as described above, the initial identity information, which is obtained by the payment tool and is associated with the user U in the registered account number of the payment platform, is the identification number 12345671234567, and the decoding result obtained by decoding the identity characteristic character string input by the user U by the payment tool is 1234571234567, and if the comparison result indicates that the decoding result is consistent with the initial identity information, a prompt message indicating that the payment is successful is returned to the user U; in addition, if the decoding result is inconsistent with the initial identity information, a prompt message of failure of verification, namely failure of payment, is returned to the user U, and other identity verification modes can be provided for the user U.

The embodiment of the specification realizes that other authentication modes are provided for the target user under the condition that the authentication result of the target user through face recognition is authentication failure, and the input information is the identity characteristic character string generated after the identity information is encoded when the target user performs the authentication through other identity information, so that the probability of identity information leakage of the target user is favorably reduced. In addition, if the target user selects to pay through face recognition, if the face recognition verification fails, the target user can select to perform identity verification through other identity information, so that payment is completed, the target user can still complete commodity payment under the condition that other mobile terminal equipment which can be used for payment is not used, and the information input when the target user verifies through other identity verification modes is an identity characteristic character string generated after the identity information is coded, so that the probability of identity information leakage can be effectively reduced, and the payment safety is guaranteed.

The identity authentication method is further described below with reference to fig. 2 by taking an application of the identity authentication method provided in this specification to a payment scenario under online as an example. Fig. 2 is a flowchart illustrating a processing procedure of applying an identity authentication method provided in an embodiment of the present specification to an offline payment scenario, where the specific steps include steps 202 to 220.

Step 202, receiving a face recognition payment request of a user, and collecting target face image information of the user.

A payment machine tool of a certain shop receives a face recognition payment request of a user and collects target face image information of the user.

And 204, acquiring a mobile phone number which is input by the user and is associated with a payment platform, and determining a registered account number of the user on the payment platform according to the mobile phone number.

And step 206, performing identity authentication on the user based on the target face image information and the associated registered face image information in the registered account.

Specifically, the payment tool acquires a registered account number of the user on a payment platform according to the mobile phone number, and acquires registered face image information associated with the registered account number; performing identity authentication on the user based on the target face image information and the registered face image information to obtain an authentication result; under the condition that the verification result is successful, displaying prompt information of successful payment for the user; in case the verification result is a verification failure, step 208 is executed.

And 208, acquiring an identity characteristic character string input by the user for the identity information type as the identity card number.

And step 210, acquiring a preset coding rule of the identity card number associated with the registered account number.

Step 212, determining a decoding rule corresponding to the preset encoding rule.

And 214, decoding the identity characteristic character string according to the decoding rule to generate a decoded identity card number.

Step 216, judging whether the decoding identity card number is consistent with the associated initial identity card number in the registered account number; if yes, go to step 218; if not, go to step 220.

Step 218, a prompt message of successful payment is returned to the target user.

Step 220, returning a prompt message of payment failure to the target user.

The embodiment provided by the specification realizes that when the target user selects to pay through face recognition, if the face recognition verification fails, the target user can select to perform identity verification through other identity information, so that the payment is completed, the target user can still complete commodity payment under the condition that other mobile terminal equipment which can be used for payment is not used, and the information input when the target user verifies through other identity verification modes is an identity characteristic character string generated after the identity information is coded, so that the probability of identity information leakage is favorably reduced, and the payment safety is ensured.

Fig. 3 shows a flowchart of an information encoding method according to an embodiment of the present disclosure, which includes steps 302 to 310.

Step 302, collecting and storing the registered face image information of the target user.

Step 304, sending an initial identity information input request to the target user when the registered face image information is acquired, wherein the initial identity information input request comprises at least one selectable identity information type.

Step 306, detecting the identity information type selected by the target user, and acquiring initial identity information corresponding to the identity information type and an information encoding rule of the initial identity information, which are input by the target user.

And 308, encoding the initial identity information based on the information encoding rule, and outputting an information encoding result.

And step 310, associating and storing the registered face image information, the initial identity information and the information coding result of the initial identity information with a registered account of the target user on a payment platform.

detecting the identity information type selected by the target user;

and acquiring initial identity information corresponding to the identity information type and input by the target user and an information coding rule of the initial identity information selected based on the information coding rule template.

In an embodiment provided in this specification, after the step of detecting the identity information type selected by the target user, and acquiring the initial identity information corresponding to the identity information type and the information encoding rule of the initial identity information input by the target user is executed, and before the step of encoding the initial identity information based on the information encoding rule and outputting the information encoding result is executed, the following steps may be further executed:

calculating the complexity of the information coding rule;

In addition, a user can directly select an information coding rule corresponding to the identity information type in the information coding rule template, and can also customize the information coding rule, the information coding rule in the information coding rule template is taken as an example, and the user can refer to the information coding rule template when setting the information coding rule, so that the rule setting time is favorably shortened, the information coding rule set by the user can be effectively ensured to meet the preset difficulty level, the probability that the target user needs to repeatedly set the information coding rule is reduced, the working efficiency is favorably improved, and the user experience is favorably improved.

The technical scheme of the information encoding method in the embodiment of the present specification is the same as the generation process of the identity characteristic character string in the identity verification method, and details of the technical scheme of the information encoding method, which are not described in detail, can be referred to the description of the generation process of the identity characteristic character string in the identity verification method, and are not described herein again.

Corresponding to the above-mentioned embodiment of the identity authentication method, the present specification further provides an embodiment of an identity authentication apparatus, and fig. 4 shows a schematic structural diagram of an identity authentication apparatus provided in an embodiment of the present specification. As shown in fig. 4, the apparatus includes:

a first information acquisition module 402 configured to acquire target face image information of a target user;

a first authentication module 404 configured to authenticate the target user based on the target face image information;

if the verification fails, the string obtaining module 406 is operated;

the character string obtaining module 406 is configured to obtain an identity feature character string input by the target user, where the identity feature character string is generated by encoding initial identity information corresponding to at least one identity information type of the target user;

a decoding module 408 configured to decode the identity character string to generate decoded identity information corresponding to the at least one identity information type;

a second authentication module 410 configured to authenticate the target user based on the decoded identity information and return an authentication result to the target user.

Optionally, the first identity verification module 404 includes:

the historical facial image information acquisition sub-module is configured to acquire historical facial image information of at least one historical user stored in a database;

the matching submodule is configured to match the target face image information with the historical face image information to obtain a matching result;

if the matching result is matching failure, operating a prompt message sending submodule;

the prompt message sending submodule is configured to send prompt messages for inputting mobile phone numbers associated with a payment platform to the target user;

the registered facial image information acquisition sub-module is configured to acquire a registered account number of the target user on the payment platform according to the mobile phone number and acquire registered facial image information associated with the registered account number;

and the identity verification sub-module is configured to verify the identity of the target user based on the target facial image information and the registered facial image information.

Optionally, the decoding module 408 includes:

a preset encoding rule obtaining sub-module configured to obtain a preset encoding rule of initial identity information corresponding to the at least one identity information type associated with the registered account;

a decoding rule determining sub-module configured to determine a decoding rule corresponding to the preset encoding rule;

and the decoding identity information generation sub-module is configured to decode the identity characteristic character string according to the decoding rule to generate decoding identity information corresponding to the at least one identity information type.

Optionally, the second identity verification module 410 includes:

an initial identity information obtaining sub-module configured to obtain initial identity information associated in the registered account and corresponding to the at least one identity information type;

a determining sub-module configured to determine whether the decoding identity information is consistent with the initial identity information;

if the execution result of the judgment submodule is yes, operating a first information return submodule;

the first information returning submodule is configured to return prompt information of successful verification to the target user;

if the execution result of the judgment submodule is negative, operating a second information return submodule;

the second information returning submodule is configured to return prompt information of verification failure to the target user.

Optionally, the identity verification sub-module includes:

a similarity calculation unit configured to calculate a similarity between the target face image information and the registered face image information;

if the similarity is larger than a preset similarity threshold, the verification is successful; and if the similarity is smaller than the preset similarity threshold, the verification fails.

Optionally, the identity authentication apparatus further includes:

and the association module is configured to associate and store the registered facial image information, the initial identity information and the information coding result of the initial identity information with the registered account of the target user on the payment platform.

Optionally, the information encoding rule obtaining module includes:

the identity information type detection submodule is configured to detect the identity information type selected by the target user;

the information coding rule template determining submodule is configured to determine and display an information coding rule template corresponding to the identity information type according to the identity information type;

an input information obtaining sub-module configured to obtain initial identity information corresponding to the identity information type input by the target user and an information encoding rule of the initial identity information selected based on the information encoding rule template.

Optionally, the information encoding apparatus further includes:

a complexity calculation module configured to calculate a complexity of the information encoding rule;

a complexity threshold determination module configured to determine a preset information encoding rule complexity threshold corresponding to the identity information type;

the complexity judging module is configured to judge whether the complexity is greater than or equal to a preset information coding rule complexity threshold value;

and if the execution result of the complexity judgment module is yes, operating the coding module.

The above is a schematic scheme of an authentication apparatus of this embodiment. It should be noted that the technical solution of the identity authentication apparatus and the technical solution of the identity authentication method described above belong to the same concept, and details that are not described in detail in the technical solution of the identity authentication apparatus can be referred to the description of the technical solution of the identity authentication method described above.

Corresponding to the above information encoding method embodiment, the present specification further provides an information encoding apparatus embodiment, and fig. 5 shows a schematic structural diagram of an information encoding apparatus provided in an embodiment of the present specification. As shown in fig. 5, the apparatus includes:

a second information acquisition module 502 configured to acquire and store registered face image information of a target user;

running an information input request sending module 504 under the condition that the registered face image information is acquired;

the information input request sending module 504 is configured to send an initial identity information input request to the target user, where the initial identity information input request includes at least one selectable identity information type;

an information encoding rule obtaining module 506, configured to detect the identity information type selected by the target user, and obtain initial identity information corresponding to the identity information type and an information encoding rule of the initial identity information, which are input by the target user;

an encoding module 508 configured to encode the initial identity information based on the information encoding rule and output an information encoding result;

an associating module 510 configured to associate and store the registered face image information, the initial identity information, and the information encoding result of the initial identity information with a registered account of the target user on a payment platform.

Optionally, the information encoding rule obtaining module 506 includes:

Optionally, the information encoding apparatus further includes:

the complexity judging module is configured to judge whether the complexity is greater than or equal to the preset information coding rule complexity threshold value;

if the execution result of the complexity determination module is yes, the encoding module 508 is run.

The above is a schematic arrangement of an information encoding apparatus of the present embodiment. It should be noted that the technical solution of the information encoding apparatus belongs to the same concept as the technical solution of the information encoding method, and for details that are not described in detail in the technical solution of the information encoding apparatus, reference may be made to the description of the technical solution of the information encoding method.

FIG. 6 illustrates a block diagram of a computing device 600 provided in accordance with one embodiment of the present description. The components of the computing device 600 include, but are not limited to, a memory 610 and a processor 620. The processor 620 is coupled to the memory 610 via a bus 630 and a database 650 is used to store data.

Computing device 600 also includes access device 640, access device 640 enabling computing device 600 to communicate via one or more networks 660. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. Access device 640 may include one or more of any type of network interface (e.g., a Network Interface Card (NIC)) whether wired or wireless, such as an IEEE802.11 Wireless Local Area Network (WLAN) wireless interface, a worldwide interoperability for microwave access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.

In one embodiment of the present description, the above-described components of computing device 600, as well as other components not shown in FIG. 6, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device architecture shown in FIG. 6 is for purposes of example only and is not limiting as to the scope of the present description. Those skilled in the art may add or replace other components as desired.

Computing device 600 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet computer, personal digital assistant, laptop computer, notebook computer, netbook, etc.), mobile phone (e.g., smartphone), wearable computing device (e.g., smartwatch, smart glasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 600 may also be a mobile or stationary server.

Wherein processor 620 is configured to execute the following computer-executable instructions:

acquiring target face image information of a target user;

The above is an illustrative scheme of a computing device of the present embodiment. It should be noted that the technical solution of the computing device and the technical solution of the authentication method described above belong to the same concept, and details that are not described in detail in the technical solution of the computing device can be referred to the description of the technical solution of the authentication method described above.

FIG. 7 illustrates a block diagram of a computing device 700, provided in accordance with one embodiment of the present description. Components of the computing device 700 include, but are not limited to, a memory 710 and a processor 720. Processor 720 is coupled to memory 710 via bus 730, and database 750 is used to store data.

Computing device 700 also includes access device 740, access device 740 enabling computing device 700 to communicate via one or more networks 760. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. Access device 740 may include one or more of any type of network interface (e.g., a Network Interface Card (NIC)) whether wired or wireless, such as an IEEE802.11 Wireless Local Area Network (WLAN) wireless interface, a worldwide interoperability for microwave access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.

In one embodiment of the present description, the above-described components of computing device 700, as well as other components not shown in FIG. 7, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device architecture shown in FIG. 7 is for purposes of example only and is not limiting as to the scope of the present description. Those skilled in the art may add or replace other components as desired.

Computing device 700 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), mobile phone (e.g., smartphone), wearable computing device (e.g., smartwatch, smartglasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 700 may also be a mobile or stationary server.

Wherein processor 720 is configured to execute the following computer-executable instructions:

acquiring and storing registered face image information of a target user;

The above is an illustrative scheme of a computing device of the present embodiment. It should be noted that the technical solution of the computing device and the technical solution of the information encoding method belong to the same concept, and details that are not described in detail in the technical solution of the computing device can be referred to the description of the technical solution of the information encoding method.

An embodiment of the present specification also provides a computer readable storage medium storing computer instructions which, when executed by a processor, are used for implementing the steps of the authentication method.

The above is an illustrative scheme of a computer-readable storage medium of the present embodiment. It should be noted that the technical solution of the storage medium belongs to the same concept as the technical solution of the above-mentioned authentication method, and details that are not described in detail in the technical solution of the storage medium can be referred to the description of the technical solution of the above-mentioned authentication method.

In addition, an embodiment of the present specification provides a computer instruction stored in a computer-readable storage medium, which is executed by a processor to implement the steps of the information encoding method.

The above is an illustrative scheme of a computer-readable storage medium of the present embodiment. It should be noted that the technical solution of the storage medium belongs to the same concept as the technical solution of the information encoding method, and details that are not described in detail in the technical solution of the storage medium can be referred to the description of the technical solution of the information encoding method.

The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

The computer instructions comprise computer program code which may be in the form of source code, object code, an executable file or some intermediate form, or the like. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.

It should be noted that, for the sake of simplicity, the foregoing method embodiments are described as a series of acts, but those skilled in the art should understand that the present embodiment is not limited by the described acts, because some steps may be performed in other sequences or simultaneously according to the present embodiment. Furthermore, those skilled in the art will appreciate that the embodiments described in this specification are presently preferred and that no acts or modules are required in the implementations of the disclosure.

In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

The preferred embodiments of the present specification disclosed above are intended only to aid in the description of the specification. Alternative embodiments are not exhaustive and do not limit the invention to the precise embodiments described. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the embodiments and the practical application, to thereby enable others skilled in the art to best understand and utilize the embodiments. The specification is limited only by the claims and their full scope and equivalents.

Claims

1. An identity verification method comprising:

acquiring target face image information of a target user;

under the condition of failed verification, acquiring an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type input by the target user according to an information encoding rule of the initial identity information corresponding to at least one identity information type input by the target user, acquired after the registered face image information of the target user is acquired;

and performing identity verification on the target user based on the decoded identity information, and returning a verification result to the target user.

2. The identity verification method according to claim 1, wherein the verifying the identity of the target user based on the target face image information comprises:

3. The identity verification method of claim 2, wherein the decoding the identity characteristic string to generate decoded identity information corresponding to the at least one identity information type comprises:

determining a decoding rule corresponding to the preset encoding rule;

and decoding the identity characteristic character string according to the decoding rule to generate the decoding identity information corresponding to the at least one identity information type.

4. The authentication method of claim 3, wherein the authenticating the target user based on the decoded identity information and returning an authentication result to the target user comprises:

5. The authentication method according to claim 2, wherein the authenticating the target user based on the target face image information and the registered face image information comprises:

6. The identity verification method of claim 1, wherein the identity character string is generated by:

acquiring and storing registered face image information of the target user;

encoding the initial identity information based on the information encoding rule and outputting an information encoding result, wherein the information encoding result is the identity characteristic character string;

7. The identity verification method of claim 6, wherein the detecting the identity information type selected by the target user and obtaining the initial identity information corresponding to the identity information type and the information encoding rule of the initial identity information, which are input by the target user, comprises:

detecting the identity information type selected by the target user;

8. The identity verification method according to claim 6, wherein after the step of detecting the identity information type selected by the target user and obtaining the initial identity information corresponding to the identity information type input by the target user and the information encoding rule of the initial identity information is executed, and before the step of encoding the initial identity information based on the information encoding rule and outputting the information encoding result is executed, the method further comprises:

calculating the complexity of the information coding rule;

9. An information encoding method, comprising:

acquiring and storing registered face image information of a target user;

encoding the initial identity information based on the information encoding rule and outputting an information encoding result, wherein the information encoding result is an identity characteristic character string;

10. The identity verification method of claim 9, wherein the detecting an identity information type selected by the target user and obtaining initial identity information corresponding to the identity information type and an information encoding rule of the initial identity information, which are input by the target user, comprises:

detecting the identity information type selected by the target user;

11. The identity verification method according to claim 9, wherein after the step of detecting the identity information type selected by the target user and obtaining the initial identity information corresponding to the identity information type input by the target user and the information encoding rule of the initial identity information is executed, and before the step of encoding the initial identity information based on the information encoding rule and outputting the information encoding result is executed, the method further comprises:

calculating the complexity of the information coding rule;

12. An authentication apparatus comprising:

the information acquisition module is configured to acquire target face image information of a target user;

under the condition of failure of verification, operating a character string acquisition module;

the character string acquisition module is configured to acquire an identity characteristic character string input by the target user, wherein the identity characteristic character string is generated by encoding initial identity information corresponding to at least one identity information type input by the target user according to an information encoding rule of the initial identity information corresponding to the at least one identity information type input by the target user, which is acquired after the acquisition of the registered face image information of the target user is completed;

a decoding module configured to decode the identity characteristic character string to generate decoded identity information corresponding to the at least one identity information type;

13. An information encoding apparatus comprising:

the information acquisition module is configured to acquire and store registered face image information of a target user;

an information input request sending module configured to send an initial identity information input request to the target user, wherein the initial identity information input request includes at least one selectable identity information type;

the encoding module is configured to encode the initial identity information based on the information encoding rule and output an information encoding result, wherein the information encoding result is an identity characteristic character string;

and the association module is configured to associate and store the registered facial image information, the initial identity information and the information coding result of the initial identity information with a registered account of the target user on a payment platform.

14. A computing device, comprising:

a memory and a processor;

acquiring target face image information of a target user;

15. A computing device, comprising:

a memory and a processor;

acquiring and storing registered face image information of a target user;

16. A computer readable storage medium storing computer instructions which, when executed by a processor, carry out the steps of the authentication method of any one of claims 1 to 8.

17. A computer readable storage medium storing computer instructions which, when executed by a processor, carry out the steps of the information encoding method of any one of claims 9 to 12.