CN111709007A - User authentication method, device and equipment - Google Patents
User authentication method, device and equipment Download PDFInfo
- Publication number
- CN111709007A CN111709007A CN202010522148.7A CN202010522148A CN111709007A CN 111709007 A CN111709007 A CN 111709007A CN 202010522148 A CN202010522148 A CN 202010522148A CN 111709007 A CN111709007 A CN 111709007A
- Authority
- CN
- China
- Prior art keywords
- user
- verification code
- information
- verified
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 238000012795 verification Methods 0.000 claims abstract description 262
- 238000010276 construction Methods 0.000 claims description 44
- 238000004590 computer program Methods 0.000 claims description 6
- 238000010200 validation analysis Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000012634 fragment Substances 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/42—User authentication using separate channels for security data
- G06F21/43—User authentication using separate channels for security data wireless channels
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephone Function (AREA)
Abstract
The embodiment of the specification provides a user authentication method, a user authentication device and user authentication equipment. The method comprises the following steps: receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified; acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified; generating a first verification code by using the user information; sending the first verification code to terminal equipment associated with the user account so that the terminal equipment can display the first verification code; receiving a second verification code submitted by the user to be verified; if the second verification code is matched with the first verification code, the user to be verified is determined to be a normal user, and the first verification code is associated with the user to be verified, so that the user can easily identify the first verification code according to the personal identity information contained in the first verification code, the normal user can be effectively identified, and the verification accuracy is improved.
Description
Technical Field
The embodiment of the specification relates to the technical field of computers, in particular to a user verification method, device and equipment.
Background
In order to ensure the security of user data, when a user performs a login operation or a data calling operation, the user often needs to be authenticated, and the authentication can be completed by inputting a corresponding authentication code by the user. For example, in a specific authentication method, after a user submits an authentication request based on a client, a server sends an authentication code to the user in a short message manner. And after receiving the short message containing the verification code, the user inputs the acquired verification code into a verification interface of the client to complete the verification of the identity of the user.
At present, when a server generates a verification code, a plurality of characters are often generated randomly, and the characters are spliced into the verification code to be used for verifying the identity of a user. However, the verification code generated based on the method has strong randomness and often does not have any practical significance, so that the user is difficult to identify the verification code and cannot input the correct verification code in the verification interface, thereby causing verification failure. Therefore, the current authentication method may not identify the normal user, thereby causing invalid authentication. There is a need for an authentication method that can accurately identify a normal user.
Disclosure of Invention
An embodiment of the present specification aims to provide a user authentication method, device and apparatus, so as to solve a problem of how to accurately identify a normal user when authenticating a user.
In order to solve the above technical problem, an embodiment of the present specification provides a user authentication method, including:
receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified;
acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified;
generating a first verification code by using the user information;
sending the first verification code to terminal equipment associated with the user account so that the terminal equipment can display the first verification code;
receiving a second verification code submitted by the user to be verified;
and if the second verification code is matched with the first verification code, determining that the user to be verified is a normal user.
An embodiment of this specification further provides a user authentication apparatus, including:
the request receiving module is used for receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified;
the information acquisition module is used for acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified;
the verification code generation module is used for generating a first verification code by utilizing the user information;
the verification code sending module is used for sending the first verification code to the terminal equipment associated with the user account so that the terminal equipment can display the first verification code;
the verification code receiving module is used for receiving a second verification code submitted by the user to be verified;
and the user determining module is used for determining that the user to be verified is a normal user when the second verification code submitted by the user to be verified is matched with the first verification code.
The embodiment of the present specification further provides a user authentication device, including a memory and a processor; the memory to store computer program instructions; the processor, configured to execute the computer program instructions to implement the following steps: receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified; acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified; generating a first verification code by using the user information; sending the first verification code to terminal equipment associated with the user account so that the terminal equipment can display the first verification code; receiving a second verification code submitted by the user to be verified; and if the second verification code is matched with the first verification code, determining that the user to be verified is a normal user.
As can be seen from the technical solutions provided in the embodiments of the present specification, when a verification request of a user needs to be verified, the embodiments of the present specification obtain user information including personal identity information of the user, construct a first verification code by using the user information for the user to identify, and verify that the user is a normal user when a second verification code input by the user is the same as the first verification code. Due to the fact that the generated first verification code is related to the user to be verified, the user can easily identify the first verification code when receiving the personal identity information contained in the first verification code, so that a normal user can be effectively identified, and verification accuracy is improved.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the specification, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a user authentication method according to an embodiment of the present disclosure;
FIG. 2 is a block diagram of a user authentication device according to an embodiment of the present disclosure;
fig. 3 is a block diagram of a user authentication device according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present specification without any creative effort shall fall within the protection scope of the present specification.
The embodiment of the specification provides an embodiment of a user authentication method. The execution subject of the user authentication method is user authentication equipment, and the user authentication equipment comprises but is not limited to a server, an industrial personal computer, a PC (personal computer) and the like. As shown in fig. 1, the user authentication method specifically includes the following steps.
S110: receiving an authentication request of a user to be authenticated; the verification request comprises the user account of the user to be verified.
The user to be authenticated is the user whose identity needs to be determined through a certain authentication mode. The identity of the user to be authenticated has uncertainty, that is, the user to be authenticated may be a normal user, or may be a malicious user or an illegal program impersonating the normal user.
The authentication request is a request triggered when the user to be authenticated performs some specified operation. The specified operation may be an operation that may affect the security of the user data, for example, an operation of logging in the user account, obtaining funds in the user account, and the like. After detecting that the user performs the specified operation, the client may send an authentication request to the user authentication device based on a preset program, so as to implement authentication of the identity of the user to be authenticated.
In some embodiments, the authentication request may include a user account of the user to be authenticated. For example, when a user performs a login operation, the client may acquire a user account input by the user on a display interface, and attach the user account to the authentication request; if the user executes the specified operation of triggering the authentication request when the user logs in the client, the user account currently logging in the client can be directly acquired, and the user account is attached to the authentication request.
S120: acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be authenticated.
After the user account is acquired, user information corresponding to the user account may be acquired. The user information may be information having a strong association with the user to be authenticated. For example, the user information may include personal identity information of the user to be authenticated, where the personal identity information includes at least one of a user identification number, a user mobile phone number, a user birthday, and a zip code where the user is located. In practical applications, the user information is not limited to the above example, and may also be information having a strong association with the user to be authenticated.
Because the user often inputs information such as a mobile phone number, an identity card number, an address and the like to be bound with the user account when registering the account, the personal identity information associated with the user account can be directly acquired based on the user account in the verification request.
S130: and generating a first verification code by using the user information.
After the user information corresponding to the target account is acquired, a corresponding first verification code can be generated by using the user information. The first verification code is a verification code for presentation to a user. The first verification code may be a verification code composed of numbers, such as a verification code generated according to the numbers in the personal identity information; the first verification code may also be a verification code combining numbers and characters. In some embodiments, the first verification code may also be a verification code formed by warping numbers and/or characters to generate corresponding images.
In some embodiments, the user information may be directly utilized to generate the corresponding first verification code. Specifically, the authentication code number may be included in the authentication request. The verification code number is used to define the number of bits of the generated first verification code. After the verification code number is acquired, the user information can be directly intercepted into a first verification code corresponding to the verification code number.
The above embodiment is described by using a specific example, where the obtained user information is a mobile phone number of the user, and the mobile phone number is 18812345678, the obtained number of the verification code is 6 bits, and six digits can be directly intercepted from the mobile phone number to serve as the first verification code. For example, the intercepted number may be 123456, that is, the generated first verification code is 123456, and if the user to be verified is a normal user, when the first verification code is checked, the first verification code may be identified as a fragment in the mobile phone number of the user, so that the first verification code can be identified conveniently and accurately.
In some embodiments, the user information may be truncated into a first specified number of bits of the captcha build information, the first specified number of bits being no greater than one-half of the number of captcha bits. After the verification code construction information is obtained, a first verification code corresponding to the number of the verification code can be generated by using at least two verification code construction information.
To explain the above embodiment by using a specific example, when the obtained user information is a user mobile phone number and the mobile phone number is 18812345678, and the obtained verification code number is 6 bits, it may be determined that the first specified number is 3 bits, that is, 3 bits are intercepted from the user mobile phone number as verification code construction information, for example, the verification code construction information may be 234. The first captcha may then be generated using the two captcha building information, i.e., the first captcha is generated as 234234. The first verification code is generated by repeatedly utilizing the verification code construction information, the randomness of characters in the first verification code is reduced, so that a user can more easily identify the verification code construction information in the first verification code, and the verification code construction information is determined to be information associated with the identity information of the user, so that the first verification code can be conveniently and accurately identified.
In some embodiments, the user information may be intercepted as the validation code construction information for a second specified number of bits, the second specified number of bits being no greater than one-half the number of validation codes. After obtaining the captcha construction information, a first captcha corresponding to the number of captcha bits may be generated using the captcha construction information and the reverse order captcha construction information.
To explain the above embodiment by using a specific example, when the obtained user information is a user mobile phone number and the mobile phone number is 18812345678, and the obtained verification code number is 6 bits, it may be determined that the second specified number is 3 bits, that is, 3 bits are intercepted from the user mobile phone number as verification code construction information, for example, the verification code construction information may be 456. And then generating a 6-bit first verification code by using the verification code construction information and the verification code construction information in the reverse order, namely generating the first verification code as 456654. The first verification code is generated by utilizing the verification code construction information and the reverse verification code construction information, the randomness of characters in the first verification code is reduced, a user can easily identify the verification code construction information in the first verification code, the verification code construction information is determined to be information associated with the identity information of the user, and therefore the first verification code can be conveniently and accurately identified.
In the above embodiment, when the first verification code is generated by using the verification code construction information, a situation may occur in which a plurality of pieces of verification code construction information cannot generate the first verification code with a corresponding number of bits. For example, in the case where the number of the captcha bits is 7 bits and the specified number of bits is 3 bits, the first captcha cannot be generated directly using a fixed number of captcha construction information. In this case, a supplementary character may be determined according to the number of captcha bits, and the first captcha may be generated using the supplementary character and the captcha construction information.
The supplementary character may be a randomly generated character, or may be a character selected from a designated character string set when the number of vacant bits is too large. The designated string set may include predetermined characters, such as 1314, 668, 400, 88, 66, etc. The first verification code is generated by using the characters in the appointed character string set and the verification code construction information, so that the randomness of the first verification code can be reduced, and the generated verification code is ensured to be easily recognized by a user.
By using a specific example for explanation, under the condition that the obtained user information is a user mobile phone number and the mobile phone number is 18812345678, the obtained verification code number is 8 bits, when the first specified number is 3 bits, 3 bits are intercepted from the user mobile phone number, that is, 345 bits are used as verification code construction information, and the two verification code construction information are only 6 bits and do not meet the requirement of the verification code number, 88 bits can be selected from a specified character string set as supplementary characters and generate a first verification code 34534588 together with the verification code construction information, so that the generated first verification code has strong correlation with a user to be verified and is easily recognized by the user.
In some embodiments, the user information may be truncated into a third specified number of bits of the captcha build information, the third specified number of bits being less than the number of captcha bits. After the verification code construction information is obtained, verification code construction characters can be selected from the verification code construction information, and a first verification code corresponding to the number of the verification code is generated by using the verification code construction information and the verification code construction characters.
To illustrate by using a specific example, when the obtained user information is a user mobile phone number and the mobile phone number is 18812345678, and the obtained verification code number is 6 bits, it may be determined that the third specified number is 3 bits, that is, 3 bits are intercepted from the user mobile phone number as verification code construction information, for example, the verification code construction information may be 678.
Then, identifying code constructing characters are selected from the identifying code constructing information to be 7, 8 and 7, the identifying code constructing information and the identifying code constructing characters are reused to generate a first identifying code corresponding to the number of the identifying code to be 678787, so that under the condition of ensuring that the first identifying code and a user have stronger relevance, the number of different characters in the first identifying code is reduced, the identification of the user can be facilitated, and the first identifying code can be conveniently and accurately identified.
S140: and sending the first verification code to terminal equipment associated with the user account so that the terminal equipment can display the first verification code.
After the first verification code is generated, the first verification code may be displayed on a terminal device associated with the user account. The terminal device associated with the user account may be, for example, a device in which the user logs in the user account, and when the client generates the authentication request, the device identifier of the terminal device is obtained and attached to the authentication request. And after receiving the verification request, the user verification equipment sends the corresponding first verification code to the corresponding terminal equipment according to the equipment identifier in the verification request.
In other embodiments, the user authentication device may store a correspondence between a user account and a corresponding terminal device in advance. For example, the terminal device which logs in the user account the most is taken as the terminal device associated with the user account. And when the first verification code is sent, acquiring corresponding terminal equipment according to the user account and sending the terminal equipment to the terminal equipment.
The specific display mode may be, for example, displaying the first verification code to the user in an image mode, or displaying the first verification code to the user in a voice broadcast mode. The way of displaying the first verification code in practical application is not limited to the above example, and is not described herein again.
In some implementations, the authentication request can be an authentication request submitted by a user through a first client. Accordingly, after generating the first passcode, the user authentication device may send the first passcode to a second client associated with the user account to present the first passcode in the second client. The second client is a different client than the first client. For example, when the user logs in the treasure APP, namely when the treasure APP is the first client, the treasure APP can be used as the second client, and the first verification code is sent to the treasure APP, so that the user is ensured to receive the verification code on different clients, and a lawbreaker is prevented from easily realizing verification by using the same client and stealing personal information of the user.
S150: and receiving the second verification code submitted by the user to be verified.
After the user to be authenticated checks the first authentication code displayed in the terminal device, a second authentication code identical to the first authentication code may be input and submitted to the user authentication device. And under the condition that the user to be verified is a normal user, the user to be verified inputs a second verification code corresponding to the first verification code. And under the condition that the user to be verified is an illegal user or a malicious program, the first verification code cannot be checked, and the submitted second verification code may be a randomly generated verification code different from the first verification code.
S160: and if the second verification code submitted by the user to be verified is matched with the first verification code, determining that the user to be verified is a normal user.
After the user to be authenticated checks the first authentication code displayed in the terminal device, a second authentication code identical to the first authentication code may be input and submitted to the user authentication device. And if the second verification code submitted by the user to be verified is matched with the first verification code, verifying that the user to be verified is a normal user, namely allowing the user to be verified to execute corresponding operation. Specifically, the matching of the second verification code and the first verification code may be detecting that the second verification code is the same as the first verification code.
If the second verification code submitted by the user to be verified is not matched with the first verification code, the user may not receive the first verification code but randomly input other verification codes, so that the possibility that the user is a lawbreaker or a malicious program is high, and verification failure information can be fed back to the user to be verified if the user to be verified fails in verification. And the verification failure information is used for reminding the user to be verified that the verification corresponding to the request to be verified fails.
The user authentication method is described by using a specific scene example, when a user A needs to log in an application software A, after an account and a password are input in a login interface of the application software A, the application software A acquires the account of the user A and generates an authentication request containing the account, and the authentication request is sent to a server. After receiving the verification request, the server obtains an account number of the user a in the verification request, and obtains a mobile phone number 17798765432 bound with the account number when the user a registers the account number in the database. The server intercepts a first verification code 987654 from the mobile phone number of the user, and sends the first verification code to the mobile phone number of the user in a short message mode. After the user A checks the first verification code through the short message, the user A can easily identify that the first verification code is a fragment in the mobile phone number of the user A, and the condition that the verification code is identified wrongly is avoided. After user A enters 987654 in the verification interface of application software A, the client sends 987654 to the server as a second verification code. And when detecting that the first verification code is the same as the second verification code, the server verifies that the user A is a normal user, and allows the login operation of the user A.
When a verification request of a user is received and the user needs to be verified, user information including personal identity information of the user is acquired, a first verification code is constructed by using the user information and is used for the user to identify, and the user is verified to be a normal user under the condition that a second verification code input by the user is the same as the first verification code. Due to the fact that the generated first verification code is related to the user to be verified, the user can easily identify the first verification code when receiving the personal identity information contained in the first verification code, so that a normal user can be effectively identified, and verification accuracy is improved.
In order to better implement the user authentication method, as shown in fig. 2, an embodiment of the present specification provides a user authentication apparatus, where the apparatus is disposed in the user authentication device, and the apparatus includes the following modules.
A request receiving module 210, configured to receive an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified;
an information obtaining module 220, configured to obtain user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified;
a verification code generating module 230, configured to generate a first verification code using the user information;
a verification code sending module 240, configured to send the first verification code to a terminal device associated with the user account, so that the terminal device displays the first verification code;
the verification code receiving module 250 is configured to receive a second verification code submitted by the user to be verified;
the user determining module 260 is configured to determine that the user to be authenticated is a normal user when the second authentication code submitted by the user to be authenticated matches the first authentication code.
As shown in fig. 3, embodiments of the present specification provide a user authentication device. The user authentication device may include a memory and a processor.
In this embodiment, the memory may be implemented in any suitable manner. For example, the memory may be a read-only memory, a mechanical hard disk, a solid state disk, a U disk, or the like. The memory may be used to store computer program instructions.
In this embodiment, the processor may be implemented in any suitable manner. For example, the processor may take the form of, for example, a microprocessor or processor and a computer-readable medium that stores computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, an embedded microcontroller, and so forth. The processor may execute the computer program instructions to perform the steps of: receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified; acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified; generating a first verification code by using the user information; sending the first verification code to terminal equipment associated with the user account so that the terminal equipment can display the first verification code; receiving a second verification code submitted by the user to be verified; and if the second verification code is matched with the first verification code, determining that the user to be verified is a normal user.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Language Description Language), traffic, pl (core unified Programming Language), HDCal, JHDL (Java Hardware Description Language), langue, Lola, HDL, laspam, hardsradware (Hardware Description Language), vhjhd (Hardware Description Language), and vhigh-Language, which are currently used in most popular applications. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
From the above description of the embodiments, it is clear to those skilled in the art that the present specification can be implemented by software plus a necessary general hardware platform. Based on such understanding, the technical solutions of the present specification may be essentially or partially implemented in the form of software products, which may be stored in a storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and include instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments of the present specification.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The description is operational with numerous general purpose or special purpose computing system environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet-type devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.
This description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
While the specification has been described with examples, those skilled in the art will appreciate that there are numerous variations and permutations of the specification that do not depart from the spirit of the specification, and it is intended that the appended claims include such variations and modifications that do not depart from the spirit of the specification.
Claims (10)
1. A method of user authentication, comprising:
receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified;
acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified;
generating a first verification code by using the user information;
sending the first verification code to terminal equipment associated with the user account so that the terminal equipment can display the first verification code;
receiving a second verification code submitted by the user to be verified;
and if the second verification code is matched with the first verification code, determining that the user to be verified is a normal user.
2. The method of claim 1, wherein the personal identity information comprises at least one of: the user identity card number, the user mobile phone number, the user birthday and the zip code where the user is located; the first verification code includes a verification code generated based on a number in the personal identification information.
3. The method of claim 1, wherein the authentication request includes an authentication code number; the generating a first verification code by using the user information includes:
intercepting the user information into a first verification code corresponding to the verification code number.
4. The method of claim 1, wherein the authentication request includes an authentication code number; the generating a first verification code by using the user information includes:
intercepting the user information into verification code construction information of a first specified digit; the first specified number of bits is no greater than one-half of the number of authentication code bits;
and generating a first verification code corresponding to the number of the verification code by utilizing at least two verification code construction information.
5. The method of claim 1, wherein the authentication request includes an authentication code number; the generating a first verification code by using the user information includes:
intercepting the user information into verification code construction information of a second designated bit number; the second number of digits is not greater than one-half of the number of authentication code bits;
generating a first verification code corresponding to the number of verification code bits using verification code construction information and reverse-order verification code construction information.
6. The method of claim 1, wherein the authentication request includes an authentication code number; the generating a first verification code by using the user information includes:
intercepting the user information into verification code construction information of a third specified digit; the third specified number of bits is less than the number of validation bits;
selecting a verification code construction character from the verification code construction information;
and generating a first verification code corresponding to the number of the verification code by using the verification code construction information and the verification code construction characters.
7. The method of claim 1, wherein the authentication request comprises an authentication request submitted by a user through a first client; correspondingly, the sending the first verification code to the terminal device associated with the user account includes:
sending the first verification code to a second client associated with the user account to display the first verification code in the second client;
the second verification code submitted by the user to be verified is accepted
And receiving a second verification code input by the user to be verified through the first client.
8. The method of claim 1, wherein after accepting the second authentication code submitted by the user to be authenticated, comprising:
and if the second verification code submitted by the user to be verified is not matched with the first verification code, feeding back verification failure information.
9. A user authentication apparatus, comprising:
the request receiving module is used for receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified;
the information acquisition module is used for acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified;
the verification code generation module is used for generating a first verification code by utilizing the user information;
the verification code sending module is used for sending the first verification code to the terminal equipment associated with the user account so that the terminal equipment can display the first verification code;
the verification code receiving module is used for receiving a second verification code submitted by the user to be verified;
and the user determining module is used for determining that the user to be verified is a normal user when the second verification code submitted by the user to be verified is matched with the first verification code.
10. A user authentication device comprising a memory and a processor;
the memory to store computer program instructions;
the processor to execute the computer program instructions to implement the steps of: receiving an authentication request of a user to be authenticated; the verification request comprises a user account of the user to be verified; acquiring user information corresponding to the user account; the user information comprises the personal identity information of the user to be verified; generating a first verification code by using the user information; sending the first verification code to terminal equipment associated with the user account so that the terminal equipment can display the first verification code; receiving a second verification code submitted by the user to be verified; and if the second verification code is matched with the first verification code, determining that the user to be verified is a normal user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010522148.7A CN111709007A (en) | 2020-06-10 | 2020-06-10 | User authentication method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010522148.7A CN111709007A (en) | 2020-06-10 | 2020-06-10 | User authentication method, device and equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111709007A true CN111709007A (en) | 2020-09-25 |
Family
ID=72539939
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010522148.7A Pending CN111709007A (en) | 2020-06-10 | 2020-06-10 | User authentication method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111709007A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112818306A (en) * | 2021-02-01 | 2021-05-18 | 长沙市到家悠享网络科技有限公司 | Information processing method and device and server |
| CN113395273A (en) * | 2021-06-08 | 2021-09-14 | 中国联合网络通信集团有限公司 | Login identity verification method, device, equipment and storage medium |
| CN113824628A (en) * | 2021-09-30 | 2021-12-21 | 传仲智能数字科技(上海)有限公司 | User identity authentication method, device, server and storage medium based on IM |
| US20220386124A1 (en) * | 2021-05-27 | 2022-12-01 | Citrix Systems, Inc. | Provisioning devices securely using zero touch deployments |
| CN115529174A (en) * | 2022-09-16 | 2022-12-27 | 融合通信技术(天津)有限公司 | Short message verification method, device, server and medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104079527A (en) * | 2013-03-26 | 2014-10-01 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| CN106330448A (en) * | 2015-06-30 | 2017-01-11 | 华为软件技术有限公司 | User legality verification method and system, and devices |
| US20180343251A1 (en) * | 2017-11-16 | 2018-11-29 | Qingdao Hisense Electronics Co., Ltd. | Processing method and apparatus for remote assistance |
| CN108990059A (en) * | 2017-06-02 | 2018-12-11 | 阿里巴巴集团控股有限公司 | A kind of verification method and device |
| CN111212058A (en) * | 2019-12-31 | 2020-05-29 | 苏州极光无限信息技术有限公司 | Method, device and system for logging in mobile phone verification code |
-
2020
- 2020-06-10 CN CN202010522148.7A patent/CN111709007A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104079527A (en) * | 2013-03-26 | 2014-10-01 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| CN106330448A (en) * | 2015-06-30 | 2017-01-11 | 华为软件技术有限公司 | User legality verification method and system, and devices |
| CN108990059A (en) * | 2017-06-02 | 2018-12-11 | 阿里巴巴集团控股有限公司 | A kind of verification method and device |
| US20180343251A1 (en) * | 2017-11-16 | 2018-11-29 | Qingdao Hisense Electronics Co., Ltd. | Processing method and apparatus for remote assistance |
| CN111212058A (en) * | 2019-12-31 | 2020-05-29 | 苏州极光无限信息技术有限公司 | Method, device and system for logging in mobile phone verification code |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112818306A (en) * | 2021-02-01 | 2021-05-18 | 长沙市到家悠享网络科技有限公司 | Information processing method and device and server |
| US20220386124A1 (en) * | 2021-05-27 | 2022-12-01 | Citrix Systems, Inc. | Provisioning devices securely using zero touch deployments |
| US11818574B2 (en) * | 2021-05-27 | 2023-11-14 | Citrix Systems, Inc. | Provisioning devices securely using zero touch deployments |
| CN113395273A (en) * | 2021-06-08 | 2021-09-14 | 中国联合网络通信集团有限公司 | Login identity verification method, device, equipment and storage medium |
| CN113395273B (en) * | 2021-06-08 | 2022-06-17 | 中国联合网络通信集团有限公司 | Login identity verification method, device, equipment and storage medium |
| CN113824628A (en) * | 2021-09-30 | 2021-12-21 | 传仲智能数字科技(上海)有限公司 | User identity authentication method, device, server and storage medium based on IM |
| CN113824628B (en) * | 2021-09-30 | 2023-04-07 | 传仲智能数字科技(上海)有限公司 | User identity authentication method, device, server and storage medium based on IM |
| CN115529174A (en) * | 2022-09-16 | 2022-12-27 | 融合通信技术(天津)有限公司 | Short message verification method, device, server and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111709007A (en) | User authentication method, device and equipment | |
| CN110602052B (en) | Micro-service processing method and server | |
| EP3499795A1 (en) | Authentication system and method, and user equipment, authentication server, and service server for performing same method | |
| CN112425114B (en) | Password manager protected by public key-private key pair | |
| CN106850503B (en) | Login-free identity authentication method and device | |
| CN110245518B (en) | Data storage method, device and equipment | |
| TWI761745B (en) | User verification method and device based on bank card quick payment contract | |
| JP2019536147A (en) | Service execution method and apparatus | |
| CN111149106B (en) | Apparatus and method for key authentication using multiple device certificates | |
| CN108335105B (en) | Data processing method and related equipment | |
| CN106465076B (en) | Method and terminal for controlling short message reading | |
| US20190377863A1 (en) | Password input method, computer device and storage medium | |
| EP4174689A1 (en) | Blockchain-based user information processing method and system | |
| KR102616421B1 (en) | Payment method using biometric authentication and electronic device thereof | |
| CN110113329B (en) | Verification method and device for verification code | |
| CN114266033A (en) | Verification code generation method and device, verification code login system and electronic equipment | |
| CN111259368A (en) | Method and equipment for logging in system | |
| CN112039890A (en) | Verification code verification method, device, terminal and medium | |
| CN110602051B (en) | Information processing method based on consensus protocol and related device | |
| CN111177674A (en) | Device verification method and device | |
| CN109858235B (en) | Portable equipment and password obtaining method and device thereof | |
| CN114244620B (en) | Board card network access verification method and device and board card control center | |
| CN112150151B (en) | Secure payment method, apparatus, electronic device and storage medium | |
| CN114499859A (en) | Password verification method, device, equipment and storage medium | |
| CN114117388A (en) | Device registration method, device registration apparatus, electronic device, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220921 Address after: 12 / F, 15 / F, 99 Yincheng Road, Pudong New Area pilot Free Trade Zone, Shanghai, 200120 Applicant after: Jianxin Financial Science and Technology Co.,Ltd. Address before: 25 Financial Street, Xicheng District, Beijing 100033 Applicant before: CHINA CONSTRUCTION BANK Corp. Applicant before: Jianxin Financial Science and Technology Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200925 |