CN111404965B - Method for realizing mobile terminal application safety verification - Google Patents
Method for realizing mobile terminal application safety verification Download PDFInfo
- Publication number
- CN111404965B CN111404965B CN202010253095.3A CN202010253095A CN111404965B CN 111404965 B CN111404965 B CN 111404965B CN 202010253095 A CN202010253095 A CN 202010253095A CN 111404965 B CN111404965 B CN 111404965B
- Authority
- CN
- China
- Prior art keywords
- phone number
- mobile
- mobile phone
- mobile terminal
- application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 106
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000004044 response Effects 0.000 claims abstract description 11
- 238000004590 computer program Methods 0.000 claims description 14
- 238000013475 authorization Methods 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 4
- 239000000284 extract Substances 0.000 claims description 3
- 230000008569 process Effects 0.000 description 11
- 230000008901 benefit Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000010354 integration Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000033772 system development Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The application discloses a method for realizing mobile terminal application security verification, which comprises the following verification steps: the mobile terminal application sends API information with mobile terminal mobile phone number to an APP security service platform through a mobile network, and the APP security service platform generates a corresponding session identifier and sends the session identifier back to the mobile terminal application; the mobile terminal application sends a session identifier to an enterprise application background system to carry out a local verification request, and the enterprise application background system sends the session identifier and the mobile phone number encryption identifier to an APP security service platform to carry out a mobile phone number verification request; and finally, the enterprise application background system instructs the mobile terminal application to perform subsequent operation according to the verification result. The application has high safety, shortens response time, does not need operation of a user, and improves user experience.
Description
Technical Field
The application relates to the technical field of network security, in particular to the technical field of security assurance of mobile terminals, and particularly relates to a method for realizing mobile terminal application security verification. .
Background
With the development of the mobile internet and the deep digital transformation of enterprises, the security requirement of mobile terminal application apps (especially mobile terminal applications in the financial industry) is higher. In order to prevent other people from stealing sensitive operations such as key transfer, balance inquiry and the like after the app account number is logged in, mobile phone numbers used by the terminal where the current app of the user is located need to be verified in many scenes. The conventional technical scheme commonly used at present is a short message verification code scheme, namely when the user needs to be verified, a reserved mobile phone number is input, a short message verification code is issued, and the verification code is input on an app for verification.
The verification mode of the short message verification code is the current main local verification solution. The general steps are: the user firstly inputs the mobile phone number of the owner reserved for the financial enterprise on the mobile phone, then clicks and receives the short message verification code pushed by the enterprise side, and then inputs the verification code by the mobile terminal application, so that verification of the mobile phone number reserved for the user is realized. The technical scheme has the following problems:
1. the verification period is long: the short message verification code technical scheme is seriously dependent on the short message gateway of an operator, the sending efficiency of the short message gateway is low, the short message is received at the fastest time of 3-5 seconds, and the short message can be received only at the longest time of 2 minutes. Meanwhile, the short message verification code scheme also requires a manual participation link of a user, such as reading and inputting the verification code, so that a verification period of a minute level is usually required. This is not adequate for many scenarios requiring millisecond-level real-time verification.
Easily hijacked: on the mobile equipment, the third party mobile terminal application can read the short message pushed by the enterprise side under the condition of authorization, so that the third party application installed by the user has the risk of illegally hijacking the short message verification code, and the technical scheme of the short message verification code cannot be used in the scene with high safety requirements of the financial industry. Meanwhile, some fraud tools such as virus Trojan and the like can intercept and read verification code short messages received on the client mobile phone, so that the app security risk is caused.
The user experience is poor: the short message gateway cannot guarantee the hundred percent arrival rate of short messages, and especially under the condition that the short message gateway is congested, the situation that the user side cannot receive the short message verification code or receives the short message verification code for a long time is very popular.
Disclosure of Invention
The purpose of the application is to overcome the above problems or to at least partially solve or alleviate them.
According to one aspect of the present application, there is provided a method for implementing security verification of a mobile terminal application, the method comprising the following verification steps:
the mobile terminal application configured on the mobile terminal accesses a mobile network core network gateway through a mobile data link to generate API information with a mobile terminal mobile phone number, the API information is sent to an APP security service platform through a mobile network, a session identifier corresponding to the mobile terminal application in the mobile terminal is generated in the APP security service platform, and the session identifier is returned and sent to the mobile terminal application;
the mobile terminal application sends the session identifier to an enterprise application background system to carry out a local verification request, and the enterprise application background system sends the received session identifier and the mobile phone number encryption identifier to an APP security service platform to carry out a mobile phone number verification request;
the APP security service platform carries out security verification on the mobile phone number verification request according to the session identifier and the mobile phone number encryption identifier, compares whether the mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request, returns successful verification to the enterprise application background system if the mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request, and returns verification failure to the enterprise application background system if the mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request;
and finally, the enterprise application background system indicates the mobile terminal application to carry out subsequent operation according to the verification result.
