CN110992022A - Method and device for obtaining verification result - Google Patents

Method and device for obtaining verification result Download PDF

Info

Publication number
CN110992022A
CN110992022A CN201911183423.0A CN201911183423A CN110992022A CN 110992022 A CN110992022 A CN 110992022A CN 201911183423 A CN201911183423 A CN 201911183423A CN 110992022 A CN110992022 A CN 110992022A
Authority
CN
China
Prior art keywords
serial number
target
transaction serial
background server
verification result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911183423.0A
Other languages
Chinese (zh)
Other versions
CN110992022B (en
Inventor
马广华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN201911183423.0A priority Critical patent/CN110992022B/en
Publication of CN110992022A publication Critical patent/CN110992022A/en
Application granted granted Critical
Publication of CN110992022B publication Critical patent/CN110992022B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a method and a device for obtaining a verification result, which comprises the steps that after a first background server receives a target transaction serial number and an identification code of a target interface sent by a front-end system, whether the target transaction serial number exists in a plurality of transaction serial numbers generated in advance is judged, if yes, verification operation corresponding to the target interface is carried out according to the identification code of the target interface to obtain the verification result, the verification result and the target transaction serial number are stored correspondingly, and a verification finishing instruction is sent to the front-end system to enable the front-end system to send the target transaction serial number to a second background server, so that the second background server obtains the verification result from the first background server according to the target transaction serial number. According to the technical scheme, the front-end system receives only the instruction for finishing the verification, but not the verification result, and the verification result obtained by the second background server is obtained from the first background server, so that the verification result cannot be tampered by the front-end system.

Description

Method and device for obtaining verification result
Technical Field
The present application relates to the field of electronic information, and in particular, to a method and an apparatus for obtaining a verification result.
Background
With the expansion of production scale, many headquarters organizations are provided with branch organizations, and in order to better serve users, H5 pages of each branch organization are often embedded in front-end systems developed by the headquarters organizations, so that users can enjoy the special services of each branch organization through the front-end systems developed by the headquarters organizations.
When a user operates a business service item on an H5 page of a front-end system, the security requirements of some business service items are high, so that the use authority of the business service item needs to be verified, and if the verification is passed, the user is allowed to use the business service item.
In the prior art, the verification result is often tampered, after the tampered verification result is input into the background server of the branch mechanism, the background server of the branch mechanism responds to the operation of the business service item of the front-end system according to the received verification result, and therefore user information leakage or property loss is caused. Therefore, how to ensure that the verification result is not falsifiable becomes a problem which needs to be solved urgently at present.
Disclosure of Invention
The inventor finds that, in the prior art, after obtaining the verification result, the backend server of the headquarters organization sends the verification result to the front-end system (i.e. a client, such as an APP), and the front-end system sends the verification result to the backend server of the branch organization. Because the verification result is sent to the background server of the branch mechanism through the front end, and the front end system is easy to be attacked, the verification result received by the front end can be easily modified and then sent to the background server of the branch mechanism, so that the verification result which is not verified is falsified into the verification result which is verified to be passed, and user information leakage or property loss is caused.
The application provides a method and a device, and aims to solve the problem of how to ensure that a verification result cannot be tampered.
In order to achieve the above object, the present application provides the following technical solutions:
a method for obtaining a verification result comprises the following steps:
after receiving a target transaction serial number and an identification code of a target interface sent by a front-end system, a first background server judges whether the target transaction serial number exists in a plurality of transaction serial numbers generated in advance;
if the target transaction serial number exists, carrying out preset verification operation corresponding to the target interface according to the identification code of the target interface to obtain a verification result; correspondingly storing the verification result and the target transaction serial number;
and sending an instruction for finishing verification to the front-end system, wherein the instruction carries the target transaction serial number, so that the front-end system sends the target transaction serial number to a second background server, and the second background server obtains the verification result from the first background server according to the target transaction serial number.
Optionally, in the method, the first background server records that the verification result and the target transaction serial number are invalid after the second background server obtains the verification result.
In the foregoing method, optionally, before the first backend server receives the target transaction serial number and the identification code of the target interface sent by the front-end system, the method further includes:
receiving a transaction sequence number allocation request sent by the second background server, wherein the transaction sequence number allocation request at least comprises an identification code of a branch organization and an identification code of the target interface; the second background server determines the identification code of the target interface according to the received transaction request sent by the front-end system, and the branch mechanism is a mechanism to which the second background server belongs;
after confirming that the branch mechanism has the authority of accessing the target interface, generating the target transaction serial number according to a preset transaction serial number generation rule, and sending the target transaction serial number to the second server, so that the second background server sends the target transaction serial number and the identification code of the target interface to the front-end system.
Optionally, the method for confirming that the branch office has the right to access the target interface includes:
according to the identification code of the branch organization, determining the interface corresponding to the branch organization from a pre-stored authority relation table, wherein the authority relation table specifies the interfaces corresponding to a plurality of branch organizations, and the interface corresponding to any branch organization represents the access authority of the branch organization with the interface;
and judging whether the target interface exists in the interfaces corresponding to the branch mechanisms, and if so, confirming that the branch mechanisms have the authority of accessing the target interface.
An apparatus for obtaining a verification result, applied to a first background server, includes:
the receiving unit is used for receiving the target transaction serial number and the identification code of the target interface sent by the front-end system;
the judging unit is used for judging whether the target transaction serial number exists in a plurality of transaction serial numbers generated in advance; if the target transaction serial number exists, carrying out preset verification operation corresponding to the target interface according to the identification code of the target interface to obtain a verification result, and correspondingly storing the verification result and the target transaction serial number;
and the sending unit is used for sending a verification ending instruction to the front-end system, wherein the instruction carries the target transaction serial number, so that the front-end system sends the target transaction serial number to a second background server, and the second server obtains the verification result from the judging unit according to the target transaction serial number.
Optionally, the apparatus further includes a recording unit, configured to record that the verification result and the target transaction serial number are invalid after the second background server obtains the verification result.
Optionally, the apparatus further includes a generation unit, configured to receive a transaction serial number allocation request sent by the second background server, where the transaction serial number allocation request at least includes an identifier of a branch organization and an identifier of the target interface; the second background server determines the identification code of the target interface according to the received transaction request sent by the front-end system, and the branch mechanism is a mechanism to which the second background server belongs;
after confirming that the branch mechanism has the authority of accessing the target interface, generating the target transaction serial number according to a preset transaction serial number generation rule, and sending the target transaction serial number to the second background server, so that the second background server sends the target transaction serial number and the identification code of the target interface to the front-end system.
Optionally, the apparatus described above, wherein the generating unit is configured to confirm that the affiliate has the right to access the target interface, and includes: the generation unit is specifically configured to determine, according to the identification code of the division organization, an interface corresponding to the division organization from a pre-stored authority relationship table, where the authority relationship table specifies interfaces corresponding to a plurality of division organizations, and an interface corresponding to any one division organization represents that the division organization has an access authority of the interface;
and judging whether the target interface exists in the interfaces corresponding to the branch mechanisms, and if so, confirming that the branch mechanisms have the authority of accessing the target interface.
An electronic device, comprising: a processor and a memory for storing a program; the processor is used for running the program to realize the method for acquiring the verification result.
A computer-readable storage medium having stored therein instructions, which when run on a computer, cause the computer to execute the above-mentioned method for obtaining a verification result.
According to the method and the device, a first background server (such as a background server of a headquarter organization) carries out verification operation, after a verification result is obtained, the verification result and a target transaction serial number are correspondingly stored, and a verification finishing instruction is sent to a front-end system, wherein the target transaction serial number is carried in the instruction, so that the front-end system sends the target transaction serial number to a second background server (such as a background server of a branch organization), and the second background server obtains the verification result from a binding result according to the target transaction serial number. Therefore, in the technical scheme, the front-end system receives only the instruction for finishing the verification, but not the verification result, and the verification result obtained by the second background server is obtained from the first background server, so that the verification result cannot be tampered by the front-end system.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for obtaining a verification result disclosed in an embodiment of the present application;
fig. 2 is a flowchart of another method for obtaining a verification result disclosed in the embodiment of the present application;
fig. 3 is a flowchart of another method for obtaining a verification result disclosed in the embodiment of the present application;
fig. 4 is a flowchart of an apparatus for obtaining a verification result according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of an electronic device disclosed in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Fig. 1 is a method for obtaining a verification result according to an embodiment of the present application, and the method may include the following steps.
S101, after receiving a target transaction serial number and an identification code of a target interface sent by a front-end system, a first background server judges whether a target transaction serial number exists in a plurality of transaction serial numbers generated in advance. If so, S102 is performed, and if not, S105 is performed.
The front-end system may be a client, such as an APP, the first backend server may be a backend server of a headquarters organization, the transaction sequence number is a sequence number generated in advance by the first backend server and at least including 32-bit characters, and the transaction sequence number may be obtained by using a hash algorithm, for example, according to a rule of the hash algorithm, a data structure of the transaction sequence number may be: timestamp + server self-increment sequence + target interface identification code + random number.
After receiving the target transaction serial number sent by the front-end system, the first background server searches for a transaction serial number identical to the target transaction serial number from a plurality of pre-stored transaction serial numbers, if the transaction serial number identical to the target transaction serial number exists, S102 is executed, and if the transaction serial number identical to the target transaction serial number does not exist, it is indicated that the target transaction serial number is invalid, or the target transaction serial number is a tampered serial number, S105 is executed.
S102, according to the identification code of the target interface, carrying out preset verification operation corresponding to the target interface to obtain a verification result.
In this embodiment, different interfaces have different service functions, and for different service functions, the verification process may be different, for example, some service functions need short message verification operation, some service functions need face recognition verification operation, and the like. The verification operation corresponding to the interface is preset, and after the first background server determines the target interface, the verification operation is carried out according to the verification operation flow corresponding to the target interface, so that a verification result is obtained.
And S103, correspondingly storing the verification result and the target transaction serial number.
Because a plurality of identical verification results may exist in the first background server, but the target transaction serial number is unique, the verification results and the target transaction serial number are correspondingly stored, so that the corresponding verification results can be accurately found through the target transaction serial number in the following process.
And S104, sending a verification finishing instruction to the front-end system so that the front-end system sends the target transaction serial number to the second background server, and the second background server obtains a verification result from the first background server according to the target transaction serial number.
In this embodiment, after the first background server finishes verification and obtains a verification result, the first background server sends a verification-finished instruction to the front end, where the instruction carries a target transaction serial number. And after receiving the instruction, the front-end system sends the target transaction serial number to the second background server, so that the front end acquires a verification result corresponding to the target transaction serial number from the first background server according to the target transaction serial number.
And S105, sending prompt information of transaction failure to the front-end system.
And if the target transaction serial number does not exist in the plurality of transaction serial numbers generated in advance, confirming that the transaction fails, and prompting information of the transaction failure of the front-end system.
In the method provided by this embodiment, after the first backend server performs the verification operation to obtain the verification result, the verification result and the target transaction serial number are stored correspondingly, and an instruction for completing the verification is sent to the front-end system, where the instruction carries the target transaction serial number, so that the front-end system sends the target transaction serial number to the second backend server, and the second backend server obtains the verification result from the binding result according to the target transaction serial number. Therefore, in the technical scheme, the front-end system receives only the instruction for finishing the verification, but not the verification result, and the verification result obtained by the second background server is obtained from the first background server, so that the verification result cannot be tampered by the front-end system.
Fig. 2 is a further method for obtaining a verification result according to an embodiment of the present application, where an execution subject of the embodiment is a first background server, and the method may include the following steps:
s201, receiving a transaction sequence number allocation request sent by a second background server.
And the second background server sends a transaction sequence number distribution request to the first background server under the condition of receiving the transaction service request sent by the front-end system. The distributed transaction serial number request carries a branch agency identification code and a target interface identification code. The second background server determines the identification code of the target interface according to the received transaction request sent by the front-end system, and specifically, the second background server determines the transaction type corresponding to the transaction request and determines the corresponding target interface according to the transaction type. The branch mechanism is a mechanism to which the second background server belongs.
And S202, after confirming that the branch mechanism has the authority of accessing the target interface, generating a target transaction serial number, and sending the target transaction serial number to the second background server.
The specific implementation mode for confirming that the branch organization has the authority to access the target interface is as follows: according to the identification code of the branch organization, the interface corresponding to the branch organization is determined from the pre-stored authority relation table, whether a target interface exists in the interface corresponding to the branch organization is judged, and if the target interface exists, the branch organization is confirmed to have the authority of accessing the target interface. In this embodiment, the authority relationship table is set by a developer and stored in the first background server, the authority relationship table specifies interfaces corresponding to a plurality of affiliates, and an interface corresponding to any one affiliate represents that the affiliate has an access authority of the interface.
In this embodiment, after determining that the branch organization has the right to access the target interface, the branch organization generates a target transaction serial number according to a predefined transaction serial number generation rule, for example, by using a hash algorithm, and sends the target transaction serial number to the second backend server, so that the second backend server sends the target transaction serial number and the identification code of the target interface to the front-end system.
S203, after receiving the target transaction serial number and the identification code of the target interface sent by the front-end system, judging whether the target transaction serial number exists in a plurality of transaction serial numbers generated in advance. If so, S204 is performed, and if not, S208 is performed.
And S204, carrying out preset verification operation corresponding to the target interface according to the identification code of the target interface to obtain a verification result.
And S205, correspondingly storing the verification result and the target transaction serial number.
S206, sending an instruction of finishing verification to the front-end system so that the front-end system sends the target transaction serial number to the second background server, and the second background server obtains a verification result from the first background server according to the target transaction serial number.
In this embodiment, the specific processes of S203 to S206 may refer to S101 to S104 of the above embodiment, which are not described herein again.
And S207, after the second background server obtains the verification result, the verification result and the target transaction serial number are recorded to be invalid.
In order to prevent the front end from triggering the second background server to obtain the same verification result again from the first background server by using the same target transaction serial number, in this embodiment, after the second background server obtains the verification result, the verification result and the target transaction serial number are recorded to be invalid, so that the target transaction serial number and the verification result are ensured to have disposable use characteristics, and thus, the security can be improved.
And S208, prompting information of failure of the front-end system transaction.
In the method provided by the embodiment, the first backend server sends the instruction of only finishing the verification to the front-end system, but not the verification result, and the verification result is obtained by the second backend server from the first backend server according to the target transaction serial number, so that the verification result cannot be tampered by the front-end system, and the safety of user information and property is improved.
In addition, the control of the access authority of each branch mechanism to the interface is realized through the preset authority relation table, and under the condition that a new branch mechanism is accessed, the accessible interface can be configured for the new branch mechanism through the authority relation table, so that the service function of the interface can be shared to the new branch mechanism without program transformation. Meanwhile, when the interface access authority of the existing partition mechanism is adjusted, the authority relation table is adjusted, so that the method is quick and convenient.
Meanwhile, after the second background server acquires the verification result, the first background server records the verification result and the target transaction serial number is invalid, so that the target transaction serial number and the verification result are ensured to have one-time use characteristics, and the verification safety is improved.
The method provided by the present application is described below by taking an APP with a client as an H5 page embedded in a branch organization, a first background server as a headquarter organization background server, and a second background server as a branch organization background server as examples, and fig. 3 is a further method for obtaining an authentication result provided by the embodiment of the present application, which may include the following steps:
the S301, H5 pages submit transaction requests to the affiliate backend servers.
S302, the branch organization background server sends a transaction sequence number distribution request to the headquarter organization background server. Specifically, after receiving the transaction request, the branch organization background service sends a transaction sequence number allocation request to the headquarter organization background server, where the transaction sequence number allocation request at least includes a branch organization identification code and a target interface identification code, and optionally, may also include a user identity identification code and transaction content.
And S303, the headquarter organization background server sends the target transaction serial number to the branch organization background server. And after determining that the branch mechanism has the authority of accessing the target interface, the headquarter mechanism background server generates a target transaction serial number and sends the target transaction serial number to the branch mechanism background server.
S304, the branch organization background server sends the target transaction serial number and the target interface identification code to an H5 page of the APP.
The S305, H5 page sends a request to the APP to invoke the functional service of the target interface. After the page H5 receives the target transaction serial number and the target interface identification code, the function service of the target interface of the APP is determined to be called, and then a request for calling the function service of the target interface of the APP is sent to the APP, wherein the request carries the target transaction serial number and the target interface identification code.
S306, the APP sends an authority verification request for calling the target interface to a headquarters institution background server, and the request carries a target transaction serial number and a target interface identification code. After receiving the request sent by the H5 page, the APP sends an authentication request for calling a target interface to a headquarters institution background server.
And S307, after the headquarter organization background server determines that the target transaction serial number exists, performing preset verification operation corresponding to the target interface according to the identification code of the target interface to obtain a verification result. The specific implementation of this step may refer to the above embodiments, which are not described herein again.
And S308, the headquarter organization background server sends an instruction of finishing verification to the H5 page.
And S309 and H5 pages send target transaction serial numbers to the background servers of the branch institutions.
S310, the branch organization background server obtains the verification result from the background server according to the target transaction serial number.
And S311, the branch organization background server performs corresponding subsequent operation according to the verification result. For example, if the verification result is that the verification is passed, the transaction content corresponding to the transaction request or the corresponding transaction operation, such as deduction, is provided for the user.
According to the method provided by the embodiment, the verification result is obtained by the branch mechanism background server from the headquarter mechanism background server according to the target transaction serial number, so that the verification result obtained by the branch mechanism is guaranteed not to be falsified, and the safety of user information and property is improved.
It should be noted that the method provided in the embodiment of the present application may also be applied to the following scenarios: the H5 page sends a transaction request to the branch organization background server, the branch organization background server determines that the transaction data acquired by the transaction request needs to be provided by the headquarter organization background server, the branch organization background server sends a transaction data acquisition request to the headquarter organization background server, the headquarter organization background server generates a target transaction serial number and acquires transaction data according to the received request, and after the target transaction serial number and the transaction data are correspondingly stored, sending a transaction data acquisition completion instruction to an H5 page, wherein the instruction carries the target transaction serial number, so that the H5 page sends the target transaction serial number to the branch organization background servers, and after the branch organization background servers receive the target transaction serial number sent by the H5 page, the branch organization background servers acquire the transaction data from the headquarter organization background server according to the target transaction serial number and send the transaction data to the H5 page.
Corresponding to the method for acquiring the verification result provided by the embodiment of the present invention, referring to fig. 4, a schematic structural diagram of an apparatus 400 for acquiring the verification result provided by the embodiment of the present invention is shown, including:
the receiving unit 401 is configured to receive a target transaction serial number and an identification code of a target interface sent by a front-end system.
A judging unit 402 configured to judge whether a target transaction serial number exists in a plurality of transaction serial numbers generated in advance; and if the target transaction serial number exists, carrying out preset verification operation corresponding to the target interface according to the identification code of the target interface to obtain a verification result, and correspondingly storing the verification result and the target transaction serial number.
A sending unit 403, configured to send an instruction of ending the verification to the front-end system, where the instruction carries the target transaction serial number, so that the front-end system sends the target transaction serial number to the second backend server, and the second server obtains the verification result from the determining unit 402 according to the target transaction serial number.
The apparatus further includes a recording unit 404 and a generating unit 405.
And the recording unit 404 is configured to record the validation result and the target transaction serial number as invalid after the second background server obtains the validation result.
The generation unit 405 is configured to receive a transaction sequence number allocation request sent by the second background server, where the transaction sequence number allocation request at least includes an identification code of a branch organization and an identification code of a target interface; the second background server determines the identification code of the target interface according to the received transaction request sent by the front-end system, and the sub-mechanisms are the mechanisms to which the second background server belongs; and after confirming that the branch mechanism has the right to access the target interface, generating a target transaction serial number according to a preset transaction serial number generation rule, and sending the target transaction serial number to the second background server so that the second background server sends the target transaction serial number and the identification code of the target interface to the front-end system.
The specific implementation manner of the generation unit 405 for confirming that the branch organization has the authority to access the target interface is as follows: according to the identification codes of the branch organizations, determining the interfaces corresponding to the branch organizations from a pre-stored authority relation table, wherein the authority relation table specifies the interfaces corresponding to a plurality of branch organizations, and the interface corresponding to any branch organization characterizes the access authority of the branch organization; and judging whether the interfaces corresponding to the branch mechanisms have target interfaces or not, and if so, confirming that the branch mechanisms have the authority of accessing the target interfaces.
According to the method and the device, the first background server carries out verification operation, after a verification result is obtained, the verification result and the target transaction serial number are correspondingly stored, and a verification finishing instruction is sent to the front-end system, wherein the target transaction serial number is carried in the instruction, so that the front-end system sends the target transaction serial number to the second background server, and the second background server obtains the verification result from the binding result according to the target transaction serial number. Therefore, in the technical scheme, the front-end system receives only the instruction for finishing the verification, but not the verification result, and the verification result obtained by the second background server is obtained from the first background server, so that the verification result cannot be tampered by the front-end system.
The present application further provides an electronic device 500, a schematic structural diagram of which is shown in fig. 5, and specifically includes: a processor 501 and a memory 502, the memory 502 is used for storing programs, and the processor 501 is used for running the programs so as to realize the above-mentioned obtaining method of the verification result.
A computer-readable storage medium having stored therein instructions, which when run on a computer, cause the computer to execute the above-mentioned method for obtaining a verification result.
The functions described in the method of the embodiment of the present application, if implemented in the form of software functional units and sold or used as independent products, may be stored in a storage medium readable by a computing device. Based on such understanding, part of the contribution to the prior art of the embodiments of the present application or part of the technical solution may be embodied in the form of a software product stored in a storage medium and including several instructions to enable a computing device (which may be a personal computer, a background server, a mobile computing device, or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method for obtaining a verification result is characterized by comprising the following steps:
after receiving a target transaction serial number and an identification code of a target interface sent by a front-end system, a first background server judges whether the target transaction serial number exists in a plurality of transaction serial numbers generated in advance;
if the target transaction serial number exists, carrying out preset verification operation corresponding to the target interface according to the identification code of the target interface to obtain a verification result; correspondingly storing the verification result and the target transaction serial number;
and sending an instruction for finishing verification to the front-end system, wherein the instruction carries the target transaction serial number, so that the front-end system sends the target transaction serial number to a second background server, and the second background server obtains the verification result from the first background server according to the target transaction serial number.
2. The method of claim 1, further comprising the first backend server recording the validation result and the target transaction serial number as invalid after the second backend server obtains the validation result.
3. The method of claim 1, wherein the first backend server, before receiving the target transaction serial number and the identification code of the target interface sent by the front-end system, further comprises:
receiving a transaction sequence number allocation request sent by the second background server, wherein the transaction sequence number allocation request at least comprises an identification code of a branch organization and an identification code of the target interface; the second background server determines the identification code of the target interface according to the received transaction request sent by the front-end system, and the branch mechanism is a mechanism to which the second background server belongs;
after confirming that the branch mechanism has the authority of accessing the target interface, generating the target transaction serial number according to a preset transaction serial number generation rule, and sending the target transaction serial number to the second server, so that the second background server sends the target transaction serial number and the identification code of the target interface to the front-end system.
4. The method of claim 3, wherein the process of confirming that the affiliate has permission to access the target interface comprises:
according to the identification code of the branch organization, determining the interface corresponding to the branch organization from a pre-stored authority relation table, wherein the authority relation table specifies the interfaces corresponding to a plurality of branch organizations, and the interface corresponding to any branch organization represents the access authority of the branch organization with the interface;
and judging whether the target interface exists in the interfaces corresponding to the branch mechanisms, and if so, confirming that the branch mechanisms have the authority of accessing the target interface.
5. An apparatus for obtaining a verification result, applied to a first backend server, includes:
the receiving unit is used for receiving the target transaction serial number and the identification code of the target interface sent by the front-end system;
the judging unit is used for judging whether the target transaction serial number exists in a plurality of transaction serial numbers generated in advance; if the target transaction serial number exists, carrying out preset verification operation corresponding to the target interface according to the identification code of the target interface to obtain a verification result, and correspondingly storing the verification result and the target transaction serial number;
and the sending unit is used for sending a verification ending instruction to the front-end system, wherein the instruction carries the target transaction serial number, so that the front-end system sends the target transaction serial number to a second background server, and the second server obtains the verification result from the judging unit according to the target transaction serial number.
6. The apparatus according to claim 5, further comprising a recording unit, configured to record the validation result and the target transaction serial number as invalid after the second backend server obtains the validation result.
7. The device of claim 5, further comprising a generating unit, configured to receive a request for allocating a transaction serial number sent by the second backend server, where the request for allocating a transaction serial number at least includes an identification code of a branch organization and an identification code of the target interface; the second background server determines the identification code of the target interface according to the received transaction request sent by the front-end system, and the branch mechanism is a mechanism to which the second background server belongs;
after confirming that the branch mechanism has the authority of accessing the target interface, generating the target transaction serial number according to a preset transaction serial number generation rule, and sending the target transaction serial number to the second background server, so that the second background server sends the target transaction serial number and the identification code of the target interface to the front-end system.
8. The apparatus of claim 7, wherein the generating unit is configured to confirm that the affiliate has permission to access the target interface, and comprises: the generation unit is specifically configured to determine, according to the identification code of the division organization, an interface corresponding to the division organization from a pre-stored authority relationship table, where the authority relationship table specifies interfaces corresponding to a plurality of division organizations, and an interface corresponding to any one division organization represents that the division organization has an access authority of the interface;
and judging whether the target interface exists in the interfaces corresponding to the branch mechanisms, and if so, confirming that the branch mechanisms have the authority of accessing the target interface.
9. An electronic device, comprising: a processor and a memory for storing a program; the processor is configured to execute the program to implement the method for acquiring the verification result according to any one of claims 1 to 4.
10. A computer-readable storage medium having stored therein instructions which, when run on a computer, cause the computer to execute the method of obtaining a verification result according to any one of claims 1 to 4.
CN201911183423.0A 2019-11-27 2019-11-27 Verification result acquisition method and device Active CN110992022B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911183423.0A CN110992022B (en) 2019-11-27 2019-11-27 Verification result acquisition method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911183423.0A CN110992022B (en) 2019-11-27 2019-11-27 Verification result acquisition method and device

Publications (2)

Publication Number Publication Date
CN110992022A true CN110992022A (en) 2020-04-10
CN110992022B CN110992022B (en) 2023-09-19

Family

ID=70087399

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911183423.0A Active CN110992022B (en) 2019-11-27 2019-11-27 Verification result acquisition method and device

Country Status (1)

Country Link
CN (1) CN110992022B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170195311A1 (en) * 2015-04-21 2017-07-06 Tencent Technology (Shenzhen) Company Limited Login method, server, and login system
CN107730775A (en) * 2017-09-15 2018-02-23 深圳怡化电脑股份有限公司 Self-service dealing method, apparatus, system and electronic equipment
CN109547458A (en) * 2018-12-10 2019-03-29 平安科技(深圳)有限公司 Login validation method, device, computer equipment and storage medium
CN109587126A (en) * 2018-11-26 2019-04-05 平安科技(深圳)有限公司 User anthority identifying method and system
CN109815660A (en) * 2019-01-11 2019-05-28 公安部第三研究所 Identification electronic certificate information obtains verifying system and method
CN109981646A (en) * 2019-03-26 2019-07-05 阿里巴巴集团控股有限公司 Resource transfers method and device and electronic equipment based on block chain
WO2019184120A1 (en) * 2018-03-29 2019-10-03 平安科技(深圳)有限公司 Account management method and apparatus, terminal device, and storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170195311A1 (en) * 2015-04-21 2017-07-06 Tencent Technology (Shenzhen) Company Limited Login method, server, and login system
CN107730775A (en) * 2017-09-15 2018-02-23 深圳怡化电脑股份有限公司 Self-service dealing method, apparatus, system and electronic equipment
WO2019184120A1 (en) * 2018-03-29 2019-10-03 平安科技(深圳)有限公司 Account management method and apparatus, terminal device, and storage medium
CN109587126A (en) * 2018-11-26 2019-04-05 平安科技(深圳)有限公司 User anthority identifying method and system
CN109547458A (en) * 2018-12-10 2019-03-29 平安科技(深圳)有限公司 Login validation method, device, computer equipment and storage medium
CN109815660A (en) * 2019-01-11 2019-05-28 公安部第三研究所 Identification electronic certificate information obtains verifying system and method
CN109981646A (en) * 2019-03-26 2019-07-05 阿里巴巴集团控股有限公司 Resource transfers method and device and electronic equipment based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈静 等: "DES加密算法在银行外联业务中的应用" *

Also Published As

Publication number Publication date
CN110992022B (en) 2023-09-19

Similar Documents

Publication Publication Date Title
CN105591743B (en) Method and device for identity authentication through equipment operation characteristics of user terminal
WO2017124960A1 (en) Method and device for application program to access interface, and method and device for application program to request authorization
CN111030812A (en) Token verification method, device, storage medium and server
CN108683667B (en) Account protection method, device, system and storage medium
CN112000951A (en) Access method, device, system, electronic equipment and storage medium
CN102883324A (en) Security verification method, security verification device and mobile terminal for plugin call in mobile terminal
CN107040560B (en) Service processing method and device based on service platform
CN108073823B (en) Data processing method, device and system
CN106357694B (en) Access request processing method and device
CN110990798B (en) Application program permission configuration method and device, electronic equipment and storage medium
CN110599311A (en) Resource processing method and device, electronic equipment and storage medium
CN113904821A (en) Identity authentication method and device and readable storage medium
CN108881132B (en) Application authorization method, client, server and computer readable medium
CN110895493B (en) Method, device and storage medium for accessing application program interface
CN110851813B (en) Identity verification method, node device of block chain system and block chain system
CN110971609A (en) Anti-cloning method of DRM client certificate, storage medium and electronic equipment
CN111585978A (en) Method, client, server and system for intercepting false requests
CN110992022B (en) Verification result acquisition method and device
CN107977564B (en) Transaction authentication processing method, authentication server, terminal and transaction equipment
CN107872786B (en) Control method and smart card
CN112948812B (en) Verification code distribution method, computing device and storage medium
CN110851881B (en) Security detection method and device for terminal equipment, electronic equipment and storage medium
CN106533685B (en) Identity authentication method, device and system
CN109167785B (en) Calling method of virtual trusted root and service server
CN115941217A (en) Method for secure communication and related product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant