CN111368273B - Identity verification method and device - Google Patents

Identity verification method and device Download PDF

Info

Publication number
CN111368273B
CN111368273B CN202010188616.1A CN202010188616A CN111368273B CN 111368273 B CN111368273 B CN 111368273B CN 202010188616 A CN202010188616 A CN 202010188616A CN 111368273 B CN111368273 B CN 111368273B
Authority
CN
China
Prior art keywords
user
equipment
determining
default
effective
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010188616.1A
Other languages
Chinese (zh)
Other versions
CN111368273A (en
Inventor
曹路阳
马振邦
山瑞峰
曲鹏
杨漫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hanhai Information Technology Shanghai Co Ltd
Original Assignee
Hanhai Information Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hanhai Information Technology Shanghai Co Ltd filed Critical Hanhai Information Technology Shanghai Co Ltd
Priority to CN202010188616.1A priority Critical patent/CN111368273B/en
Publication of CN111368273A publication Critical patent/CN111368273A/en
Application granted granted Critical
Publication of CN111368273B publication Critical patent/CN111368273B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The specification discloses an identity verification method and device, if it is detected that a device to be identified corresponding to a device currently used by a user is different from a stored default device identifier corresponding to the user, a geographic position based on the device to be identified corresponding to the device currently used by the user is obtained to be used as a first position, and geographic positions meeting preset conditions are selected from all geographic positions based on which the user uses the device corresponding to the default device identifier to conduct business processing to be used as a second position. And taking the second position as a center, determining an effective geographic range for carrying out identity authentication on the user, and carrying out identity authentication on the user according to the first position and the effective geographic range. According to the method, the user is authenticated according to the geographical position where the user needs to use the equipment corresponding to the equipment identification to be identified to perform service processing, and the user can be ensured to use the equipment corresponding to the equipment identification to be identified. Compared with the prior art, the safety can be improved.