For the above solutions, the applicant has further optimisation.
Optionally, a mobile network core network gateway is disposed at the front end of the APP security service platform, when the mobile terminal application accesses the APP security service platform, an access request is first sent to the mobile network core network gateway, the mobile network core network gateway obtains a mobile terminal mobile phone number in the mobile data link through the standard capability of the core network, the mobile network core network gateway forwards an http request to the APP security service platform after receiving the access request, and the mobile terminal mobile phone number is disposed in an http lead and is provided for the APP security service platform.
Further, after receiving the http request forwarded by the mobile network core network gateway, the APP security service platform caches the mobile terminal mobile phone number, generates a globally unique session identifier as a response and returns the globally unique session identifier to the mobile network core network gateway, the mobile network core network gateway forwards the response back to the mobile terminal application, and the mobile terminal application uses the session identifier to initiate a local verification request to an enterprise application background system.
Further, when the mobile terminal application accesses the mobile network core network gateway through the mobile data link, the mobile data link carries the client identifier, the application identifier and the URL path.
Optionally, an access gateway is arranged between the enterprise application background system and the APP security service platform, after the local verification request is received, the enterprise application background system initiates a mobile phone number verification request to the access gateway through a mobile phone number verification client interface, the mobile phone number verification request carries a session identifier and a mobile phone number encryption identifier reserved or authorized by a user, the access gateway checks the authorization of the enterprise application background system, searches for a client identifier and an application identifier allocated to an enterprise, and then routes the mobile phone number verification request to a service instance of the designated APP security service platform for processing according to the client identifier and the application identifier.
Further, the service instance of the APP security service platform extracts the mobile terminal mobile phone number obtained from the network from the memory or the database according to the session identifier, the client identifier and the application identifier, encrypts the mobile terminal mobile phone number according to a specific algorithm, compares the mobile phone number encryption identifier of the verification request, returns successful verification to the enterprise application background system if the mobile terminal mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request, and returns verification failure to the enterprise application background system if the mobile terminal mobile phone number obtained from the mobile network is not consistent with the mobile phone number encryption identifier in the mobile phone number verification request.
The application also provides a computing device comprising a memory, a processor and a computer program stored in the memory and executable by the processor, wherein the processor implements the method as described above when executing the computer program.
The application also provides a computer readable storage medium, preferably a non-volatile readable storage medium, having stored therein a computer program which, when executed by a processor, implements a method as described above.
The application also provides a computer program product comprising computer readable code which, when executed by a computer device, causes the computer device to perform the method as described above.
The mobile terminal application safety verification method of the application utilizes the mobile network core network gateway and two sections of real-time synchronous background processes in the operator network to realize the technical solution which does not need the participation of an end user and the data safety compliance of the integrated third party SDK and can carry out the local verification in real time, and compared with the prior art, the application has the advantages that:
1. no user involvement: according to the application, the mobile terminal application only needs to access the appointed network link through the mobile network flow, obtain the response from the APP security service platform, and then submit the local verification application through the enterprise application background system to complete the local verification process, and the user does not need to receive information and input information in the process, so that the local verification process can be realized fully automatically, and the user experience is good.
2. The verification period is short: because the whole verification process is a full-automatic process, two sections of synchronous processes can be completed in millisecond level, the verification period is short, and the method can be used for service scenes with extremely high real-time requirements.
3. No integration of third party SDKs is required: the enterprise application background system can realize the local verification process only by realizing a network interface without integrating a third party SDK, thereby reducing the threshold of background system development at the enterprise side, and simultaneously, the H5/applet and the mobile terminal application in the mixed mode can realize the local verification.
4. The data security is high: the application does not need enterprise to push verification codes, does not need user participation, does not need integration of a third party SDK, and completes the business process fully automatically, so the application has the advantage of higher data security compared with the short message verification code scheme and the client SDK scheme.
The above, as well as additional objectives, advantages, and features of the present application will become apparent to those skilled in the art from the following detailed description of a specific embodiment of the present application when read in conjunction with the accompanying drawings.
Drawings
Some specific embodiments of the application will be described in detail hereinafter by way of example and not by way of limitation with reference to the accompanying drawings. The same reference numbers will be used throughout the drawings to refer to the same or like parts or portions. It will be appreciated by those skilled in the art that the drawings are not necessarily drawn to scale. In the accompanying drawings:
FIG. 1 is a general flow diagram of a method for implementing mobile-side application security verification in accordance with one embodiment of the application;
FIG. 2 is a block diagram of a computing device according to another embodiment of the application;
fig. 3 is a block diagram of a computer-readable storage medium according to another embodiment of the present application.
Detailed Description
Fig. 1 is a schematic overall flow diagram for implementing a mobile-side application security verification method according to an embodiment of the present application.
The embodiment describes a method for realizing mobile terminal application security verification, which comprises the following three verification steps of session identification response between a mobile terminal and an APP security service platform, a local verification request between the mobile terminal and an enterprise application background system, and a mobile phone number verification request between the enterprise application background and the APP security service platform.
Specifically, firstly, the session identification response process between the mobile terminal and the APP security service platform is as follows:
the mobile terminal application configured on the mobile terminal generates an http request with a mobile terminal mobile phone number after accessing the mobile network core network gateway through a mobile data link, and when the mobile terminal application accesses the mobile network core network gateway through the mobile data link, the mobile data link also carries a client identifier, an application identifier and a URL path. The mobile network core network gateway herein includes, but is not limited to, 3G: GGSN, SGSN, WAP gateway; 4G: SGW, PGW;5G: SMF, UPF.
The mobile network core network gateway is arranged at the front end of the APP security service platform, when the mobile terminal application accesses the APP security service platform, an access request is firstly sent to the mobile network core network gateway, the mobile network core network gateway obtains a mobile terminal mobile phone number in the practical mobile data link through the standard capability of the core network, the mobile network core network gateway forwards an http request to the APP security service platform after receiving the access request, and the mobile terminal mobile phone number is arranged in an http lead and is provided for the APP security service platform.
After receiving the http request forwarded by the mobile network core network gateway, the APP security service platform caches the mobile terminal mobile phone number, generates a globally unique session identifier as a response and returns the globally unique session identifier to the mobile network core network gateway, the mobile network core network gateway forwards the response back to the mobile terminal application, and the mobile terminal application uses the session identifier to initiate a local verification request to an enterprise application background system.
Then, the mobile terminal initiates a local check request to the enterprise application background system, and the specific process is as follows:
the mobile terminal application sends the session identification to the enterprise application background system to carry out a local verification request, and the enterprise application background system sends the received session identification and the mobile phone number encryption identification to the APP security service platform to carry out the mobile phone number verification request.
Then, a mobile phone number checking request is carried out between the enterprise application background and the APP security service platform, and the method concretely comprises the following steps:
an access gateway is arranged between the enterprise application background system and the APP security service platform, after the local verification request is received, the enterprise application background system initiates a mobile phone number verification request to the access gateway through a mobile phone number verification client interface, the mobile phone number verification request carries a session identifier and a mobile phone number encryption identifier reserved or authorized by a user, the access gateway checks the authorization of the enterprise application background system, searches out a client identifier and an application identifier allocated to an enterprise, and then routes the mobile phone number verification request to a service instance of the appointed APP security service platform for processing according to the client identifier and the application identifier.
Further, the service instance of the APP security service platform extracts the mobile terminal mobile phone number obtained from the network from the memory or the database according to the session identifier, the client identifier and the application identifier, encrypts the mobile terminal mobile phone number according to a specific algorithm, compares the mobile phone number encryption identifier of the verification request, returns successful verification to the enterprise application background system if the mobile terminal mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request, and returns verification failure to the enterprise application background system if the mobile terminal mobile phone number obtained from the mobile network is not consistent with the mobile phone number encryption identifier in the mobile phone number verification request.
And finally, the enterprise application background system indicates the mobile terminal application to carry out subsequent operation according to the verification result.
The above, as well as additional objectives, advantages, and features of the present application will become apparent to those skilled in the art from the following detailed description of a specific embodiment of the present application when read in conjunction with the accompanying drawings.
Embodiments of the present application also provide a computing device, referring to fig. 2, comprising a memory 1120, a processor 1110 and a computer program stored in said memory 1120 and executable by said processor 1110, the computer program being stored in a space 1130 for program code in the memory 1120, which computer program, when being executed by the processor 1110, is adapted to carry out any of the method steps 1131 according to the present application.
The embodiment of the application also provides a computer readable storage medium. Referring to fig. 3, the computer-readable storage medium includes a storage unit for program code, the storage unit being provided with a program 1131' for performing the method steps according to the present application, the program being executed by a processor.
Embodiments of the present application also provide a computer program product comprising instructions. The computer program product, when run on a computer, causes the computer to perform the method steps according to the application.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed by a computer, produces a flow or function in accordance with embodiments of the present application, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), etc.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of function in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
Those of ordinary skill in the art will appreciate that all or some of the steps in implementing the methods of the above embodiments may be implemented by a program that instructs a processor to perform the steps, and the program may be stored in a computer readable storage medium, where the storage medium is a non-transitory (english) medium, such as a random access memory, a read-only memory, a flash memory, a hard disk, a solid state disk, a magnetic tape (english), a floppy disk (english), an optical disc (english), and any combination thereof.
The present application is not limited to the above-mentioned embodiments, and any changes or substitutions that can be easily understood by those skilled in the art within the technical scope of the present application are intended to be included in the scope of the present application. Therefore, the protection scope of the present application should be subject to the protection scope of the claims.
Claims (8)
1. A method for implementing security verification of mobile terminal application, the method comprising the following verification steps:
the mobile terminal application configured on the mobile terminal accesses a mobile network core network gateway through a mobile data link to generate API information with a mobile terminal mobile phone number, the API information is sent to an APP security service platform through a mobile network, a session identifier corresponding to the mobile terminal application in the mobile terminal is generated in the APP security service platform, and the session identifier is returned and sent to the mobile terminal application;
the mobile terminal application sends the session identifier to an enterprise application background system to carry out a local verification request, and the enterprise application background system sends the received session identifier and the mobile phone number encryption identifier to an APP security service platform to carry out a mobile phone number verification request;
the APP security service platform carries out security verification on the mobile phone number verification request according to the session identifier and the mobile phone number encryption identifier, compares whether the mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request, returns successful verification to the enterprise application background system if the mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request, and returns verification failure to the enterprise application background system if the mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request;
and finally, the enterprise application background system indicates the mobile terminal application to carry out subsequent operation according to the verification result.
2. The method according to claim 1, wherein a mobile network core network gateway is arranged at the front end of an APP security service platform, when a mobile terminal application accesses the APP security service platform, an access request is first sent to the mobile network core network gateway, the mobile network core network gateway obtains a mobile terminal mobile phone number in the practical mobile data link through standard capabilities of a core network, the mobile network core network gateway forwards an http request to the APP security service platform after receiving the access request, and the mobile terminal mobile phone number is arranged in an http lead and provided to the APP security service platform.
3. The method according to claim 2, wherein after receiving the http request forwarded by the mobile network core network gateway, the APP security service platform caches the mobile terminal mobile phone number, generates a globally unique session identifier as a response and returns the response to the mobile network core network gateway, and the mobile network core network gateway forwards the response back to the mobile terminal application, and the mobile terminal application initiates a local verification request to the enterprise application background system using the session identifier.
4. A method according to any one of claims 1 to 3, wherein the mobile data link carries a client identity, an application identity and a URL path when the mobile end application accesses the mobile network core network gateway via the mobile data link.
5. The method of claim 1, wherein an access gateway is disposed between the enterprise application background system and the APP security service platform, after receiving the local verification request, the enterprise application background system initiates a mobile phone number verification request to the access gateway through a mobile phone number verification client interface, the mobile phone number verification request carries a session identifier and a mobile phone number encryption identifier reserved or authorized by a user, the access gateway checks authorization of the enterprise application background system, searches for a client identifier and an application identifier allocated to the enterprise, and then routes the mobile phone number verification request to a service instance of the designated APP security service platform for processing according to the client identifier and the application identifier.
6. The method of claim 5, wherein the service instance of the APP security service platform extracts the mobile phone number obtained from the network from the memory or the database according to the session identifier, the client identifier and the application identifier, performs encryption processing according to the algorithm, and then compares the mobile phone number encryption identifier of the verification request, if the mobile phone number obtained from the mobile network is consistent with the mobile phone number encryption identifier in the mobile phone number verification request, returns verification success to the enterprise application background system, otherwise returns verification failure to the enterprise application background system.
7. A computing device comprising a memory, a processor, and a computer program stored in the memory and executable by the processor, wherein the processor implements the method of any of claims 1-6 when the computer program is executed.
8. A computer readable storage medium, being a non-volatile readable storage medium, in which a computer program is stored which, when executed by a processor, implements the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010253095.3A CN111404965B (en) | 2020-04-02 | 2020-04-02 | Method for realizing mobile terminal application safety verification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010253095.3A CN111404965B (en) | 2020-04-02 | 2020-04-02 | Method for realizing mobile terminal application safety verification |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111404965A CN111404965A (en) | 2020-07-10 |
| CN111404965B true CN111404965B (en) | 2023-11-10 |
Family
ID=71433345
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010253095.3A Active CN111404965B (en) | 2020-04-02 | 2020-04-02 | Method for realizing mobile terminal application safety verification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111404965B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112689285B (en) * | 2020-12-10 | 2023-08-15 | 航天信息股份有限公司 | Authorization authentication method and system for mobile terminal SDK |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105681258A (en) * | 2014-11-19 | 2016-06-15 | 腾讯科技(武汉)有限公司 | Session method and session device based on third-party server |
| CN106453263A (en) * | 2016-09-19 | 2017-02-22 | 惠州Tcl移动通信有限公司 | Method and system of binding cellphone number with APP |
| CN107566382A (en) * | 2017-09-12 | 2018-01-09 | 中国联合网络通信集团有限公司 | Auth method, service platform, carrier authorization gateway and mobile terminal |
| CN108990059A (en) * | 2017-06-02 | 2018-12-11 | 阿里巴巴集团控股有限公司 | A kind of verification method and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104243157A (en) * | 2013-06-24 | 2014-12-24 | 阿里巴巴集团控股有限公司 | Method and device for user identity authentication |
-
2020
- 2020-04-02 CN CN202010253095.3A patent/CN111404965B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105681258A (en) * | 2014-11-19 | 2016-06-15 | 腾讯科技(武汉)有限公司 | Session method and session device based on third-party server |
| CN106453263A (en) * | 2016-09-19 | 2017-02-22 | 惠州Tcl移动通信有限公司 | Method and system of binding cellphone number with APP |
| CN108990059A (en) * | 2017-06-02 | 2018-12-11 | 阿里巴巴集团控股有限公司 | A kind of verification method and device |
| CN107566382A (en) * | 2017-09-12 | 2018-01-09 | 中国联合网络通信集团有限公司 | Auth method, service platform, carrier authorization gateway and mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111404965A (en) | 2020-07-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9560033B2 (en) | Method and system for authenticating user identity | |
| US8917826B2 (en) | Detecting man-in-the-middle attacks in electronic transactions using prompts | |
| KR102321781B1 (en) | Processing electronic tokens | |
| CN106934622B (en) | Method and device for sharing account | |
| CN110232568B (en) | Mobile payment method, mobile payment device, computer equipment and readable storage medium | |
| CN103944737A (en) | User identity authentication method, third-party authentication platform and operator authentication platform | |
| JP2010507842A (en) | System and method for authenticating remote server access | |
| WO2021052034A1 (en) | Information authentication method and system thereof, authentication module and user terminal | |
| CN110087241B (en) | Service authorization method, device and system | |
| CN106936802A (en) | Mobile phone A PP information protecting methods and mobile phone A PP clients, system | |
| CN103905194A (en) | Identity traceability authentication method and system | |
| CN112801655A (en) | Payment card migration method and device, electronic equipment, server and medium | |
| CN110719252B (en) | Method, system and medium for authorizing transactions over a communication channel | |
| US9836618B2 (en) | System and method of authentication of a first party respective of a second party aided by a third party | |
| CN111404965B (en) | Method for realizing mobile terminal application safety verification | |
| KR20200041631A (en) | Apparatus and method for providing a simple settlement service of a corporation account | |
| CN106060791B (en) | Method and system for sending and obtaining short message verification code | |
| CN110248326B (en) | Data processing method and device | |
| CN112235247A (en) | Mobile terminal, terminal banking business security authentication method and system | |
| CN107533603A (en) | SMS processing method, device and terminal | |
| KR101788959B1 (en) | Apparatus and method for authenticating mobile device | |
| KR101746471B1 (en) | User authentication method of ssl-vpn and sso based on yaws | |
| TWI839875B (en) | Payment method, user terminal, device, equipment, system and medium | |
| CN112069231B (en) | User information processing method and device, storage medium and electronic equipment | |
| WO2018232667A1 (en) | Network payment method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |