CN111131284B

CN111131284B - Information verification method and device, electronic equipment and computer readable storage medium

Info

Publication number: CN111131284B
Application number: CN201911392246.7A
Authority: CN
Inventors: 陆舟; 于华章
Original assignee: Feitian Technologies Co Ltd
Current assignee: Feitian Technologies Co Ltd
Priority date: 2019-12-30
Filing date: 2019-12-30
Publication date: 2022-07-01
Anticipated expiration: 2039-12-30
Also published as: CN111131284A

Abstract

The present application relates to the field of information security technologies, and in particular, to an information verification method and apparatus, an electronic device, and a computer-readable storage medium. The method comprises the following steps: the server receives message information to be verified sent by the terminal equipment; decrypting the message information to be verified based on a preset private key; performing plaintext information processing on information to be verified based on a plaintext processing mode to obtain processed plaintext information; and comparing the processed plaintext information with preset plaintext information, if the preset plaintext information is the same as the processed plaintext information, verifying the remaining information to be verified after the plaintext information is processed, determining that the remaining information to be verified meets the preset condition, determining that the message information to be verified passes the verification, and returning a notification message that the message information to be verified passes the verification to the terminal equipment. In the application, the verification code does not need to be manually input in the verification process, the processing efficiency is improved, and the use experience of a user is improved.

Description

Information verification method and device, electronic equipment and computer readable storage medium

Technical Field

The present application relates to the field of information security technologies, and in particular, to an information verification method and apparatus, an electronic device, and a computer-readable storage medium.

Background

In the prior art, in order to avoid the non-manual operation, the verification code is usually added during the information transmission. As is well known, several commonly used forms of captcha include: the digital verification code adopts 4-bit or 6-bit random numbers as the verification code, however, the verification effect of the verification mode of the digital verification code is almost zero actually; the random number value picture verification code is that a plurality of characters are displayed on one picture for a user to select, although the difficulty is increased by adding a plurality of interferons or displaying the color of the characters as a random color, the verification function is not satisfactory; the random number and letter combination mode is that the combination of random numbers in various picture formats, random capital and small English characters, random interference pixels and random positions is utilized to improve the safety of information transmission; comparing the mainstream Chinese character verification codes at present, namely randomly generating Chinese characters, and inputting corresponding Chinese characters by a user for verification; and sliding the verification code, namely, downloading the verified picture from the server, and instructing the user to slide the specified picture to the gap to complete verification.

The verification code forms have a certain effect on avoiding non-manual operation, but some corresponding cracking modes have appeared in the prior art, so that the effect of the verification code forms on avoiding the non-manual operation is not great, and the verification code forms are complex to operate by a user, increase the cost of using software by the user and reduce the use experience of the user. Therefore, how to provide an information verification method to effectively avoid non-human operations during information transmission is a technical problem to be solved.

Disclosure of Invention

The application provides an information verification method, an information verification device, electronic equipment and a computer readable storage medium, so that through the information verification mode in the technical scheme of the application, non-manual operation can be effectively avoided during information transmission, the participation of manually inputting verification codes is not needed in the verification process, the processing efficiency is improved, and the use experience of a user is improved.

In a first aspect, an information verification method is provided, including:

the server receives message information to be verified sent by the terminal equipment; the message information to be verified is the message information constructed by the terminal equipment according to the message to be verified containing the user behavior information;

the server decrypts the message information to be verified based on a preset private key; if the decryption is successful, the to-be-verified information and the plaintext processing mode carried in the to-be-verified message information are obtained; if the decryption fails, determining that the message information to be verified is tampered, returning an error notice, and ending the process;

the server carries out plaintext information processing on the information to be verified based on the plaintext processing mode to obtain processed plaintext information;

the server compares the preset plaintext information with the processed plaintext information based on the preset plaintext information to determine whether the preset plaintext information and the processed plaintext information are the same;

if the preset plaintext information is the same as the processed plaintext information, the server verifies the remaining information to be verified after the plaintext information is processed, and determines whether the remaining information to be verified meets a preset condition;

and if the remaining information to be verified is determined to meet the preset condition, the server determines that the message information to be verified passes the verification, and returns a notification message that the message information to be verified passes the verification to the terminal equipment.

In one possible implementation manner, the receiving, by the server, message information to be verified sent by the terminal device includes:

the server receives a login request message sent by the terminal equipment;

the server constructs encrypted message information by utilizing a preset first public key based on the login request message, wherein the encrypted message information carries a second public key;

the server carries the encrypted message information in a login response message and returns the login response message to the terminal equipment, so that the terminal equipment analyzes the encrypted message information in the login response message;

and the server receives message information to be verified which is sent by the terminal equipment and constructed based on a second public key carried in the encrypted message information.

In one possible implementation, the server constructs encrypted message information using a preset first public key based on the login request message, including:

the server constructs message information by utilizing the plaintext information and the second public key based on the login request message;

and the server encrypts the message information based on the preset first public key to obtain the encrypted message information.

In a possible implementation manner, the performing, by the server, plaintext information processing on the information to be verified based on the plaintext processing manner to obtain processed plaintext information includes:

the server carries out plaintext information processing on the information to be verified based on the plaintext processing mode;

when the information to be verified carries a piece of plaintext information, extracting the piece of plaintext information as processed plaintext information;

and when the information to be verified carries at least two pieces of plaintext information, extracting each piece of plaintext information, and splicing the extracted plaintext information to obtain the processed plaintext information.

In a possible implementation manner, the information to be verified includes browser feature information and/or user behavior information, and the server verifies the information to be verified remaining after the plaintext information is extracted, and determines whether the remaining information to be verified meets a preset condition, including:

the server determines whether the browser characteristic information left after the plaintext information is extracted is tampered; if the message information to be verified is not tampered, the server determines that the message information to be verified passes the primary verification; otherwise, the server determines that the message information to be verified is not verified for the first time; and/or the presence of a gas in the gas,

the server verifies the residual user behavior information after the plaintext information is extracted, and determines whether the user behavior corresponding to the user behavior information is normal behavior;

if the user behavior corresponding to the user behavior information is determined to be normal behavior, the server determines that the message information to be verified passes the primary verification; otherwise, the server determines that the initial verification of the message information to be verified fails.

In a possible implementation manner, after the server passes the primary verification of the browser feature information remaining after the plaintext information is extracted and/or the primary verification of the user behavior information remaining after the plaintext information is extracted, the method further includes:

the server matches the stored historical browser characteristic information with the browser characteristic information remaining after the plaintext information is extracted, if the browser characteristic information is matched with the stored historical browser characteristic information, secondary verification of the browser characteristic information is determined to be passed, and the browser characteristic information is stored in the historical browser characteristic information; otherwise, the server determines that the secondary verification of the message information to be verified is not passed; and/or the presence of a gas in the atmosphere,

the server matches the stored historical user behavior information with the user behavior information remaining after the plaintext information is extracted, if the matching is carried out, the secondary verification of the user behavior information is determined to be passed, and the user behavior information is stored in the historical user behavior information; otherwise, the server determines that the secondary verification of the message information to be verified is not passed.

In one possible implementation manner, the determining, by the server, whether the user behavior corresponding to the user behavior information is a normal behavior includes:

the server determines whether each user behavior in the user behavior information is a normal behavior, and if any user behavior is an abnormal behavior, determines that the user behavior corresponding to the user behavior information is an abnormal behavior; and if all the user behaviors in the user behavior information are normal behaviors, determining that the user behavior corresponding to the user behavior information is a normal behavior.

In one possible implementation, the browser feature information includes dynamic browser feature information and/or static browser feature information; the user behavior information comprises the moving speed, the moving acceleration, the moving offset, the moving duration and the clicking time interval of a mouse track;

the server determines whether each user behavior in the user behavior information is a normal behavior, including at least one of:

determining the horizontal moving speed or the vertical moving speed corresponding to a first preset number of continuous data points in the mouse track; if the horizontal moving speeds corresponding to the first preset number of data points are different or the vertical moving speeds corresponding to the first preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior;

determining the horizontal acceleration or the vertical acceleration corresponding to a second preset number of continuous data points in the mouse track; if the horizontal accelerations corresponding to the second preset number of data points are different or the vertical accelerations corresponding to the second preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior;

determining the horizontal offset or the vertical offset corresponding to a third preset number of data points in the mouse track; if the horizontal offset corresponding to the third preset number of data points is not smaller than a first specific threshold or the vertical offset corresponding to the third preset number of data points is not smaller than a first specific threshold, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior;

determining a time difference value between the first data point and the last data point in the mouse track, and recording the time difference value as duration; if the duration is not less than a second specific threshold, determining that the behavior is normal behavior; otherwise, determining that the behavior is abnormal behavior;

determining the time interval from one time of triggering the mouse to bounce; if the time interval is not less than a third specific threshold, determining that the behavior is normal behavior; otherwise, determining that the behavior is abnormal behavior.

In one possible implementation manner, after the server determines that the message information to be verified is not verified for the first time or is not verified for the second time, the method further includes:

the server sends a selection instruction to the terminal equipment to indicate the terminal equipment to determine whether to carry out re-verification; if the terminal equipment determines to perform the re-verification, indicating the terminal equipment to provide corresponding new message information to be verified based on a new verification mode for performing the re-verification; otherwise, the server sends a notification message for prohibiting login to the terminal equipment.

In a second aspect, there is also provided an information verification apparatus, including:

the receiving module is used for receiving message information to be verified sent by the terminal equipment; the message information to be verified is the message information which is constructed by the terminal equipment according to the message to be verified containing the user behavior information;

the decryption module is used for decrypting the message information to be verified by the server based on a preset private key; if the decryption is successful, the to-be-verified information and the plaintext processing mode carried in the to-be-verified message information are obtained; if the decryption fails, determining that the message information to be verified is tampered, returning an error notice, and ending the process;

the first processing module is used for carrying out plaintext information processing on the information to be verified based on the plaintext processing mode to obtain processed plaintext information;

the second processing module is used for comparing the preset plaintext information with the processed plaintext information to determine whether the preset plaintext information and the processed plaintext information are the same;

the third processing module is used for verifying the information to be verified which is left after the plaintext information is processed if the preset plaintext information is the same as the processed plaintext information, and determining whether the left information to be verified meets the preset condition;

and the fourth processing module is used for determining that the message information to be verified passes the verification if the remaining message information to be verified meets the preset conditions, and returning a notification message that the message information to be verified passes the verification to the terminal equipment.

In one possible implementation, the method further includes:

the receiving module is used for receiving a login request message sent by the terminal equipment;

a fifth processing module, configured to construct encrypted message information by using a preset first public key based on the login request message, where the encrypted message information carries a second public key; carrying the encrypted message information in a login response message and returning the encrypted message information to the terminal equipment so that the terminal equipment analyzes the encrypted message information in the login response message;

the receiving module is further configured to receive to-be-verified message information sent by the terminal device and constructed based on the second public key carried in the encrypted message information.

In one possible implementation, the fifth processing module is configured to construct message information by using the plaintext information and the second public key based on the login request message; and encrypting the message information based on the preset first public key to obtain the encrypted message information.

In a possible implementation manner, the first processing module is configured to perform plaintext information processing on the information to be verified based on the plaintext processing manner; when the information to be verified carries a piece of plaintext information, extracting the piece of plaintext information as processed plaintext information; and when the information to be verified carries at least two pieces of plaintext information, extracting each piece of plaintext information, and splicing the extracted plaintext information to obtain the processed plaintext information.

In one possible implementation, the information to be verified includes browser feature information and/or user behavior information,

the third processing module is used for determining whether the browser characteristic information left after the plaintext information is extracted is tampered; if the message information to be verified is not tampered, determining that the message information to be verified passes the primary verification; otherwise, determining that the message information to be verified is not verified for the first time; and/or the presence of a gas in the atmosphere,

the third processing module is used for verifying the residual user behavior information after the plaintext information is extracted, and determining whether the user behavior corresponding to the user behavior information is a normal behavior; if the user behavior corresponding to the user behavior information is determined to be normal behavior, determining that the message information to be verified passes the primary verification; otherwise, determining that the message information to be verified is not verified for the first time.

In a possible implementation manner, the third processing module is further configured to match, based on the stored historical browser feature information, the browser feature information remaining after the plaintext information is extracted, and if the stored historical browser feature information matches the browser feature information remaining after the plaintext information is extracted, determine that secondary verification on the browser feature information passes, and store the browser feature information in the historical browser feature information; otherwise, determining that the secondary verification of the message information to be verified is not passed; and/or the presence of a gas in the gas,

the third processing module is further configured to match the stored historical user behavior information with the user behavior information remaining after the plaintext information is extracted, and if the stored historical user behavior information is matched with the user behavior information remaining after the plaintext information is extracted, determine that the secondary verification of the user behavior information is passed, and store the user behavior information in the historical user behavior information; otherwise, determining that the secondary verification of the message information to be verified is not passed.

In a possible implementation manner, the third processing module is configured to determine whether each user behavior in the user behavior information is a normal behavior, and if any user behavior is an abnormal behavior, determine that a user behavior corresponding to the user behavior information is an abnormal behavior; and if all the user behaviors in the user behavior information are normal behaviors, determining that the user behavior corresponding to the user behavior information is a normal behavior.

the third processing module is specifically configured to determine a horizontal movement speed or a vertical movement speed corresponding to a first preset number of continuous data points in a mouse track; if the horizontal moving speeds corresponding to the first preset number of data points are different or the vertical moving speeds corresponding to the first preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior; and/or the presence of a gas in the gas,

the third processing module is specifically configured to determine a horizontal acceleration or a vertical acceleration corresponding to a second preset number of continuous data points in the mouse track; if the horizontal accelerations corresponding to the second preset number of data points are different or the vertical accelerations corresponding to the second preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior; and/or the presence of a gas in the gas,

the third processing module is specifically configured to determine a horizontal offset or a vertical offset corresponding to a third preset number of data points in the mouse track; if the horizontal offset corresponding to the third preset number of data points is not smaller than a first specific threshold or the vertical offset corresponding to the third preset number of data points is not smaller than a first specific threshold, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior; and/or the presence of a gas in the atmosphere,

the third processing module is specifically configured to determine a time difference between a first data point and a last data point in a mouse track, and record the time difference as a duration; if the duration is not less than a second specific threshold, determining that the behavior is normal behavior; otherwise, determining that the behavior is abnormal behavior; and/or the presence of a gas in the atmosphere,

the third processing module is specifically configured to determine a time interval from one click to bounce when the mouse is triggered; if the time interval is not less than a third specific threshold, determining that the behavior is normal behavior; otherwise, determining that the behavior is abnormal behavior.

In one possible implementation, the method further includes:

a sixth processing module, configured to send a selection instruction to the terminal device, and instruct the terminal device to determine whether to perform re-verification; if the terminal equipment determines to perform the re-verification, indicating the terminal equipment to provide corresponding new message information to be verified based on a new verification mode for performing the re-verification; otherwise, sending a notification message for prohibiting login to the terminal equipment.

In a third aspect, an electronic device is provided, including: a processor and a memory;

the memory is used for storing operation instructions;

the processor is used for executing the information verification method by calling the operation instruction.

In a fourth aspect, a computer-readable storage medium is provided for storing computer instructions which, when executed on a computer, cause the computer to perform the above-described information verification method.

By means of the technical scheme, the technical scheme provided by the application at least has the following advantages:

in the application, the non-manual operation can be effectively avoided when the information is transmitted, and the verification code does not need to be manually input in the verification process, so that the processing efficiency is improved, and the use experience of a user is improved.

Drawings

Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the embodiments of the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:

fig. 1 is a schematic flow chart of an information verification method provided in the present application;

fig. 2 is a schematic processing flow diagram of a possible implementation manner of the information verification method provided in the present application;

fig. 3 is a schematic structural diagram of an information verification apparatus provided in the present application;

fig. 4 is a schematic structural diagram of an electronic device of the information verification method provided in the present application.

Detailed Description

The present application provides an information verification method, an information verification apparatus, an electronic device, and a computer-readable storage medium, and the following describes in detail embodiments of the present application with reference to the accompanying drawings.

Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.

As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.

It will be understood by those within the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.

To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.

As shown in fig. 1, a schematic flow chart of the information verification method provided by the present application includes the following steps:

step S101, a server receives message information to be verified sent by terminal equipment;

the message information to be verified is message information constructed by the terminal equipment according to the message to be verified containing the user behavior information;

step S102, the server decrypts the message information to be verified based on a preset private key;

if the decryption is successful, the to-be-verified information carried in the to-be-verified message information and a plaintext processing mode are obtained; if the decryption fails, determining that the message information to be verified is tampered, returning an error notification, and ending the process;

step S103, the server processes the plaintext information to be verified based on a plaintext processing mode to obtain processed plaintext information;

step S104, the server compares the preset plaintext information with the processed plaintext information to determine whether the preset plaintext information and the processed plaintext information are the same;

if the preset plaintext information is the same as the processed plaintext information, turning to step S105;

step S105, the server verifies the remaining information to be verified after the plaintext information is processed, and determines whether the remaining information to be verified meets a preset condition; if the remaining information to be verified meets the preset conditions, turning to step S106;

and step S106, the server determines that the message information to be verified passes the verification, and returns a notification message that the message information to be verified passes the verification to the terminal equipment.

Based on the technical solution provided by the present application, the following explains the technical solution in detail, as shown in fig. 2, a specific processing flowchart of one possible implementation of the information verification method provided by the present application.

For the present application, in one possible implementation, the processing of step S101 described above specifically includes the processing of step S201 to step S206 described below.

In step S201, the terminal device sends a login request message to the server.

In one possible implementation, the terminal device sends a corresponding login request message to the server when it desires to access the page of the server.

Step S202, the server constructs encrypted message information.

In a possible implementation manner, after receiving a login request message sent by a terminal device, a server constructs encrypted message information by using a preset first public key based on the login request message, and the encrypted message information carries a second public key.

In a possible implementation manner, the process of constructing encrypted message information specifically includes:

the server constructs message information by utilizing the plaintext information and the second public key based on the login request message; and the server encrypts the message information based on the preset first public key to obtain the encrypted message information. For the encrypted message information constructed by the server, the encrypted message information can comprise three parts, namely plaintext information, a second public key and expiration time; the plaintext information is a unique character string, which may be a user ID, a timestamp, or the like; the second public key is used for encrypting the sent information to be verified at the later stage of the terminal equipment; the expiration time is time information of a similar time interval, which may indicate how long the message information has failed, etc.

Step S203, the server sends the encrypted message information to the terminal device.

In one possible implementation manner, after the server completes the construction of the encrypted message information, the server will return the encrypted message information to the terminal device by carrying the encrypted message information in the login response message.

And step S204, the terminal equipment analyzes the encrypted message information.

In a possible implementation manner, after receiving the login response message, the terminal device analyzes the encrypted message information carried in the login response message based on the preconfigured first public key, so as to obtain plaintext information, a second public key and expiration time in the encrypted message information.

In step S205, the terminal device constructs message information to be verified.

In a possible implementation manner, when message information to be verified is constructed, the terminal device may acquire at least one of browser characteristic information and user behavior information of a browser, and when one of the browser characteristic information and the user behavior information is acquired, directly embed plaintext information into the browser characteristic information and the user behavior information, and encrypt the information embedded with the plaintext information and a plaintext processing manner according to a second public key to acquire the message information to be verified;

when the browser characteristic information and the user behavior information are acquired, the plaintext information is split according to a preset plaintext processing mode to acquire two parts of plaintext information, the split plaintext information is respectively spliced on the browser characteristic information and the user behavior information, and after splicing is completed, the spliced browser characteristic information, the spliced user behavior information and the plaintext processing mode are encrypted according to a second public key to acquire message information to be verified.

The plaintext processing mode may be a random dispersion mode, that is, the information is randomly divided into several parts, and the parts are randomly dispersed to random positions of the information.

For the above browser feature information, the browser feature information may include dynamic browser feature information and static browser feature information; the static browser characteristic information is information directly acquired through a browser object, and comprises an IP address of the browser, a user agent in a browser http request, a language of the browser, color information of an equipment screen, the width and the height of the equipment screen, time difference between Greenwich mean time and local time, whether sessionStorage is supported, whether localStorage is supported, whether indedDB is supported, whether a dominant, body, addB, havier (an attribute of an IE 5) is supported, whether a local database is supported and called, a CPU level of a system where the browser is located, an operating system of a client, whether a Do not track function is supported, and browser part plug-in information, namely flash plug-in, real pages, Skype and the like are acquired; the dynamic browser characteristic information is dynamic information obtained by the terminal device through calculation, and includes canvas fingerprints (unique for one device and one browser), that is, the canvas fingerprints of different browsers on the same device are different, the canvas fingerprints of different devices on the same browser are different, and the canvas fingerprints of different devices on different browsers are also different.

The user behavior information may include a sliding track characteristic of the mouse, the number of clicks, and a time interval from the pressing of the mouse to the popping. And calculating information such as the moving speed, the moving acceleration, the moving offset, the moving duration, the clicking time interval and the like of the mouse track by acquiring information such as the type of the mouse message, the X coordinate, the Y coordinate and the timestamp. Through the user behaviors, whether the current access is a normal behavior of a person or a suspicious behavior which is not artificial can be effectively judged.

Step S206, the terminal device sends message information to be verified to the server.

In one possible implementation manner, after the message information to be verified is constructed, the terminal device uploads the message information to be verified to the server.

With respect to the present application, in one possible implementation, the aforementioned process of step S102 specifically includes the process of step S207 described below.

Step S207, the server decrypts the message information to be verified.

In a possible implementation manner, after receiving message information to be verified, the server decrypts the message information to be verified based on a pre-configured private key, and if decryption is successful, obtains the carried message information to be verified (the spliced browser feature information and/or the spliced user behavior information) and a plaintext processing manner; if the decryption fails, the message information to be verified is confirmed to be tampered, an error notice is returned, and the process is ended.

For the present application, in one possible implementation, the aforementioned processing of step S103 specifically includes the processing of step S208 described below.

In step S208, the server extracts plaintext information from the information to be verified.

In one possible implementation manner, the server extracts plaintext information from the information to be verified based on the obtained plaintext processing manner; if the information to be verified is one of browser characteristic information or user behavior information, namely the information to be verified carries a piece of plaintext information, extracting the piece of plaintext information as processed plaintext information;

if the information to be verified is the browser characteristic information and the user behavior information, namely the information to be verified carries at least two pieces of plaintext information, extracting the at least two pieces of plaintext information, and splicing the at least two pieces of plaintext information to obtain the processed plaintext information.

For the present application, in one possible implementation, the aforementioned processing of step S104 specifically includes the processing of step S209 described below.

In step S209, the server performs plaintext information comparison.

In a possible implementation manner, when the server obtains the processed plaintext information, the server compares the stored plaintext information with the processed plaintext information to determine whether the stored plaintext information and the processed plaintext information are the same; if the two are the same, go to step S210; otherwise, go to step S215.

For the present application, in one possible implementation, the aforementioned processing of step S105 specifically includes the processing of step S210 described below.

In step S210, the server verifies the information to be verified after the plaintext information is extracted.

In a possible implementation manner, after determining that the plaintext information is the same, the server verifies the information to be verified after the plaintext information is extracted, and determines whether the remaining information to be verified meets a preset condition.

In one possible implementation manner, when verifying the information to be verified, different processing manners may be adopted according to the difference between the information to be verified:

in the first processing mode, the information to be verified is the characteristic information of the browser left after the plaintext information is extracted

The server verifies the browser characteristic information left after the plaintext information is extracted, and the verification processing comprises the following steps:

the server determines whether the browser characteristic information left after the plaintext information is extracted is tampered; if the message information to be verified is not tampered, the server determines that the message information to be verified passes the primary verification; otherwise, the server determines that the message to be verified is not verified for the first time, and goes to step S213.

Further, after the server passes the primary verification of the browser feature information, the server also needs to perform secondary verification on the browser feature information, including:

the server matches the stored historical browser feature information with the browser feature information remaining after the plaintext information is extracted, if the stored historical browser feature information is matched with the browser feature information remaining after the plaintext information is extracted, secondary verification of the browser feature information is determined to be passed, the browser feature information is stored in the historical browser feature information, and then the step S211 is turned to; otherwise, the server determines that the message information to be verified is not verified for the second time, and goes to step S213.

The historical browser feature information is information formed by all browser feature information which passes the secondary verification.

In a specific embodiment, for verification according to historical browser feature information, such as an IP address, when it is determined that a current IP address is different from any IP address in the stored history, the IP address is determined to be a new IP address, so as to subsequently remind a user whether to continue verification.

In the second processing mode, the information to be verified is the residual user behavior information after the plaintext information is extracted

The server verifies the user behavior information left after the plaintext information is extracted, and the verification processing comprises the following steps:

if the user behavior corresponding to the user behavior information is determined to be normal behavior, the server determines that the message information to be verified passes the primary verification; otherwise, the server determines that the message to be verified is not verified for the first time, and goes to step S213.

Further, after the server passes the primary verification of the user behavior information, it needs to perform secondary verification on the user behavior information, which includes:

the server matches the stored historical user behavior information with the user behavior information remaining after the plaintext information is extracted, if the matching is successful, the secondary verification of the user behavior information is determined to be passed, the user behavior information is stored in the historical user behavior information, and then the step S211 is executed; otherwise, the server determines that the message information to be verified is not verified for the second time, and goes to step S213.

The user behavior feature information is information composed of all user behavior information that passes the secondary verification.

For the above-mentioned first processing method and the second processing method, in a specific embodiment, they may be present alone or both may coexist; when the message to be verified exists independently, the message to be verified can be verified to pass only by one of the browser characteristic information and the user behavior information after secondary verification; when the browser feature information and the user behavior information coexist, the verification of the message information to be verified can be determined after the two kinds of information, namely the browser feature information and the user behavior information, pass the secondary verification.

In one possible implementation, the determining, by the server, whether the user behavior corresponding to the user behavior information is a normal behavior may include:

the server determines whether each user behavior in the user behavior information is a normal behavior, and if any user behavior is an abnormal behavior, determines that the user behavior corresponding to the user behavior information is the abnormal behavior; and if all the user behaviors in the user behavior information are normal behaviors, determining that the user behavior corresponding to the user behavior information is a normal behavior.

Specifically, as long as all the user behaviors are normal user behaviors, the user behavior corresponding to the user behavior information is the normal behavior; and once any user behavior is abnormal, the user behavior corresponding to the user behavior information is abnormal.

Further, the user behavior information may include a movement speed, a movement acceleration, a movement offset, a movement duration, and a click time interval of the mouse;

the server determines whether each user behavior in the user behavior information is a normal behavior, and the determination includes at least one of the following:

determining the horizontal moving speed or the vertical moving speed corresponding to a first preset number of continuous data points in the mouse track; if the horizontal moving speeds corresponding to the first preset number of data points are different or the vertical moving speeds corresponding to the first preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal;

specifically, the moving speed v of a single data point in the mouse trajectory is decomposed into a moving speed in the horizontal direction and a moving speed in the vertical direction. For the horizontal direction, when calculating the horizontal moving speed in the horizontal direction, a current data point is selected, the difference between the horizontal coordinates of the current data point and the previous data point is calculated, and then the difference is divided by the difference of the time stamps to obtain the horizontal moving speed of the current data point. Similarly, the vertical movement speed can be calculated. If the horizontal moving speed or the vertical moving speed has the equal speed of 3 continuous points or more, the user behavior is considered as abnormal behavior, otherwise, the user behavior is normal behavior;

determining the horizontal acceleration or the vertical acceleration corresponding to a second preset number of continuous data points in the mouse track; if the horizontal accelerations corresponding to the second preset number of data points are different or the vertical accelerations corresponding to the second preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal;

specifically, the velocity values that have been calculated may be used in calculating the acceleration, with the acceleration direction and the velocity direction being coincident. The acceleration of the current data point can be obtained by selecting a current data point, calculating the difference between the velocities of the current data point and the previous data point, and dividing the difference by the difference between the timestamps of the current data point and the previous data point. For horizontal acceleration or vertical acceleration, if the accelerations of 3 or more continuous data points are not equal, determining that the behavior is normal behavior; otherwise, determining that the behavior is abnormal;

determining the horizontal offset or the vertical offset corresponding to a third preset number of data points in the mouse track; if the horizontal offset corresponding to the third preset number of data points is not smaller than the first specific threshold or the vertical offset corresponding to the third preset number of data points is not smaller than the first specific threshold, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal;

specifically, for horizontal movement, the amount of movement offset in the vertical direction is calculated, and the absolute values of the differences between the vertical coordinates of each adjacent several data points in the movement trajectory are summed to sumX. Similarly, for vertical movement, the horizontal offset is calculated to be sumY. If sumX is less than a certain value or sumY is less than a certain value, it is considered abnormal behavior; otherwise, normal behavior.

Determining a time difference value between the first data point and the last data point in the mouse track, and recording the time difference value as duration; if the duration is not less than a second specific threshold, determining that the behavior is normal; otherwise, determining that the behavior is abnormal;

specifically, the duration for one movement in the mouse trajectory refers to the time difference between the first and last data points in one movement. Calculating the moving duration time1 according to the sent data (the time of moving from the mouse to the login box and the time of clicking), and when the time1 is less than a certain value, the behavior is abnormal; otherwise, normal behavior;

determining the time interval from one time of triggering the mouse to bounce; if the time interval is not less than a third specific threshold, determining that the behavior is normal; otherwise, the behavior is determined to be abnormal.

Specifically, the duration time2 from the time when the mouse is operated to the time when the mouse bounces after the login button is clicked is calculated according to the information sent by the client, and when the time2 is smaller than a certain value, abnormal behaviors are considered; otherwise, normal behavior.

For the present application, in one possible implementation, the processing of step S106 described above specifically includes the processing of steps S211 to S212 described below.

In step S211, the server determines that the message to be verified passes the verification.

In a possible implementation manner, by the processing of the plaintext information verification and the information verification to be verified, multiple protections of the message information to be verified are realized, and the security of the transmitted information is improved.

Step S212, the server returns a notification message that the message information to be verified passes the verification to the terminal device.

In a possible implementation manner, after the server passes the verification of the message information to be verified, the server sends a corresponding notification message that the verification passes to inform the terminal device that the message information to be verified passes the verification, and the process is ended.

In one possible implementation, when the server fails to verify the message information to be verified (including the primary verification failure and the secondary verification failure), the following processing may be included:

in step S213, the server transmits a selection instruction to the terminal device.

In a possible implementation manner, after the server fails to verify the message information to be verified for the first time or fails to verify the message information for the second time, the server sends a selection instruction to the terminal device, and the terminal device is instructed to determine whether to perform re-verification; if the terminal equipment determines to perform the re-verification, the step S214 is carried out; otherwise, the process goes to step S215.

In step S214, the server instructs the terminal device to perform re-authentication based on the new authentication method.

In a possible implementation manner, the server may indicate that the terminal device may perform new verification, the verification may adopt a new verification manner, and the process ends; the verification method may include sliding verification, chinese character verification, and the like. The processing of the verification method is the same as the conventional verification processing method in the prior art, and therefore, detailed description thereof is omitted.

In step S215, the server transmits a notification message to prohibit login.

In one possible implementation, if the terminal device determines that re-authentication is no longer to be performed, the server sends a notification message to the terminal device directly to prohibit login.

According to the method and the device, the non-manual operation can be effectively avoided during information transmission, the verification code does not need to be manually input in the verification process, the processing efficiency is improved, and the use experience of a user is improved; and multiple protection of the message information to be verified is realized by the multi-step verification mode, and the safety of the transmitted information is improved.

Based on the technical solution of the information verification method provided in the present application, the present application correspondingly provides a schematic structural diagram of an information verification apparatus, as shown in fig. 3, an information verification apparatus 30 of the present application may include:

the receiving module 31 is configured to receive message information to be verified sent by a terminal device; the message information to be verified is the message information which is constructed by the terminal equipment according to the message to be verified containing the user behavior information;

the decryption module 32 is used for decrypting the message information to be verified based on a preset private key by the server; if the decryption is successful, the to-be-verified information carried in the to-be-verified message information and a plaintext processing mode are obtained; if the decryption fails, determining that the message information to be verified is tampered, returning an error notification, and ending the process;

the first processing module 33 is configured to perform plaintext information processing on the information to be verified based on a plaintext processing manner, so as to obtain processed plaintext information;

the second processing module 34 is configured to compare the preset plaintext information with the processed plaintext information to determine whether the preset plaintext information and the processed plaintext information are the same;

the third processing module 35 is configured to, if the preset plaintext information is the same as the processed plaintext information, verify the remaining information to be verified after the plaintext information is processed, and determine whether the remaining information to be verified meets a preset condition;

the fourth processing module 36 is configured to determine that the message information to be verified passes the verification if it is determined that the remaining information to be verified meets the preset condition, and return a notification message that the message information to be verified passes the verification to the terminal device.

In one possible implementation, the method further includes:

a receiving module 31, configured to receive a login request message sent by a terminal device;

a fifth processing module 37, configured to construct encrypted message information by using the preset first public key based on the login request message, where the encrypted message information carries the second public key; carrying the encrypted message information in the login response message and returning the encrypted message information to the terminal equipment so that the terminal equipment analyzes the encrypted message information in the login response message;

the receiving module 31 is further configured to receive to-be-verified message information sent by the terminal device and constructed based on the second public key carried in the encrypted message information.

In one possible implementation, the fifth processing module 37 is configured to construct message information by using the plaintext information and the second public key based on the login request message; and encrypting the message information based on a preset first public key to obtain the encrypted message information.

In one possible implementation, the first processing module 33 is configured to perform plaintext information processing on the to-be-verified information based on a plaintext processing manner; when the information to be verified carries a piece of plaintext information, extracting a piece of plaintext information as processed plaintext information; when the information to be verified carries at least two pieces of plaintext information, extracting each piece of plaintext information, and splicing the extracted plaintext information to obtain the processed plaintext information.

In one possible implementation, the information to be verified includes browser characteristic information and/or user behavior information,

the third processing module 35 is configured to determine whether the browser feature information remaining after the plaintext information is extracted is tampered; if the message information to be verified is not tampered, determining that the message information to be verified passes the primary verification; otherwise, determining that the message information to be verified is not verified for the first time; and/or the presence of a gas in the gas,

the third processing module 35 is configured to verify the remaining user behavior information after the plaintext information is extracted, and determine whether the user behavior corresponding to the user behavior information is a normal behavior; if the user behavior corresponding to the user behavior information is determined to be normal behavior, determining that the message information to be verified passes the primary verification; otherwise, determining that the message information to be verified is not verified for the first time.

In a possible implementation manner, the third processing module 35 is further configured to match the stored historical browser feature information with the browser feature information remaining after the plaintext information is extracted, and if the stored historical browser feature information matches the browser feature information remaining after the plaintext information is extracted, determine that secondary verification on the browser feature information is passed, and store the browser feature information in the historical browser feature information; otherwise, determining that the message information to be verified fails to pass the secondary verification; and/or the presence of a gas in the gas,

the third processing module 35 is further configured to match the stored historical user behavior information with the user behavior information remaining after the plaintext information is extracted, and if the stored historical user behavior information is matched with the user behavior information remaining after the plaintext information is extracted, determine that the secondary verification of the user behavior information is passed, and store the user behavior information in the historical user behavior information; otherwise, determining that the secondary verification of the message information to be verified is not passed.

In a possible implementation manner, the third processing module 35 is configured to determine whether each user behavior in the user behavior information is a normal behavior, and if any user behavior is an abnormal behavior, determine that the user behavior corresponding to the user behavior information is an abnormal behavior; and if all the user behaviors in the user behavior information are normal behaviors, determining that the user behavior corresponding to the user behavior information is a normal behavior.

In one possible implementation, the browser feature information includes dynamic browser feature information and/or static browser feature information; the user behavior information comprises the moving speed, the moving acceleration, the moving offset, the moving duration and the clicking time interval of the mouse track;

the third processing module 35 is specifically configured to determine a horizontal movement speed or a vertical movement speed corresponding to a first preset number of continuous data points in the mouse track; if the horizontal moving speeds corresponding to the first preset number of data points are different or the vertical moving speeds corresponding to the first preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal; and/or the presence of a gas in the gas,

the third processing module 35 is specifically configured to determine a horizontal acceleration or a vertical acceleration corresponding to a second preset number of continuous data points in the mouse track; if the horizontal accelerations corresponding to the second preset number of data points are different or the vertical accelerations corresponding to the second preset number of data points are different, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal; and/or the presence of a gas in the gas,

the third processing module 35 is specifically configured to determine a horizontal offset or a vertical offset corresponding to a third preset number of data points in the mouse track; if the horizontal offset corresponding to the third preset number of data points is not smaller than the first specific threshold or the vertical offset corresponding to the third preset number of data points is not smaller than the first specific threshold, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior; and/or the presence of a gas in the gas,

the third processing module 35 is specifically configured to determine a time difference between a first data point and a last data point in the mouse track, and record the time difference as a duration; if the duration is not less than a second specific threshold, determining that the behavior is normal; otherwise, determining that the behavior is abnormal; and/or, the third processing module 35 is specifically configured to determine a time interval from one click to bounce when the mouse is triggered; if the time interval is not less than a third specific threshold, determining that the behavior is normal; otherwise, the behavior is determined to be abnormal.

In one possible implementation, the method further includes:

a sixth processing module 38, configured to send a selection instruction to the terminal device, and instruct the terminal device to determine whether to perform re-authentication; if the terminal equipment determines to perform the re-verification, indicating the terminal equipment to provide corresponding new message information to be verified based on a new verification mode for performing the re-verification; otherwise, sending a notification message for prohibiting login to the terminal equipment.

According to the method and the device, the non-manual operation can be effectively avoided during information transmission, the participation of manually inputting the verification code is not needed in the verification process, the processing efficiency is improved, and the use experience of a user is improved; and through the proposal of the multi-step verification mode, the multi-protection of the message information to be verified is realized, and the safety of the transmitted information is improved.

Referring now to fig. 4, shown is a schematic diagram of an electronic device (e.g., the terminal device in fig. 1) 400 suitable for implementing embodiments of the present application. The terminal device in the embodiments of the present application may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a PMP (portable multimedia player), a vehicle terminal (e.g., a car navigation terminal), and the like, and a fixed terminal such as a digital TV, a desktop computer, and the like. The electronic device shown in fig. 4 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.

As shown in fig. 4, electronic device 400 may include a processing device (e.g., central processing unit, graphics processor, etc.) 401 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)402 or a program loaded from a storage device 408 into a Random Access Memory (RAM) 403. In the RAM 403, various programs and data necessary for the operation of the electronic apparatus 400 are also stored. The processing device 401, the ROM 402, and the RAM 403 are connected to each other via a bus 404. An input/output (I/O) interface 405 is also connected to bus 404.

Generally, the following devices may be connected to the I/O interface 405: input devices 406 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; an output device 407 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage devices 408 including, for example, magnetic tape, hard disk, etc.; and a communication device 409. The communication device 409 may allow the electronic device 400 to communicate with other devices, either wirelessly or by wire, to exchange data. While fig. 4 illustrates an electronic device 400 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.

In particular, according to embodiments of the application, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication device 409, or installed from the storage device 408, or installed from the ROM 402. The computer program, when executed by the processing device 401, performs the above-described functions defined in the methods of the embodiments of the present application.

It should be noted that the computer readable medium mentioned above in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.

The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.

The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring at least two internet protocol addresses; sending a node evaluation request comprising the at least two internet protocol addresses to node evaluation equipment, wherein the node evaluation equipment selects the internet protocol addresses from the at least two internet protocol addresses and returns the internet protocol addresses; receiving an internet protocol address returned by the node evaluation equipment; wherein the obtained internet protocol address indicates an edge node in the content distribution network.

Alternatively, the computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a node evaluation request comprising at least two internet protocol addresses; selecting an internet protocol address from the at least two internet protocol addresses; returning the selected internet protocol address; wherein the received internet protocol address indicates an edge node in the content distribution network.

Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units described in the embodiments of the present application may be implemented by software or hardware. Where the name of a unit does not in some cases constitute a limitation of the unit itself, for example, the first retrieving unit may also be described as a "unit for retrieving at least two internet protocol addresses".

The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the disclosure. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

The electronic device provided in the present application is applicable to any embodiment of the above-mentioned key device login verification method, and is not described herein again.

According to the method and the device, the non-manual operation can be effectively avoided during information transmission, the verification code does not need to be manually input in the verification process, the processing efficiency is improved, and the use experience of a user is improved; and through the proposal of the multi-step verification mode, the multi-protection of the message information to be verified is realized, and the safety of the transmitted information is improved.

The present application provides a computer-readable storage medium storing computer instructions that cause a computer to execute the key device login authentication method shown in the above-described embodiment.

The computer-readable storage medium provided in the present application is applicable to any embodiment of the above-described key device login verification method, and is not described herein again.

It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the aspects specified in the block diagrams and/or flowchart block or blocks of the present disclosure.

The modules of the device can be integrated into a whole or can be separately deployed. The modules can be combined into one module, and can also be further split into a plurality of sub-modules.

Those skilled in the art will appreciate that the drawings are merely schematic representations of one preferred embodiment and that the blocks or flow diagrams in the drawings are not necessarily required to practice the present application.

Those skilled in the art will appreciate that the modules in the devices in the embodiments may be distributed in the devices in the embodiments according to the description of the embodiments, and may be correspondingly changed in one or more devices different from the embodiments. The modules of the above embodiments may be combined into one module, or further split into multiple sub-modules.

The above application serial numbers are for descriptive purposes only and do not represent the merits of the embodiments.

The disclosure of the present application is only a few specific embodiments, but the present application is not limited to these, and any variations that can be made by those skilled in the art are intended to fall within the scope of the present application.

Claims

1. An information verification method, comprising:

the server receives a login request message sent by the terminal equipment;

the server constructs encrypted message information by using a preset first public key based on the login request message, wherein the encrypted message information carries plaintext information and a second public key, and the plaintext information is a unique character string;

the server receives message information to be verified, which is sent by the terminal device and constructed based on a second public key carried in the encrypted message information, wherein the message information to be verified comprises browser characteristic information and/or user behavior information, the message information to be verified is obtained by the terminal device by embedding plaintext information obtained by analysis into the message information to be verified in a preset plaintext processing mode and encrypting the message information to be verified with the plaintext information and the plaintext processing mode by the second public key obtained by analysis, and the user behavior information comprises the movement speed, the movement acceleration, the movement offset, the movement duration and the click time interval of a mouse track;

the server decrypts the message information to be verified based on a preset private key; if the decryption is successful, the information to be verified and a plaintext processing mode carried in the message information to be verified are obtained; if the decryption fails, determining that the message information to be verified is tampered, returning an error notice, and ending the process;

if the fact that the remaining information to be verified meets the preset conditions is determined, the server determines that the message information to be verified passes the verification, and returns a notification message that the message information to be verified passes the verification to the terminal equipment;

when the information to be verified comprises browser characteristic information or user behavior information, the message information to be verified is obtained by directly placing plaintext information obtained by analysis into the browser characteristic information or the user behavior information by the terminal equipment and encrypting the information to be verified with the plaintext information placed in the plaintext information and the plaintext processing mode by a second public key obtained by analysis; and

when the information to be verified comprises browser characteristic information and user behavior information, the message information to be verified is obtained by the terminal device by splitting the plaintext information obtained through analysis into at least two parts in a random dispersion mode, splicing the split plaintext information on the browser characteristic information and the user behavior information respectively, and encrypting the spliced browser characteristic information, the spliced user behavior information and the spliced plaintext information in a random dispersion mode by using a second public key obtained through analysis.

2. The method of claim 1, wherein the server constructs encrypted message information using a preset first public key based on the login request message, comprising:

3. The method according to claim 1, wherein the server performs plaintext information processing on the information to be verified based on the plaintext processing manner to obtain processed plaintext information, and the method comprises:

4. The method according to claim 1, wherein the information to be verified includes browser feature information and/or user behavior information, and the server verifies the information to be verified remaining after the plaintext information is extracted, and determines whether the remaining information to be verified meets a preset condition, including:

5. The method according to claim 4, wherein after the initial verification of the browser feature information remaining after the plaintext information is extracted and/or the initial verification of the user behavior information remaining after the plaintext information is extracted, the server further comprises:

the server matches the stored historical browser characteristic information with the browser characteristic information remaining after the plaintext information is extracted, if the browser characteristic information is matched with the stored historical browser characteristic information, secondary verification of the browser characteristic information is determined to be passed, and the browser characteristic information is stored in the historical browser characteristic information; otherwise, the server determines that the secondary verification of the message information to be verified does not pass; and/or the presence of a gas in the gas,

6. The method of claim 5, wherein the server determining whether the user behavior corresponding to the user behavior information is a normal behavior comprises:

7. The method of claim 6, wherein the browser feature information comprises dynamic browser feature information and/or static browser feature information;

8. The method according to claim 4 or 5, wherein after the server determines that the message information to be verified is not verified for the first time or not verified for the second time, the method further comprises:

9. An information authentication apparatus characterized by comprising:

a fifth processing module, configured to construct encrypted message information by using a preset first public key based on the login request message, where the encrypted message information carries plaintext information and a second public key; carrying the encrypted message information in a login response message and returning the encrypted message information to the terminal equipment so that the terminal equipment analyzes the encrypted message information in the login response message;

the receiving module is further configured to receive to-be-verified message information sent by the terminal device and constructed based on a second public key carried in the encrypted message information, where the to-be-verified message information includes browser feature information and/or user behavior information, the to-be-verified message information is obtained by the terminal device by placing plaintext information obtained through parsing into the to-be-verified message by using a preset plaintext processing manner, and encrypting the to-be-verified information in which the plaintext information is placed and the plaintext processing manner by using the second public key obtained through parsing, and the user behavior information includes a movement speed, a movement acceleration, a movement offset, a movement duration and a click time interval of a mouse track;

the decryption module is used for decrypting the message information to be verified based on a preset private key; if the decryption is successful, the to-be-verified information and the plaintext processing mode carried in the to-be-verified message information are obtained; if the decryption fails, determining that the message information to be verified is tampered, returning an error notice, and ending the process;

the fourth processing module is used for determining that the message information to be verified passes the verification if the remaining message information to be verified meets the preset conditions, and returning a notification message that the message information to be verified passes the verification to the terminal equipment;

when the information to be verified comprises browser characteristic information and user behavior information, the message information to be verified is obtained by the terminal device by splitting plaintext information obtained by analysis into at least two parts in a random dispersion mode, splicing the split plaintext information on the browser characteristic information and the user behavior information respectively, and encrypting the spliced browser characteristic information, the spliced user behavior information and the spliced random dispersion mode by a second public key obtained by analysis.

10. The information authentication apparatus according to claim 9, wherein the fifth processing module is configured to construct message information using the plaintext information and the second public key based on the login request message; and encrypting the message information based on the preset first public key to obtain the encrypted message information.

11. The information verification apparatus according to claim 9, wherein the first processing module is configured to perform plaintext information processing on the information to be verified based on the plaintext processing manner; when the information to be verified carries a piece of plaintext information, extracting the piece of plaintext information as processed plaintext information; and when the information to be verified carries at least two pieces of plaintext information, extracting each piece of plaintext information, and splicing the extracted pieces of plaintext information to obtain the processed plaintext information.

12. The information authentication apparatus according to claim 9, wherein the information to be authenticated includes browser feature information and/or user behavior information,

the third processing module is used for determining whether the browser characteristic information left after the plaintext information is extracted is tampered; if the message information to be verified is not tampered, determining that the message information to be verified passes the primary verification; otherwise, determining that the message information to be verified is not verified for the first time; and/or the presence of a gas in the gas,

13. The information authentication apparatus according to claim 12,

the third processing module is further configured to match the stored historical browser feature information with the browser feature information remaining after the plaintext information is extracted, and if the stored historical browser feature information is matched with the browser feature information remaining after the plaintext information is extracted, determine that secondary verification on the browser feature information is passed, and store the browser feature information in the historical browser feature information; otherwise, determining that the secondary verification of the message information to be verified is not passed; and/or the presence of a gas in the gas,

the third processing module is further configured to match the stored historical user behavior information with the user behavior information remaining after the plaintext information is extracted, determine that the secondary verification of the user behavior information is passed if the stored historical user behavior information is matched with the user behavior information remaining after the plaintext information is extracted, and store the user behavior information in the historical user behavior information; otherwise, determining that the secondary verification of the message information to be verified is not passed.

14. The information verification apparatus according to claim 13, wherein the third processing module is configured to determine whether each user behavior in the user behavior information is a normal behavior, and if any user behavior is an abnormal behavior, determine that a user behavior corresponding to the user behavior information is an abnormal behavior; and if all the user behaviors in the user behavior information are normal behaviors, determining that the user behavior corresponding to the user behavior information is a normal behavior.

15. The information authentication apparatus according to claim 14, wherein the browser feature information includes dynamic browser feature information and/or static browser feature information; the user behavior information comprises the moving speed, the moving acceleration, the moving offset, the moving duration and the clicking time interval of a mouse track;

the third processing module is specifically configured to determine a horizontal offset or a vertical offset corresponding to a third preset number of data points in the mouse track; if the horizontal offset corresponding to the third preset number of data points is not smaller than a first specific threshold or the vertical offset corresponding to the third preset number of data points is not smaller than a first specific threshold, determining that the behavior is a normal behavior; otherwise, determining that the behavior is abnormal behavior; and/or the presence of a gas in the gas,

the third processing module is specifically configured to determine a time difference between a first data point and a last data point in a mouse track, and record the time difference as a duration; if the duration is not less than a second specific threshold, determining that the behavior is normal behavior; otherwise, determining that the behavior is abnormal behavior; and/or the presence of a gas in the gas,

16. The information authentication apparatus according to claim 14 or 15, further comprising:

17. An electronic device, comprising: a processor and a memory;

the memory is used for storing operation instructions;

the processor is configured to execute the information verification method according to any one of the above claims 1 to 8 by calling the operation instruction.

18. A computer-readable storage medium for storing computer instructions which, when executed on a computer, cause the computer to perform the information verification method of any one of claims 1 to 8.