CN111191215A - Safety equipment identification method and system - Google Patents

Safety equipment identification method and system Download PDF

Info

Publication number
CN111191215A
CN111191215A CN201911164078.6A CN201911164078A CN111191215A CN 111191215 A CN111191215 A CN 111191215A CN 201911164078 A CN201911164078 A CN 201911164078A CN 111191215 A CN111191215 A CN 111191215A
Authority
CN
China
Prior art keywords
transaction
login
verification
historical
behavior data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911164078.6A
Other languages
Chinese (zh)
Inventor
夏焕钊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New Tech Co Ltd
Original Assignee
New Tech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New Tech Co Ltd filed Critical New Tech Co Ltd
Priority to CN201911164078.6A priority Critical patent/CN111191215A/en
Publication of CN111191215A publication Critical patent/CN111191215A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a method and a system for identifying safety equipment, wherein the method comprises the following steps: receiving a login verification or transaction verification request carrying a target equipment identifier sent when the target equipment performs login operation or transaction operation; acquiring historical data corresponding to the target equipment identifier, wherein the historical data comprises: historical login behavior data of login operation and historical transaction behavior data of transaction operation are carried out on the target equipment; determining whether the target equipment is safety equipment or not according to the acquired historical data corresponding to the target equipment identifier; and returning a login verification or transaction verification response corresponding to the login verification or transaction verification request to the target equipment according to the determination result. Because the transaction operation verification mode has higher safety verification operation than the login operation verification mode, compared with the prior art, the invention increases historical transaction behavior data to identify the safety equipment, is more reliable than the single use of the historical login data and the equipment information, and simultaneously shortens the period of safety equipment identification.

Description

Safety equipment identification method and system
Technical Field
The invention relates to the technical field of computer security information, in particular to a security device identification method and system.
Background
With the development of internet technology and big data technology, the development of internet finance and banking retail transformation is rapid in recent years, and under the condition of high-speed business development, the control of security risks becomes an essential part of each financial company. In the wind control system of an enterprise, equipment fingerprints, common equipment and safety equipment are indispensable parts of the wind control system. Many of the wind control systems primarily identify the device as the user's security device based on the number of times or days the user logs in to the device. This security device identification scheme has two drawbacks: 1. after obtaining personal information (account number, password and the like) of a user, an attacker logs in on own equipment of the attacker for multiple times so as to change the equipment of the attacker into safety equipment corresponding to a user account, and then performs high threshold operations such as transfer and the like, at the moment, because the equipment of the attacker is already the safety equipment, the verification difficulty can be correspondingly reduced by the operations such as transfer and the like, and the attacker does not need to perform other verifications such as short message verification codes, face recognition and the like, so that the fund of the user is stolen and transferred; 2. the period of time required to identify a user security device by user login behavior is long, for example, a user is required to continuously log in for 3 or 5 days in a month to identify the security device.
Disclosure of Invention
The invention provides a safety equipment identification method and a safety equipment identification system, which aim to solve the problems of low reliability and long safety equipment identification period of the conventional safety equipment identification mode.
In order to solve the above problem, the present invention provides a security device identification method, including:
receiving a login verification or transaction verification request carrying a target equipment identifier sent when the target equipment performs login operation or transaction operation;
acquiring historical data corresponding to the target equipment identifier, wherein the historical data comprises: historical login behavior data of login operation and historical transaction behavior data of transaction operation are carried out on the target equipment;
determining whether the target equipment is safety equipment or not according to the acquired historical data corresponding to the target equipment identifier;
and returning a login verification or transaction verification response corresponding to the login verification or transaction verification request to the target equipment according to the determination result.
As a further improvement of the invention, the historical login behavior data comprises a login verification mode, the first successful login times within a preset time period and the login continuous failure times reaching a preset value; the historical transaction behavior data comprises a transaction verification mode, the first successful transaction times in a preset time period, transaction time and transaction amount;
the step of determining whether the target device is a safety device according to the acquired historical data corresponding to the target device identifier comprises the following steps: performing plus-minus score processing on the historical login behavior data and the historical transaction behavior data based on a preset scoring standard, and outputting a scoring result;
and when the score in the scoring result comprises at least one type of historical transaction behavior data and the score of the scoring result is higher than a preset scoring threshold, determining the target equipment as the safety equipment.
As a further improvement of the present invention, when the determination result is that the target device is a security device;
the step of returning login verification or transaction verification response corresponding to the login or transaction verification request to the target device according to the determination result comprises the following steps:
and returning a response of executing the simple login verification or transaction verification operation to the target equipment.
As a further improvement of the present invention, when the determination result is that the target device is a non-secure device;
a response to perform a strict login verification or transaction verification operation is returned to the target device.
As a further improvement of the present invention, after the step of returning a login and/or transaction verification response corresponding to the login or transaction verification request to the target device according to the determination result, the method further comprises:
and recording the current login behavior data or transaction behavior data corresponding to the target equipment identification.
In order to solve the above problem, the present invention also provides a security device identification system, including:
the receiving module is used for receiving a login verification or transaction verification request which is sent by target equipment and carries a target equipment identifier when the target equipment performs login operation or transaction operation;
an obtaining module, configured to obtain historical data corresponding to the target device identifier, where the historical data includes: historical login behavior data of login operation and historical transaction behavior data of transaction operation are carried out on the target equipment;
the determining module is used for determining whether the target equipment is the safety equipment according to the acquired historical data corresponding to the target equipment identification;
and the response module is used for returning login verification or transaction verification response corresponding to the login verification or transaction verification request to the target equipment according to the determination result.
As a further improvement of the invention, the historical login behavior data comprises a login verification mode, the first successful login times within a preset time period and the login continuous failure times reaching a preset value; the historical transaction behavior data comprises a transaction verification mode, the first successful transaction times in a preset time period, transaction time and transaction amount;
the determining module comprises:
the scoring unit is used for performing plus-minus scoring processing on the historical login behavior data and the historical transaction behavior data based on a preset scoring standard and outputting a scoring result;
and the judging unit is used for determining the target equipment as the safety equipment when the added items in the grading result comprise at least one type of historical transaction behavior data and the grade of the grading result is higher than a preset grading threshold value.
As a further improvement of the present invention, when the determination result is that the target device is a security device;
the response module is also used for returning a response of executing the simple login verification or transaction verification operation to the target equipment.
As a further improvement of the present invention, when the determination result is that the target device is a non-secure device;
the response module is also used for returning a response of executing strict login verification or transaction verification operation to the target device.
As a further improvement of the present invention, the system further comprises:
and the recording module is used for recording the current login behavior data or transaction behavior data corresponding to the target equipment identifier.
The invention provides a safety equipment identification scheme, which is used for confirming whether target equipment is safety equipment or not through historical login behavior data of login operation and historical behavior data of transaction operation on the target equipment when the target equipment performs login operation or transaction operation. Because the transaction operation verification mode has higher safety verification operation than the login operation verification mode, compared with the prior art, the historical transaction behavior data is added to identify the safety equipment, the historical login data and the equipment information are more reliable than the historical login data and the equipment information which are used independently, and meanwhile, the period of identifying the safety equipment is shortened.
Drawings
Fig. 1 is a schematic flow chart of a first embodiment of a security device identification method according to the present invention;
fig. 2 is a schematic flowchart of a step of determining whether the security device is a security device according to a first embodiment of the method for identifying a security device of the present invention;
fig. 3 is a flowchart illustrating a security device identification method according to a second embodiment of the present invention;
FIG. 4 is a functional block diagram of a first embodiment of a security device identification system of the present invention;
fig. 5 is a schematic diagram of a specific function module of a determination module in a first embodiment of the security device identification system according to the present invention;
fig. 6 is a functional block diagram of a security device identification system according to a second embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Fig. 1 shows a first embodiment of the identification method of the security device of the present invention. As shown in fig. 1, in this embodiment, the method for identifying a security device includes the following steps:
step S1, receiving a login verification or transaction verification request with a target device identifier sent by the target device during login operation or transaction operation.
Specifically, the target device identifier is calculated according to device information of the target device, where the device information includes, but is not limited to, an International Mobile Equipment Identity (IMEI), a Media Access Control Address (MAC Address), a gyroscope, a battery level, a model, a brand, a city area, and the like of the target device, and since the device information of different devices is not consistent, the target device identifier calculated by using the device information will be a unique identifier of the target device. In the embodiment of the present invention, the HASH algorithm is adopted to calculate the device information of the target device to form a unique target device identifier of the target device.
Step S2, obtaining history data corresponding to the target device identifier.
The historical data includes: and historical login behavior data of login operation and historical transaction behavior data of transaction operation are carried out by the target equipment.
In the embodiment of the invention, the historical login behavior data comprises a login verification mode, the first successful login times within a preset time period and the login continuous failure times reaching a preset value.
It should be noted that the first successful login times in the preset time period may be the first successful login times recorded in hours, or the first successful login times recorded in days, and the specific preset time period is set according to actual conditions; if the login is successfully carried out for multiple times within the preset time period, only 1 time is recorded; the number of times of login continuous failure reaching the preset value can be 5 times or 10 times, and is set according to the actual situation.
The historical transaction behavior data comprises a transaction verification mode, the first successful transaction times in a preset time period, transaction time and transaction amount.
It should be noted that the number of times of the first successful transaction in the preset time period may be the number of times of the first successful transaction recorded by hours, or the number of times of the first successful transaction recorded by days, and the specific preset time period is set according to actual conditions; if the login is successfully carried out for multiple times within the preset time period, only 1 time is recorded; in addition, aiming at different transaction behaviors, such as transfer transaction, payment transaction, purchase financing transaction and the like, the number of times of the first successful transaction in a preset time period needs to be recorded in a distinguishing way; the transaction verification mode refers to what verification mode is adopted when the transaction is carried out, and the common verification mode comprises digital certificate installation verification, face recognition verification, password verification and the like; transaction time, which refers to the time when a transaction action occurs; the transaction amount refers to the amount of money spent on the transaction.
And step S3, determining whether the target device is a safety device according to the acquired historical data corresponding to the target device identifier.
In the embodiment of the invention, after the historical data of the target device is acquired according to the target device identifier, whether the target device is a safety device is judged according to the historical data.
Specifically, as shown in fig. 2, step S3 includes the steps of:
and step S30, performing plus-minus score division processing on the historical login behavior data and the historical transaction behavior data based on the preset score standard, and outputting score results.
Specifically, corresponding add-subtract score evaluation processing is performed according to login operation or transaction operation executed on the target device by the user. In the embodiment of the present invention, the setting of the bonus item includes: the first successful login times in a preset time period and the first successful transaction times in the preset time period are preset; the setting of the division term includes: the times of login continuous failure reaching the preset value, abnormal transaction time and abnormal transaction amount. In the design of the scoring standard, a plurality of addition and subtraction items are combined. In this example, the pre-set scoring criteria are shown in tables 1 and 2 below. It can be understood that, according to the actual requirement, the combination of the addition and subtraction terms, the weight scores of different addition and subtraction terms, and the set values contained in the addition and subtraction terms can be adjusted.
TABLE 1 Scoring set Scoring criteria
Figure BDA0002286940890000061
TABLE 2 Subtraction set Scoring criteria
Figure BDA0002286940890000062
And step S31, when the added items in the scoring results comprise at least one type of historical transaction behavior data and the score of the scoring results is higher than a preset scoring threshold, determining the target device as a safety device.
The scoring threshold can be adjusted according to actual conditions, and in this embodiment, the scoring threshold is set to 7 points. When the scoring result is higher than a preset scoring threshold value and the scoring item comprises at least one type of historical transaction behavior data, determining the target equipment as the safety equipment, for example, determining the scoring result of the target equipment as 10 points through comprehensive evaluation, and determining the scoring item as 2 points of successful transfer and 1 point of successful payment in the 10 points of the scoring result, determining the target equipment as the safety equipment; however, if the scoring result is the score obtained by the user successfully logging in the target device for ten consecutive days and does not include the scoring item of the historical transaction behavior data, the target device is not determined as the safety device.
Further, in order to facilitate the identification of the target device, when the target device identifier of the target device is initially generated, an initial score is given to the target device or set to be 0 score, and then, each time a login operation or a transaction operation is performed on the target device, the score of the target device is updated once according to a preset score standard, and the updated score of the target device is recorded in real time.
And step S4, returning login verification or transaction verification response corresponding to the login verification or transaction verification request to the target device according to the determination result.
In the embodiment of the invention, the response modes of login verification or transaction verification corresponding to the safety device and the non-safety device are different.
When it is determined in step S3 that the target device is a security device, step S4 specifically includes: returning a response of executing the simple login verification or transaction verification operation to the target equipment;
specifically, the operation mode of login verification or transaction verification of the safety equipment is simple, a user can conveniently and quickly complete login operation or transaction operation, and user experience is improved, for example, only a transaction password needs to be verified during account transfer, short message verification is not needed, and the like;
when it is determined in step S3 that the target device is a non-secure device, step S4 specifically includes: returning a response of executing strict login verification or transaction verification operation to the target equipment;
specifically, the operation mode of login authentication or transaction authentication of the non-secure device is complicated, for example, when a user performs a transaction operation, an authentication mode combining a transaction password and an authentication code is required.
In the embodiment of the invention, when the target equipment performs login operation or transaction operation, whether the target equipment is the safety equipment is determined according to the historical login behavior data of the login operation and the historical behavior data of the transaction operation performed on the target equipment. Because the transaction operation verification mode has higher safety verification operation than the login operation verification mode, compared with the prior art, the historical transaction behavior data is added to identify the safety equipment, the historical login data and the equipment information are more reliable than the historical login data and the equipment information which are used independently, and meanwhile, the period of identifying the safety equipment is shortened.
Further, for monitoring the security status of the target device in real time, as shown in fig. 3, steps S1 to S4 in the second embodiment of the method for identifying a security device of the present invention are the same as those in the first embodiment of the method for identifying a security device of the present invention, and are not repeated here, and after step S4, the method further includes:
and step S5, recording the current login behavior data or transaction behavior data corresponding to the target device identification.
In this embodiment, in order to monitor the security state of the target device in real time, even if the target device is determined to be a security device, the login behavior or the transaction behavior occurring on the target device may be recorded in real time subsequently, and the score-subtraction processing may be performed according to the login behavior or the transaction behavior occurring on the target device subsequently, if the login operation or the transaction operation in the score-subtraction scene occurs on the target device and the score of the score result is lower than the preset score threshold, the target device is no longer a security device, and the complex login authentication operation and the transaction authentication operation are recovered, so that it is ensured that the loss of the user is minimized, and the user is given sufficient time to alarm.
Fig. 4 shows a first embodiment of the security device identification system of the present invention. As shown in fig. 4, in the present embodiment, the secure device identification system includes a receiving module 10, an obtaining module 11, a determining module 12, and a responding module 13.
The receiving module 10 is configured to receive a login verification or transaction verification request carrying a target device identifier, which is sent when a target device performs a login operation or a transaction operation;
an obtaining module 11, configured to obtain historical data corresponding to the target device identifier, where the historical data includes: historical login behavior data of login operation and historical transaction behavior data of transaction operation are carried out on the target equipment;
the determining module 12 is configured to determine whether the target device is a security device according to the obtained historical data corresponding to the target device identifier;
and the response module 13 is configured to return a login verification or transaction verification response corresponding to the login verification or transaction verification request to the target device according to the determination result.
On the basis of the above embodiment, in other embodiments, the historical login behavior data includes a login verification manner, the number of times of successful login for the first time in a preset time period, and the number of times of login continuous failure reaching a preset value; the historical transaction behavior data comprises a transaction verification mode, the first successful transaction times in a preset time period, transaction time and transaction amount.
As shown in fig. 5, the determination module 12 includes a scoring unit 120 and a determination unit 121.
The scoring unit 120 is configured to perform score addition and subtraction processing on the historical login behavior data and the historical transaction behavior data based on a preset scoring standard, and output a scoring result; the determining unit 121 is configured to determine the target device as a security device when the bonus item in the scoring result includes at least one type of historical transaction behavior data and the score of the scoring result is higher than a preset scoring threshold.
On the basis of the above embodiment, in other embodiments, when the determination result is that the target device is a secure device; the response module is also used for returning a response of executing the simple login verification or transaction verification operation to the target equipment.
On the basis of the above embodiment, in other embodiments, when the determination result is that the target device is a non-secure device; the response module is also used for returning a response of executing strict login verification or transaction verification operation to the target device.
On the basis of the above embodiment, in another embodiment, as shown in fig. 6, the system further includes: and the recording module 14 is configured to record the current login behavior data or the transaction behavior data corresponding to the target device identifier.
For other details of the technical solution for implementing each module in the security device identification system, reference may be made to the description of the security device identification method in the foregoing embodiment, and details are not repeated here.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the system-class embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The embodiments of the present invention have been described in detail, but the present invention is only exemplary and is not limited to the embodiments described above. It will be apparent to those skilled in the art that any equivalent modifications or substitutions can be made within the scope of the present invention, and thus, equivalent changes and modifications, improvements, etc. made without departing from the spirit and scope of the present invention should be included in the scope of the present invention.

Claims (10)

1. A security device identification method, comprising:
receiving a login verification or transaction verification request carrying a target equipment identifier sent when the target equipment performs login operation or transaction operation;
acquiring historical data corresponding to the target device identifier, wherein the historical data comprises: historical login behavior data of login operation and historical transaction behavior data of transaction operation of the target equipment;
determining whether the target equipment is safety equipment or not according to the acquired historical data corresponding to the target equipment identifier;
and returning a login verification or transaction verification response corresponding to the login verification or transaction verification request to the target equipment according to the determination result.
2. The security device identification method according to claim 1, wherein the historical login behavior data includes a login verification manner, a number of first successful logins within a preset time period, and a number of login continuous failures reaching a preset value; the historical transaction behavior data comprises a transaction verification mode, the first successful transaction times in a preset time period, transaction time and transaction amount;
the step of determining whether the target device is a security device according to the acquired historical data corresponding to the target device identifier includes: performing plus-minus score processing on the historical login behavior data and the historical transaction behavior data based on a preset score standard, and outputting a score result;
and when the point in the scoring result comprises at least one type of historical transaction behavior data and the score of the scoring result is higher than a preset scoring threshold value, determining the target equipment as safety equipment.
3. The secure device identification method according to claim 2, wherein when the determination result is that the target device is a secure device;
the returning of the login verification or transaction verification response corresponding to the login or transaction verification request to the target device according to the determination result comprises:
and returning a response of executing the simple login verification or transaction verification operation to the target equipment.
4. The secure device identification method according to claim 2, wherein when the determination result is that the target device is a non-secure device;
and returning a response of executing strict login verification or transaction verification operation to the target device.
5. The method according to claim 1, wherein after the step of returning a login and/or transaction verification response corresponding to the login or transaction verification request to the target device according to the determination result, the method further comprises:
and recording the current login behavior data or transaction behavior data corresponding to the target equipment identification.
6. A security device identification system, comprising:
the receiving module is used for receiving a login verification or transaction verification request which is sent by target equipment and carries a target equipment identifier when the target equipment performs login operation or transaction operation;
an obtaining module, configured to obtain historical data corresponding to the target device identifier, where the historical data includes: historical login behavior data of login operation and historical transaction behavior data of transaction operation of the target equipment;
the determining module is used for determining whether the target equipment is safety equipment according to the acquired historical data corresponding to the target equipment identifier;
and the response module is used for returning login verification or transaction verification response corresponding to the login verification or transaction verification request to the target equipment according to the determination result.
7. The security device identification system of claim 6, wherein the historical login behavior data comprises a login verification manner, a number of first successful logins within a preset time period, and a number of login persistent failures reaching a preset value; the historical transaction behavior data comprises a transaction verification mode, the first successful transaction times in a preset time period, transaction time and transaction amount;
the determining module comprises:
the scoring unit is used for performing plus-minus scoring processing on the historical login behavior data and the historical transaction behavior data based on a preset scoring standard and outputting a scoring result;
and the judging unit is used for determining the target equipment as safety equipment when the added items in the grading result comprise at least one type of historical transaction behavior data and the grade of the grading result is higher than a preset grading threshold value.
8. The secure device identification system according to claim 7, wherein when the determination result is that the target device is a secure device;
the response module is further used for returning a response of executing simple login verification or transaction verification operation to the target device.
9. The secure device identification system according to claim 7, wherein when the determination result is that the target device is a non-secure device;
the response module is further configured to return a response to the target device that performs a strict login verification or transaction verification operation.
10. The security device identification system of claim 6, wherein the system further comprises:
and the recording module is used for recording the current login behavior data or transaction behavior data corresponding to the target equipment identifier.
CN201911164078.6A 2019-11-25 2019-11-25 Safety equipment identification method and system Pending CN111191215A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911164078.6A CN111191215A (en) 2019-11-25 2019-11-25 Safety equipment identification method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911164078.6A CN111191215A (en) 2019-11-25 2019-11-25 Safety equipment identification method and system

Publications (1)

Publication Number Publication Date
CN111191215A true CN111191215A (en) 2020-05-22

Family

ID=70709162

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911164078.6A Pending CN111191215A (en) 2019-11-25 2019-11-25 Safety equipment identification method and system

Country Status (1)

Country Link
CN (1) CN111191215A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111752662A (en) * 2020-06-28 2020-10-09 中国银行股份有限公司 Bank transaction interface display method and device
CN112138400A (en) * 2020-09-15 2020-12-29 北京智明星通科技股份有限公司 Security monitoring method, system and server for game account

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104144419A (en) * 2014-01-24 2014-11-12 腾讯科技(深圳)有限公司 Identity authentication method, device and system
KR20160109582A (en) * 2015-03-12 2016-09-21 심재훈 User authentication system and user authentication method of Cell phone messaging service and CHATCHA bases
CN107705206A (en) * 2017-11-07 2018-02-16 中国银行股份有限公司 A kind of transaction risk appraisal procedure and device
CN110032857A (en) * 2019-02-19 2019-07-19 阿里巴巴集团控股有限公司 The registration of account, the recognition methods of credible equipment and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104144419A (en) * 2014-01-24 2014-11-12 腾讯科技(深圳)有限公司 Identity authentication method, device and system
KR20160109582A (en) * 2015-03-12 2016-09-21 심재훈 User authentication system and user authentication method of Cell phone messaging service and CHATCHA bases
CN107705206A (en) * 2017-11-07 2018-02-16 中国银行股份有限公司 A kind of transaction risk appraisal procedure and device
CN110032857A (en) * 2019-02-19 2019-07-19 阿里巴巴集团控股有限公司 The registration of account, the recognition methods of credible equipment and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111752662A (en) * 2020-06-28 2020-10-09 中国银行股份有限公司 Bank transaction interface display method and device
CN111752662B (en) * 2020-06-28 2024-02-23 中国银行股份有限公司 Bank transaction interface display method and device
CN112138400A (en) * 2020-09-15 2020-12-29 北京智明星通科技股份有限公司 Security monitoring method, system and server for game account
CN112138400B (en) * 2020-09-15 2024-05-17 北京智明星通科技股份有限公司 Security monitoring method, system and server for game account

Similar Documents

Publication Publication Date Title
RU2635275C1 (en) System and method of identifying user's suspicious activity in user's interaction with various banking services
KR102151862B1 (en) Service processing method and device
US8370389B1 (en) Techniques for authenticating users of massive multiplayer online role playing games using adaptive authentication
CN107665301A (en) Verification method and device
CN111083165B (en) Login interception method and system based on combined anti-collision library platform
US20110246426A1 (en) Method and apparatus for information recovery using snapshot database
EP3750275B1 (en) Method and apparatus for identity authentication, server and computer readable medium
CN111415163A (en) Service processing and verifying method, system and verifying node based on block chain
CN110874743B (en) Method and device for determining account transaction risk
CN110570188A (en) Method and system for processing transaction requests
CN110753038A (en) Self-adaptive authority control system and method for anomaly detection
TWI701932B (en) Identity authentication method, server and client equipment
CN111191215A (en) Safety equipment identification method and system
CN109063481B (en) Risk detection method and device
EP3547243A1 (en) Methods and apparatuses for fraud handling
US20180174142A1 (en) Managing product returns associated with a user device
CN112330355A (en) Consumption ticket transaction data processing method, device, equipment and storage medium
CN109583177B (en) System and method for identifying new devices during user interaction with banking services
US20200213339A1 (en) System and method of identifying fraudulent activity from a user device using a chain of device fingerprints
RU2659736C1 (en) System and method of detecting new devices under user interaction with banking services
CN114841698A (en) Transaction information processing method and device and computer readable storage medium
CN115994791A (en) Risk judgment method based on integral user state snapshot and quantitative analysis
CN114065187A (en) Abnormal login detection method and device, computing equipment and storage medium
CN111970272A (en) APT attack operation identification method
US11874752B1 (en) Methods and systems for facilitating cyber inspection of connected and autonomous electrical vehicles using smart charging stations

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 518000 floor 4, building a, Lufthansa aviation Park, hourui community, Hangcheng street, Bao'an District, Shenzhen City, Guangdong Province

Applicant after: Shenzhen Leap New Technology Co.,Ltd.

Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.)

Applicant before: Shenzhen Leap New Technology Co.,Ltd.

CB02 Change of applicant information