Description

Identity verification method and device
Technical Field
The present disclosure relates to the field of computers, and in particular, to a method and apparatus for identity verification.
Background
In practical applications, when a mobile device held by a user suddenly loses power or the mobile device is lost, great inconvenience is brought to the user. For example, if a dispatcher suddenly fails to supply power to a mobile device when performing a delivery task, the dispatcher cannot easily deliver the delivered object to the customer at the right time, which reduces the execution efficiency of the order and causes inconvenience to the customer who places the order.
In the prior art, if a user encounters a situation that the held mobile device suddenly fails or the mobile device is lost, the user account can be directly logged on to other mobile devices to continue to execute the service. However, the service platform cannot determine whether the user account logs on to other mobile devices or the user account is self-owned or self-owned by other people who steal the user account, so that the safety of the user information cannot be ensured.
Therefore, how to verify the identity of the user and ensure the information security of the user when the user account logs in to other mobile devices is a problem to be solved.
Disclosure of Invention
The present disclosure provides an authentication method and apparatus to partially solve the above-mentioned problems in the prior art.
The technical scheme adopted in the specification is as follows:
the specification provides a method of identity verification, comprising:
acquiring a device identifier corresponding to the device currently used by a user as a device identifier to be identified;
if the equipment identification to be identified is different from the stored default equipment identification corresponding to the user, acquiring the geographic position based on the equipment corresponding to the equipment identification to be identified, which is currently used by the user, as a first position;
selecting a geographic position meeting preset conditions from all geographic positions based on which the user uses equipment corresponding to the default equipment identifier to perform service processing as a second position;
the second position is taken as the center, and an effective geographic range for carrying out identity verification on the user is determined;
and carrying out service processing on equipment corresponding to the equipment identifier to be identified by the user for identity verification according to the first position and the effective geographic range.
Optionally, selecting, as the second location, a geographic location meeting a preset condition from all geographic locations based on which the user uses the device corresponding to the default device identifier to perform service processing, where the second location specifically includes:
And determining the geographic position based on which the user uses the equipment corresponding to the default equipment identifier to perform service processing last time as the geographic position conforming to the preset condition.
Optionally, before determining the valid geographical range for authentication of the user, centering on the second location, the method further comprises:
and if the equipment corresponding to the default equipment identifier is determined to be in an unavailable state, carrying out service processing on the equipment corresponding to the equipment identifier to be identified by the user to carry out identity verification.
Optionally, determining that the device corresponding to the default device identifier is in an unavailable state specifically includes:
sending a voice call to the device corresponding to the default device identifier;
and if the equipment corresponding to the default equipment identifier is determined not to be connected with the voice call, determining that the equipment corresponding to the default equipment identifier is in an unavailable state.
Optionally, determining that the device corresponding to the default device identifier does not connect the voice call specifically includes:
acquiring voice prompt information of equipment corresponding to the default equipment identifier for responding to the voice call;
and carrying out voice recognition on the voice prompt information to determine that the equipment corresponding to the default equipment identifier is not connected with the voice call.
Optionally, centering on the second location, determining a valid geographic range for authentication of the user specifically includes:
determining an effective radius according to the safety level corresponding to the user and/or the determined number of active users in the set area, wherein the higher the number of active users in the set area is, the smaller the effective radius is, the higher the safety level corresponding to the user is, and the smaller the effective radius is;
and taking the second position as a center, dividing the area by the effective radius, and determining an effective geographic range for carrying out identity authentication on the user in the set area.
Optionally, determining the setting area specifically includes:
and taking the second position as a center, dividing the region by using a set radius, and determining the set region.
Optionally, according to the first location and the effective geographic range, performing identity verification on the user specifically includes:
determining a verification code corresponding to the user;
if the first position is determined to be located in the effective geographic range, and the user is determined to input the verification code, the user is determined to pass the authentication when the user needs to process the service through the equipment corresponding to the equipment identification to be identified.
Optionally, determining that the user inputs the verification code specifically includes:
determining the effective duration corresponding to the verification code and determining the starting moment of identity verification of the user;
and if the time interval between the moment of inputting the verification code by the user and the starting moment is not more than the effective duration, determining that the verification code is input by the user.
The present specification provides an apparatus for authentication, comprising:
the first acquisition module is used for acquiring equipment identifiers corresponding to equipment currently used by a user and taking the equipment identifiers as equipment identifiers to be identified;
the second acquisition module is used for acquiring a geographic position based on equipment corresponding to the equipment identifier to be identified currently used by the user as a first position if the equipment identifier to be identified is determined to be different from the stored default equipment identifier corresponding to the user;
the selecting module is used for selecting a geographic position which meets preset conditions from all geographic positions based on which the user uses equipment corresponding to the default equipment identifier to conduct business processing, and the geographic position is used as a second position;
the determining module is used for determining an effective geographic range for identity verification of the user by taking the second position as a center;
And the verification module is used for carrying out service processing on the equipment corresponding to the equipment identifier to be identified by the user for identity verification according to the first position and the effective geographic range.
The present description provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the above-described method of authentication.
The present specification provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the above-described method of identity verification when executing the program.
The above-mentioned at least one technical scheme that this specification adopted can reach following beneficial effect:
in the method for identity verification provided in the present specification, if it is detected that the device identifier to be identified corresponding to the device currently used by the user is different from the stored default device identifier corresponding to the user, the geographic position based on the device identifier corresponding to the device to be identified currently used by the user may be obtained as the first position, and the geographic position meeting the preset condition is selected from the geographic positions based on which the user uses the device corresponding to the default device identifier to perform service processing as the second position. And then, taking the second position as a center, determining an effective geographic range for carrying out identity authentication on the user, and carrying out service processing on equipment corresponding to the equipment identifier to be identified for carrying out identity authentication on the user according to the first position and the effective geographic range.
According to the method, the user can be authenticated according to the geographical position of the service processing by using the equipment corresponding to the equipment identification to be identified according to the user requirement, and the user can be ensured to use the equipment corresponding to the equipment identification to be identified to a certain extent. Compared with the prior art, the method for authenticating the user using the identification equipment to identify the corresponding equipment is not available, and the safety of the user information can be ensured to a certain extent.
Drawings
The accompanying drawings, which are included to provide a further understanding of the specification, illustrate and explain the exemplary embodiments of the present specification and their description, are not intended to limit the specification unduly. In the drawings:
FIG. 1 is a flow chart of a method of identity authentication in the present specification;
FIG. 2 is a schematic view of the effective geographic area and the set area provided in the present specification;
FIG. 3 is a schematic diagram of an authentication interface provided herein;
FIG. 4 is a schematic diagram of an apparatus for authentication provided herein;
fig. 5 is a schematic view of the electronic device corresponding to fig. 1 provided in the present specification.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the present specification more apparent, the technical solutions of the present specification will be clearly and completely described below with reference to specific embodiments of the present specification and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present specification. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are intended to be within the scope of the present disclosure.
The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.
Fig. 1 is a flow chart of a method of identity authentication in the present specification, specifically including the following steps:
s101: and acquiring the equipment identifier corresponding to the equipment currently used by the user as the equipment identifier to be identified.
S102: and if the equipment identification to be identified is different from the stored default equipment identification corresponding to the user, acquiring the geographic position based on the equipment corresponding to the equipment identification to be identified, which is currently used by the user, as a first position.
In practical application, a user usually uses a common device held by the user to perform service execution, where the common device refers to a device that is used by the user for a long time and is not replaced for a long time, and specifically may refer to an electronic mobile device such as a common mobile phone and a tablet personal computer of the user. However, the user may lose the common equipment or the common equipment may not be powered on during the service execution process, so in order to continue the service execution, the user may use the very common equipment to continue the service execution. The very common device mentioned here refers to an electronic device that is not commonly used by users, or by others. In order to ensure that the user uses the very common equipment to continue the service execution, the service platform needs to perform identity verification on the user.
Specifically, the service platform may obtain, as the device identifier to be identified, the device identifier corresponding to the device currently used by the user. And then, the service platform can compare the equipment identifier to be identified with the stored default equipment identifier corresponding to the user, and if the equipment identifier to be identified and the stored default equipment identifier are different, the geographic position based on the equipment corresponding to the equipment identifier to be identified, which is currently used by the user, needs to be obtained as the first position.
That is, the service platform usually records the device identifier (such as the device number, the serial number, etc.) of the common device held by the user, so the default device identifier corresponding to the user mentioned above refers to the device identifier of the common device held by the user. And when the user uses the very-common equipment to process the service, the user can also acquire the equipment identification (namely the equipment identification to be identified) of the very-common equipment. The service platform can compare the obtained device identifier to be identified with the recorded device identifier (i.e. default device identifier) of the common device held by the user, so as to monitor whether the user uses the common device in the process of executing the service.
It should be noted that, for convenience of the following description, the device corresponding to the default device identifier is hereinafter referred to as a common device used by the user, and for the case where the device identifier to be identified is different from the default device identifier, the device corresponding to the device identifier to be identified is hereinafter referred to as a very common device currently used by the user.
In this specification, the monitoring that the user needs to use the very-used device to perform the service processing may specifically have multiple forms, for example, when the monitoring that the user uses the very-used device to log in the user account, it may be determined that the monitoring that the user needs to use the very-used device to perform the service processing; for another example, when it is detected that a user triggers an entry of a service when using an Application (App) installed in the unusual device, it is determined that the user needs to use the unusual device to perform service processing. Other forms are not illustrated in detail herein.
When the fact that the user needs to use the very-used equipment to conduct business processing is monitored, the service platform can further determine the geographic position based on which the user needs to use the very-used equipment to conduct business processing as the first position. Specifically, when the service platform monitors that the user needs to use the unusual equipment to perform service processing, the unusual equipment can be positioned by a preset positioning mode, and the preset positioning modes can be various, for example, a global positioning system (Global Positioning System) GPS), wireless-Fidelity (WiFi) positioning, base station positioning, etc. The present description is not limited to a specific positioning method.
Correspondingly, the service platform can judge whether the service processing action using the very-commonly-used equipment comes from the user himself or herself when the user is authenticated in the subsequent process, namely, according to the first position, and the specific process will be described later.
S103: and selecting the geographic position meeting the preset condition from the geographic positions based on which the user uses the equipment corresponding to the default equipment identifier to perform service processing as a second position.
After the service platform obtains the first position where the user uses the common equipment currently, the service platform can select the geographic position meeting the preset condition from the geographic positions where the user uses the common equipment to perform service processing as the second position.
In this specification, the service platform may set preset conditions according to actual requirements. For example, the service platform can determine the geographical position where the user uses the common equipment to perform service processing for the last time as the geographical position meeting the preset condition; for another example, the service platform may use the geographical location of the user when using the common device to perform service processing in the previous hour as the geographical location meeting the preset condition; for another example, the service platform may take the geographic location where the user uses the common device most frequently as the geographic location meeting the preset condition, and other forms are not illustrated herein.
It should be noted that, in order to make the result of the subsequent identity verification more accurate, the service platform may also determine whether the common device of the user is in an unavailable state, if the common device is in an unavailable state, it is indicated that the user needs to use the common device to perform service processing under the condition that the user has to have, so that the service platform may perform the identity verification on the user that needs to perform service processing through the common device.
In this specification, the service platform may determine whether the common device is in an unavailable state by dialing a voice call to the common device of the user. Specifically, if the service platform dials the phone number of the common device or the network phone, the common device is always in an unconnected state, and then it can be determined that the common device is in an unavailable state. The service platform can also determine whether the common equipment is in an unavailable state by dialing a voice prompt obtained after voice communication of the common equipment of the user and identifying whether the voice prompt contains information such as shutdown or unavailable connection of the common equipment. The voice recognition algorithm adopted by the service platform for performing voice recognition on the voice prompt can be an existing conventional voice recognition algorithm, and the specific algorithm is not limited in the specification.
S104: and taking the second position as a center, and determining the effective geographic range for carrying out identity verification on the user.
After determining the second position, the service platform can determine an effective geographic range for performing identity verification on the user according to the determined second position. The effective geographic area is used to limit the geographic area in which the user can perform authentication. In other words, the effective geographic range determined by the service platform is used for determining a security range for performing identity verification on the user, that is, if the current location of the user (where the user needs to perform service processing using the very-used device, that is, the first location) is located in the security range, it is determined that the user needs to perform service processing using the very-used device is the user, or else, it is determined that the user needs to perform service processing using the very-used device is not the user.
In this description, there may be various ways for the service platform to determine the effective geographic scope for authentication of the user. For example, the service platform may set a circular area centered on the second location and having a set distance as a radius, where the set distance may be set according to the actual requirement, as an effective geographic range for performing authentication for the user.
In order to ensure the accuracy of the determined effective geographic range, in the present specification, the service platform may also determine the effective geographic range for performing identity verification on the user according to the security level corresponding to the user, the second location, and the determined number of active users in the set area.
Specifically, the service platform may determine a security level corresponding to the user and the number of active users in the set area, and further determine an effective radius according to the security level and the number of active users, where the effective radius is used as a radius of the effective geographic range. Then, the service platform can take the second position as the center of the effective geographic range, and can determine the effective geographic range by dividing the area according to the radius of the effective geographic range and the center of the effective geographic range. As shown in fig. 2.
Fig. 2 is a schematic diagram of the effective geographical range and the set area provided in the present specification.
Taking fig. 2 as an example, the service platform may take the second location in fig. 2 as the center of the effective geographic area, and then divide the set area in the electronic map with a set radius, where the set area is the area included by the large circle in fig. 2. Then, the service platform can determine the number of active users in the set area, and further determine the effective radius of the effective geographic range according to the number of active users and the security level corresponding to the users, as shown in fig. 2. Further, the service platform may perform region division through the effective radius and the second location as the center of the effective geographic area, so as to obtain the effective geographic area in the set region, that is, the region contained in the small circle in fig. 2.
In this specification, the specific form adopted for authenticating the user may refer to an authentication code input by the user in a very common device, and the determined valid geographical range may refer to a valid range in which the user inputs the authentication code, that is, if the user inputs the authentication code in the valid geographical range, the authentication code input by the user is determined to be valid, so as to determine that the authentication of the user passes, otherwise, the authentication code input by the user is determined to be invalid, so as to determine that the authentication of the user does not pass.
It should be noted that, the higher the number of active users in the setting area, the higher the authentication requirement for the user should be, because if the authentication is performed by the method of inputting the authentication code by the user, the number of active users in the setting area may be the same as the authentication code used by other users. Therefore, if the number of active users in the set area is higher, the length of the effective radius of the effective geographic range can be reduced, so that the verification code input by the user in the divided effective geographic range is less likely to be repeated with verification codes of other users. That is, in the present specification, the higher the number of active users in the set area, the smaller the determined effective radius should be, and the smaller the effective geographical range should be.
The specific service platform can determine the effective radius by the following formula.
Figure BDA0002415070250000091
The specific formula for determining the effective radius can be various, and the higher the security level is, the smaller the determined effective radius is, the more the number of active users is, and the smaller the determined effective radius is. The security level mentioned here may be a security level set by the user himself or may be a security level set by the service platform in a unified manner. In summary, the security level indicates how strictly the user is authenticated, so if the security level is higher, it means that the higher the security requirement required by the user is, the smaller the effective radius should be, and the smaller the effective geographic range should be.
The number of active users in the setting area mentioned above may refer to the determined number of users using a designated App in the setting area, and the number of active users may specifically refer to the determined number of active users on the same day in the setting area, may refer to the counted number of active users on a daily basis in the setting area, and may also refer to the counted number of active users on a monthly basis in the setting area, which is not particularly limited in this specification.
Of course, in this specification, the service platform may also determine the effective radius according to the security level corresponding to the user alone, or determine the effective radius according to the determined number of active users in the set area alone, which is only required to ensure that the higher the security level is, the smaller the effective radius is, the more the number of active users is, and the smaller the effective radius is.
S105: and carrying out service processing on equipment corresponding to the equipment identifier to be identified by the user for identity verification according to the first position and the effective geographic range.
In this specification, the service platform performs identity verification in which link to perform service processing on a user by using a very-used device, which may be determined according to actual requirements, as shown in fig. 3.
Fig. 3 is a schematic diagram of an authentication interface provided in the present specification.
For example, if the service platform needs to perform authentication when the user logs in to the unusual device, as shown in fig. 3, after the user fills in the user account and the password, and submits the user account and the password, the authentication page is popped up to enable the user to perform authentication. Therefore, the service platform can perform identity verification before the user uses the very-used equipment to perform service processing, and the user can release the authority of the user to perform service processing by using the very-used equipment if the user passes the identity verification.
Of course, the service platform may perform authentication on the user in other links, if the above mentioned App installed on the very common device by the user triggers a service entry, the authentication page shown in fig. 3 may be popped up, so that the user inputs a corresponding authentication code in the authentication page to complete authentication, and other forms are not illustrated herein.
In the specification, the service platform can determine the verification code corresponding to the user, and the verification code can be set by the user or set by the service platform for the user. If the user is authenticated by the service platform, the authentication code is correctly input by the user and the first position is in the effective geographic range, and the authentication of the user is determined to pass.
Besides the authentication of the user by inputting the authentication code, the service platform can also add the condition of authentication, so that the authentication result of the user needing to process the service by the very common equipment is more accurate.
Specifically, the service platform may determine the effective duration corresponding to the verification code and the starting time when the user needs to be authenticated. The effective duration mentioned here may be set by the service platform for the verification code, or may be a duration that is selected by the user in advance for the verification code. The starting time mentioned here may be the time when the service platform starts to perform authentication on the user, and taking fig. 3 as an example, the starting time may be the time when the page of authentication is popped up, and may also be the starting time when the user inputs the user account.
If the time interval between the moment when the user inputs the verification code and the starting moment does not exceed the effective duration, the user is determined to be effectively filled with the verification code, and further, when the first position is determined to be located in the effective geographic range, the user is determined to pass the identity verification.
According to the method, the service platform can verify the identity of the user according to the geographical position where the user needs to use the very-used equipment to process the service, so that the user can be ensured to use the very-used equipment to a certain extent. That is, if it is monitored that the user needs to use the very-used device to perform the service processing within the effective geographic range, the service processing behavior can be ensured to a certain extent from the user, and compared with the method that the user using the very-used device is not authenticated in the prior art, the security can be improved to a certain extent.
The above method for identity verification provided for one or more embodiments of the present specification further provides a corresponding device for identity verification based on the same concept, as shown in fig. 4.
Fig. 4 is a schematic diagram of an apparatus for identity verification provided in the present specification, which specifically includes:
A first obtaining module 401, configured to obtain, as a device identifier to be identified, a device identifier corresponding to a device currently used by a user;
a second obtaining module 402, configured to obtain, as a first location, a geographic location based on which a device corresponding to the device identifier to be identified currently used by the user is based, if it is determined that the device identifier to be identified is different from a stored default device identifier corresponding to the user;
a selection module 403, configured to select, from among geographic locations based on which the user uses a device corresponding to the default device identifier to perform service processing, a geographic location that meets a preset condition as a second location;
a determining module 404, configured to determine, centering on the second location, a valid geographic range for authentication of the user;
and the verification module 405 is configured to perform identity verification on the user by performing service processing on a device corresponding to the device identifier to be identified according to the first location and the effective geographic range.
Optionally, the selection module 403 is specifically configured to determine, as the geographic location meeting the preset condition, the geographic location based on which the user uses the device corresponding to the default device identifier for service processing last time.
Optionally, before the determining module 404 centers on the second location and determines the valid geographical range for authentication of the user, the authentication module 405 is further configured to:
and if the equipment corresponding to the default equipment identifier is determined to be in an unavailable state, carrying out service processing on the equipment corresponding to the equipment identifier to be identified by the user to carry out identity verification.
Optionally, the verification module 405 is specifically configured to send a voice call to a device corresponding to the default device identifier; and if the equipment corresponding to the default equipment identifier is determined not to be connected with the voice call, determining that the equipment corresponding to the default equipment identifier is in an unavailable state.
Optionally, the verification module 405 is specifically configured to obtain voice prompt information of the device corresponding to the default device identifier in response to the voice call; and carrying out voice recognition on the voice prompt information to determine that the equipment corresponding to the default equipment identifier is not connected with the voice call.
Optionally, the determining module 404 is specifically configured to determine an effective radius according to the security level corresponding to the user and/or the determined number of active users in the set area, where the higher the number of active users in the set area is, the smaller the effective radius is, the higher the security level corresponding to the user is, and the smaller the effective radius is; and taking the second position as a center, dividing the area by the effective radius, and determining an effective geographic range for carrying out identity authentication on the user in the set area.
Optionally, the determining module 404 is specifically configured to divide the area with the second location as a center by using a set radius, and determine the set area.
Optionally, the verification module 405 is specifically configured to determine a verification code corresponding to the user; if the first position is determined to be located in the effective geographic range, and the user is determined to input the verification code, the user is determined to pass the authentication when the user needs to process the service through the equipment corresponding to the equipment identification to be identified.
Optionally, the verification module 405 is specifically configured to determine a valid duration corresponding to the verification code, and determine a starting time when authentication needs to be performed on the user; and if the time interval between the moment of inputting the verification code by the user and the starting moment is not more than the effective duration, determining that the verification code is input by the user.
The present specification also provides a computer readable storage medium storing a computer program operable to perform the method of identity verification provided in figure 1 above.
The present specification also provides a schematic structural diagram of the electronic device shown in fig. 5. At the hardware level, the electronic device includes a processor, an internal bus, a network interface, a memory, and a non-volatile storage, as illustrated in fig. 5, although other hardware required by other services may be included. The processor reads the corresponding computer program from the non-volatile memory into the memory and then runs to implement the authentication method described above with respect to fig. 1. Of course, other implementations, such as logic devices or combinations of hardware and software, are not excluded from the present description, that is, the execution subject of the following processing flows is not limited to each logic unit, but may be hardware or logic devices.
In the 90 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (Programmable Logic Device, PLD) (e.g., field programmable gate array (Field Programmable Gate Array, FPGA)) is an integrated circuit whose logic function is determined by the programming of the device by a user. A designer programs to "integrate" a digital system onto a PLD without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented by using "logic compiler" software, which is similar to the software compiler used in program development and writing, and the original code before the compiling is also written in a specific programming language, which is called hardware description language (Hardware Description Language, HDL), but not just one of the hdds, but a plurality of kinds, such as ABEL (Advanced Boolean Expression Language), AHDL (Altera Hardware Description Language), confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), lava, lola, myHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog are currently most commonly used. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers, and embedded microcontrollers, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, atmel AT91SAM, microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present specification.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
It will be appreciated by those skilled in the art that embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing is merely exemplary of the present disclosure and is not intended to limit the disclosure. Various modifications and alterations to this specification will become apparent to those skilled in the art. Any modifications, equivalent substitutions, improvements, or the like, which are within the spirit and principles of the present description, are intended to be included within the scope of the claims of the present description.

Claims (7)

1. A method of identity verification, comprising:
acquiring a device identifier corresponding to the device currently used by a user as a device identifier to be identified;
if the equipment identification to be identified is different from the stored default equipment identification corresponding to the user, acquiring the geographic position based on the equipment corresponding to the equipment identification to be identified, which is currently used by the user, as a first position;
Selecting a geographic position meeting preset conditions from all geographic positions based on which the user uses equipment corresponding to the default equipment identifier to perform service processing as a second position, wherein the geographic position specifically comprises:
determining the geographic position based on which the user uses the equipment corresponding to the default equipment identifier for service processing for the last time as the geographic position conforming to the preset condition;
if the equipment corresponding to the default equipment identifier is determined to be in an unavailable state, carrying out service processing on the equipment corresponding to the equipment identifier to be identified by the user for identity verification;
the second position is taken as a center, and the effective geographic range for carrying out identity verification on the user is determined, which comprises the following specific steps:
determining an effective radius according to the safety level corresponding to the user and/or the determined number of active users in the set area, wherein the higher the number of active users in the set area is, the smaller the effective radius is, the higher the safety level corresponding to the user is, and the smaller the effective radius is;
taking the second position as a center, dividing the area by the effective radius, and determining an effective geographic range for identity verification of the user in the set area;
According to the first position and the effective geographic range, carrying out service processing on equipment corresponding to the equipment identifier to be identified by the user for identity verification, wherein the method specifically comprises the following steps:
determining a verification code corresponding to the user;
if the first position is determined to be located in the effective geographic range, and the user is determined to input the verification code, the user is determined to pass the authentication when the user needs to process the service through the equipment corresponding to the equipment identification to be identified.
2. The method of claim 1, wherein determining that the device corresponding to the default device identification is in an unavailable state comprises:
sending a voice call to the device corresponding to the default device identifier;
and if the equipment corresponding to the default equipment identifier is determined not to be connected with the voice call, determining that the equipment corresponding to the default equipment identifier is in an unavailable state.
3. The method of claim 2, wherein determining that the device corresponding to the default device identification does not connect the voice call, specifically comprises:
acquiring voice prompt information of equipment corresponding to the default equipment identifier for responding to the voice call;
And carrying out voice recognition on the voice prompt information to determine that the equipment corresponding to the default equipment identifier is not connected with the voice call.
4. The method according to claim 1, wherein determining the set area comprises:
and taking the second position as a center, dividing the region by using a set radius, and determining the set region.
5. The method of claim 1, wherein determining that the user entered the verification code comprises:
determining the effective duration corresponding to the verification code and determining the starting moment of identity verification of the user;
and if the time interval between the moment of inputting the verification code by the user and the starting moment is not more than the effective duration, determining that the verification code is input by the user.
6. A computer-readable storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method of any of the preceding claims 1-5.
7. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of the preceding claims 1-5 when executing the program.
CN202010188616.1A 2020-03-17 2020-03-17 Identity verification method and device Active CN111368273B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010188616.1A CN111368273B (en) 2020-03-17 2020-03-17 Identity verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010188616.1A CN111368273B (en) 2020-03-17 2020-03-17 Identity verification method and device

Publications (2)

Publication Number Publication Date
CN111368273A CN111368273A (en) 2020-07-03
CN111368273B true CN111368273B (en) 2023-06-20

Family

ID=71208851

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010188616.1A Active CN111368273B (en) 2020-03-17 2020-03-17 Identity verification method and device

Country Status (1)

Country Link
CN (1) CN111368273B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112016079A (en) * 2020-08-27 2020-12-01 深圳市亲邻科技有限公司 Equipment terminal verification method, device and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015035936A1 (en) * 2013-09-12 2015-03-19 腾讯科技(深圳)有限公司 Identity authentication method, identity authentication apparatus, and identity authentication system
CN104901925A (en) * 2014-03-05 2015-09-09 中国移动通信集团北京有限公司 End-user identity authentication method, device and system and terminal device
CN107682336A (en) * 2017-09-30 2018-02-09 北京梆梆安全科技有限公司 A kind of auth method and device based on geographical position
CN107731234A (en) * 2017-09-06 2018-02-23 阿里巴巴集团控股有限公司 A kind of method and device of authentication
CN108712413A (en) * 2018-05-15 2018-10-26 上海掌门科技有限公司 A kind of method and apparatus of authentication
WO2019085575A1 (en) * 2017-11-02 2019-05-09 阿里巴巴集团控股有限公司 Voiceprint authentication method and apparatus, and account registration method and apparatus
CN110245475A (en) * 2019-05-30 2019-09-17 阿里巴巴集团控股有限公司 Auth method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017031504A1 (en) * 2015-08-20 2017-02-23 Cloudwear, Inc. Method and apparatus for geographic location based electronic security management

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015035936A1 (en) * 2013-09-12 2015-03-19 腾讯科技(深圳)有限公司 Identity authentication method, identity authentication apparatus, and identity authentication system
CN104901925A (en) * 2014-03-05 2015-09-09 中国移动通信集团北京有限公司 End-user identity authentication method, device and system and terminal device
CN107731234A (en) * 2017-09-06 2018-02-23 阿里巴巴集团控股有限公司 A kind of method and device of authentication
CN107682336A (en) * 2017-09-30 2018-02-09 北京梆梆安全科技有限公司 A kind of auth method and device based on geographical position
WO2019085575A1 (en) * 2017-11-02 2019-05-09 阿里巴巴集团控股有限公司 Voiceprint authentication method and apparatus, and account registration method and apparatus
CN108712413A (en) * 2018-05-15 2018-10-26 上海掌门科技有限公司 A kind of method and apparatus of authentication
CN110245475A (en) * 2019-05-30 2019-09-17 阿里巴巴集团控股有限公司 Auth method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
李丽慧 ; 汪振海 ; 蒋良卫 ; .基于计算机视觉的用户身份验证App设计与实现.信息与电脑(理论版).2017,(17),全文. *
熊俊 ; .用户身份认证技术在计算机信息安全中的应用.信息安全与技术.2013,(06),全文. *

Also Published As

Publication number Publication date
CN111368273A (en) 2020-07-03

Similar Documents

Publication Publication Date Title
CN108990059B (en) Verification method and device
CN109391512B (en) Service publishing method and device and electronic equipment
CN110413286B (en) Application deployment method, device and equipment
CN111639011B (en) Data monitoring method, device and equipment
KR20180109919A (en) Security verification method and device for smart card application
CN107070871B (en) Identity verification method and device
CN111368273B (en) Identity verification method and device
CN111861454B (en) Method and device for displaying unique identifier of digital object
CN111580445B (en) Electrical equipment operation switching method and device, electronic equipment and storage medium
CN116170289A (en) Node election method and device, storage medium and electronic equipment
CN110046052B (en) Service calling method and device
CN111460428A (en) Authority management method and device of android system and readable medium
CN110175450B (en) Information processing method, device and equipment
CN111967769B (en) Risk identification method, apparatus, device and medium
CN114170700A (en) Attendance checking method and device
CN112784161B (en) Information processing method, device, medium and electronic device
CN113420284B (en) Login and user login related service processing method, device and equipment
CN108377547B (en) Positioning method, device and equipment
CN111796864A (en) Data verification method and device
CN114546524B (en) Application authority processing method and device
CN114969710B (en) Rights and interests sharing method, device and equipment
CN117041980B (en) Network element management method and device, storage medium and electronic equipment
CN114237938B (en) Vehicle driving service processing method and device
CN117592104A (en) Method and device for executing service, storage medium and electronic equipment
CN115600177B (en) Identity authentication method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant