CN111935655A - Short message sending processing method, system, client, server and verification device - Google Patents

Short message sending processing method, system, client, server and verification device Download PDF

Info

Publication number
CN111935655A
CN111935655A CN202010462447.6A CN202010462447A CN111935655A CN 111935655 A CN111935655 A CN 111935655A CN 202010462447 A CN202010462447 A CN 202010462447A CN 111935655 A CN111935655 A CN 111935655A
Authority
CN
China
Prior art keywords
short message
verification
sending
server
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010462447.6A
Other languages
Chinese (zh)
Inventor
卢祖传
翁耀中
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Xiaoma Liancheng Technology Co ltd
Original Assignee
Wuhan Xiaoma Liancheng Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Xiaoma Liancheng Technology Co ltd filed Critical Wuhan Xiaoma Liancheng Technology Co ltd
Priority to CN202010462447.6A priority Critical patent/CN111935655A/en
Publication of CN111935655A publication Critical patent/CN111935655A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention has proposed the processing method, system and customer end, server, checkout gear of sending of short message, the processing system of sending of short message includes customer end, server, checkout gear and short message gateway, the customer end sends the short message request to the server; the server judges whether the mobile user identification code is normal according to a preset rule, if the mobile user identification code is normal, a short message instruction allowing to be sent is sent to the short message gateway, if the mobile user identification code is not normal, the server requests the verification device to carry out auxiliary verification and token data verification, and if the token data verification is successful, the server sends a short message instruction allowing to be sent to the short message gateway; the short message gateway sends the verification short message to the client. The short message sending and processing system does not perform auxiliary verification on normal users, improves the convenience of using software by the normal users, and reduces the verification cost of application program manufacturers; and strict auxiliary verification is carried out on the abnormal user, so that the system is prevented from being crashed due to short message bombing, and the short message sending of the normal user is further ensured.

Description

Short message sending processing method, system, client, server and verification device
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a short message sending processing method, a short message sending processing system, a client, a server, and a verification apparatus.
Background
At present, most application manufacturers or website developers bind a Mobile Subscriber Identity (IMSI for short, generally referred to as a Mobile phone number) of a user, use the Mobile Subscriber Identity as a user name, and perform operations such as registration and Mobile phone authentication code shortcut login on an application (App application, wechat applet, paupul applet, etc.) or a website (H5, a website of the Web, etc.) by the user. In order to effectively prevent malicious short message authentication for an application, man-machine authentication is generally required by using an authentication code. The malicious short message verification belongs to one of short message bombings, and lawbreakers attack malicious attacks such as reply and extortion through malicious disturbance. For the user, the verification short message content is received at high frequency, and the user experience is poor; for application program manufacturers, a large amount of malicious short message verification increases the operation cost of company short messages, and system crash is possibly caused by occupying a large amount of short message resources, so that the short messages of normal users cannot be sent out, product public praise is easily influenced, and users are easily lost. In view of this, in the prior art, an auxiliary verification means such as a graphic verification or a behavior verification is generally added on the basis of the short message verification, and when the user inputs the mobile user identification code to request the verification code, if the system judges that the mobile user identification code is abnormal, the system requires the user to perform the auxiliary verification, so as to improve the cost and difficulty of criminal crime and solve the problem of malicious short message verification.
However, in practical applications, it is found that adding auxiliary verification to all users based on short message verification will greatly affect the convenience of application program usage, and in addition, adding auxiliary verification means will still bring a lot of expenditure cost to application program manufacturers.
Disclosure of Invention
In view of the above problems, it is necessary to provide a short message sending processing system to solve or partially solve the above problems, and the technical solution proposed by the present invention is as follows:
in a first aspect, the present invention provides a short message sending and processing system, which includes a client, a server, a checking device and a short message gateway, wherein:
the client is used for sending a short message request to the server, wherein the short message request at least comprises a mobile user identification code; for receiving a verification short message from the short message gateway; the verification device is also used for receiving an auxiliary verification code or a re-auxiliary verification instruction sent by the verification device, sending auxiliary verification data to the verification device and receiving an auxiliary verification result sent by the verification device; the verification device is also used for receiving token data sent by the verification device and sending the token data and the short message request to the server;
the server is used for receiving a short message request sent by the client, judging whether the mobile user identification code is normal according to a preset rule, and if the mobile user identification code is normal, sending a short message transmission permission instruction to the short message gateway; if the verification result is abnormal, sending an auxiliary verification request to the verification device, receiving token data and a short message request sent by the client, sending the token data to the verification device, receiving a token data verification result sent by the verification device, and sending a short message transmission permission instruction to the short message gateway when the token data verification result sent by the verification device is successful;
the verification device is used for receiving an auxiliary verification request sent by the server and sending an auxiliary verification code to the client; the system comprises a client, a server and a server, wherein the client is used for receiving auxiliary verification data sent by the client and verifying the auxiliary verification data to obtain an auxiliary verification result; if the auxiliary verification result is successful, the system is also used for sending the auxiliary verification result and the token data to the client, receiving the token data sent by the server, verifying and sending the token data verification result to the server; if the auxiliary verification result is verification failure, the method is also used for sending an auxiliary verification result and a re-auxiliary verification instruction to the client;
and the short message gateway is used for receiving the short message sending permission instruction sent by the server and sending the verification short message to the corresponding client according to the mobile user identification code.
Further, the server determines whether the mobile subscriber identity is normal according to a preset rule, including:
if the mobile subscriber identification code is a registered number and the short message request sending quantity of the mobile subscriber identification code in a preset time period does not reach a preset threshold value, judging that the mobile subscriber identification code is normal; alternatively, the first and second electrodes may be,
if the mobile subscriber identification code is a non-registered number but meets the preset condition, the mobile subscriber identification code is judged to be normal.
Further, the short message request further includes an IP address where the client is located, and meeting the preset condition includes:
the access quantity of the IP address where the client is located is normal in the preset time period, the sending quantity of the short message request corresponding to the mobile user identification code is normal, the state of the server is normal, and the current short message sending state of the short message gateway is normal.
In a second aspect, the present invention provides a short message sending and processing method, including:
a server receives a short message request sent by a client, wherein the short message request at least comprises a mobile user identification code;
the server judges whether the mobile user identification code is normal according to a preset rule, and if the mobile user identification code is normal, a short message instruction allowing to send a short message is sent to a short message gateway; if not, sending an auxiliary verification request to the verification device, receiving the token data and the short message request sent by the client, sending the token data to the verification device, receiving a token data verification result sent by the verification device, and sending a short message transmission permission instruction to the short message gateway when the token data verification result sent by the verification device is successful.
In a third aspect, the present invention provides another short message sending processing method, including:
a client sends a short message request to a server, wherein the short message request at least comprises a mobile user identification code;
the client receives an auxiliary verification code or a re-auxiliary verification instruction sent by the verification device, sends auxiliary verification data to the verification device and receives an auxiliary verification result sent by the verification device;
the client receives the token data sent by the checking device and sends the token data and the short message request to the server;
the client receives the verification short message from the short message gateway.
In a fourth aspect, the present invention provides a server, including a data receiving module and a data processing module, wherein:
the data receiving module is used for receiving a short message request sent by a client by a server, wherein the short message request at least comprises a mobile user identification code;
the data processing module is used for judging whether the mobile user identification code is normal according to a preset rule, and if the mobile user identification code is normal, sending a short message sending permission instruction to the short message gateway; and if the verification result of the token data sent by the verification device is successful, sending a command for allowing the sending of the short message to the short message gateway.
In a fifth aspect, the present invention provides a client, including a request module, a verification data generation module, and a short message receiving module, where:
the request module is used for sending a short message request to the server, wherein the short message request at least comprises a mobile user identification code; the verification device is also used for receiving token data sent by the verification device and sending the token data and the short message request to the server;
the verification data generation module is used for receiving the auxiliary verification code or the re-auxiliary verification instruction sent by the verification device, sending the auxiliary verification data to the verification device and receiving the auxiliary verification result sent by the verification device;
and the short message receiving module is used for receiving the verification short message from the short message gateway.
In a sixth aspect, the present invention provides a verification apparatus, including an auxiliary verification code generation module, an auxiliary verification data processing module, and an auxiliary verification result processing module, where:
the auxiliary verification code generation module is used for receiving an auxiliary verification request sent by the server, generating an auxiliary verification code and sending the auxiliary verification code to the client;
the auxiliary verification data processing module is used for receiving auxiliary verification data sent by the client and verifying the auxiliary verification data to obtain an auxiliary verification result;
the auxiliary verification result processing module is used for sending an auxiliary verification result and token data to the client when the auxiliary verification result is judged to be successful, receiving the token data sent by the server, verifying and sending the token data verification result to the server; and when the auxiliary verification result is judged to be verification failure, sending the auxiliary verification result and a re-auxiliary verification instruction to the client.
Based on the technical scheme, compared with the prior art, the invention has the beneficial effects that:
according to the short message sending and processing system provided by the invention, when the server judges that the mobile user identification code is normal, the server directly sends a short message sending permission instruction to the short message gateway without a checking device for checking; when the server judges that the mobile user identification code is abnormal, the server sends an instruction needing auxiliary verification to the client, receives token data and a short message request sent by the client, sends the token data to the verification device, receives a token data verification result sent by the verification device, and sends an instruction allowing to send the short message to the short message gateway when the token data verification result sent by the verification device is successful. The method and the system pre-judge normal users and abnormal users, the normal users and the abnormal users are mainly judged through the mobile user identification codes, and the normal users are not subjected to auxiliary verification, so that the convenience of the normal users in using software is improved, and the verification cost of an application program manufacturer is reduced; the method has the advantages that the method carries out strict auxiliary verification on the abnormal users, can limit malicious short message bombing, avoids system breakdown caused by short message bombing, and further ensures the short message sending of the normal users.
Drawings
Fig. 1 is a schematic structural diagram of a short message sending and processing system according to a first embodiment of the present invention;
fig. 2 is a schematic flow chart of a short message sending processing system according to a first embodiment of the present invention;
fig. 3 is a flowchart of a short message sending processing method according to a second embodiment of the present invention;
fig. 4 is a flowchart of a short message sending processing method in the third embodiment of the present invention;
fig. 5 is a schematic structural diagram of a server according to a fourth embodiment of the present invention;
fig. 6 is a schematic structural diagram of a client according to a fifth embodiment of the present invention;
fig. 7 is a schematic structural diagram of a verification apparatus in a sixth embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Example one
The present embodiment proposes a short message sending processing system, as shown in fig. 1, including a client 101, a server 102, a verification device 103, and a short message gateway 104, where:
a client 101, configured to send a short message request to a server 102, where the short message request at least includes a mobile subscriber identity; for receiving the authentication short message from the short message gateway 104; the verification device is further configured to receive an auxiliary verification code or a re-auxiliary verification instruction sent by the verification device 103, send auxiliary verification data to the verification device 103, and receive an auxiliary verification result sent by the verification device 103; and is further configured to receive the token data sent by the verifying apparatus 103, and send the token data and the short message request to the server 102.
The mobile user identification code generally refers to a mobile phone number of a user, the auxiliary verification code at least can be graphic verification or behavior verification, and the user verifies according to the prompt of the auxiliary verification code. For example, if the auxiliary verification code prompts selection of a certain number of words in the figure, the user performs a click selection operation on the client 101. The client 101 can be applied to a mobile phone, a computer, a tablet computer, and the like.
A server 102, configured to receive a short message request sent by a client 101, determine whether the mobile subscriber identity is normal according to a preset rule, and send a short message transmission permission instruction to a short message gateway 104 if the mobile subscriber identity is normal; if not, sending an auxiliary verification request to the verification device 103, and further receiving token data and a short message request sent by the client 101, sending the token data to the verification device 103, receiving a verification result of the token data sent by the verification device 103, and sending an instruction for allowing to send the short message to the short message gateway 104 when the verification result of the token data sent by the verification device 103 is successful. In the embodiment, whether the user is a normal user is mainly judged through the user identification code, and if the user identification code is normal, the user is judged to be normal; if the user identification code is abnormal, it is determined that the user may be an abnormal user, such as a malicious attacker.
The verification device 103 is configured to receive an auxiliary verification request sent by the server 102, and send an auxiliary verification code to the client 101; the system comprises a client 101, a data processing module and a data processing module, wherein the data processing module is used for receiving auxiliary verification data sent by the client 101 and verifying the auxiliary verification data to obtain an auxiliary verification result; if the auxiliary verification result is successful, the system is further configured to send the auxiliary verification result and token data to the client 101, receive and verify the token data sent by the server 102, and send the token data verification result to the server 102; and if the auxiliary verification result is verification failure, the method is further used for sending the auxiliary verification result and a re-auxiliary verification instruction to the client 101.
When the server 102 sends an auxiliary verification request to the verification device 103, the verification device 103 sends an auxiliary verification code to the client 101, the client 101 sends auxiliary verification data to the verification device 103, the verification device 103 verifies the auxiliary verification data, if the auxiliary verification is successful, token data is returned to the client 101, the client 101 submits the token data and the short message request to the server 102, the server 102 sends the token data to the verification device 103 for verification, the verification device 103 verifies the token data, if the token data is verified successfully, the server 102 sends a short message transmission permission instruction to the short message gateway 104, and if the token data is verified unsuccessfully, the verification device 103 returns an operation exception to the server 102. The server 102 needs to know whether the auxiliary verification is successful or not through token data, the verifying device 103 and the server 102 are separated, the verifying device 103 and the server 102 perform respective functions, the complexity and the coupling degree of codes are reduced, and convenience is brought to program design and maintenance of technicians.
And the short message gateway 104 is configured to receive the short message transmission permission instruction sent by the server 102, and send a verification short message to the corresponding client 101 according to the mobile subscriber identity.
The working principle of the short message sending and processing system is shown in fig. 2:
step S201: a client 101 sends a short message request to a server 102;
step S202: the server 102 judges whether the mobile subscriber identification code is normal according to a preset rule;
step S203: if the message is normal, the server 102 sends a command allowing sending the message to the message gateway 104, and jumps to step S215;
step S204: if not, the server 102 sends an auxiliary verification request to the verification device 103;
step S205: the verification device 103 sends the auxiliary verification code to the client 101;
step S206: the client 101 sends the auxiliary verification data to the verification device 103;
step S207: the verification device 103 receives the auxiliary verification data sent by the client 101 and verifies the auxiliary verification data to obtain an auxiliary verification result;
step S208: if the auxiliary verification result is that the verification fails, the verification device 103 sends an auxiliary verification result and a re-auxiliary verification instruction to the client 101;
step S209: if the client 101 receives the re-assisted verification instruction, it returns to step S206;
step S210: if the auxiliary verification result is successful, the verification device 103 sends the auxiliary verification result and the token data to the client 101;
step S211: the client 101 sends token data and a short message request to the server 102;
step S212: the server 102 sends token data to the verifying apparatus 103;
step S213: the verifying apparatus 103 sends the token data verification result to the server 102;
step S214: when the token data verification result sent by the verification device 103 is received by the server 102 and is successful, sending a short message transmission permission instruction to the short message gateway 104;
step S215: after receiving the short message transmission permission instruction sent by the server 102, the short message gateway 104 sends a verification short message to the corresponding client 101 according to the mobile user identification code.
In the short message sending and processing system provided by this embodiment, when the server 102 determines that the mobile subscriber identity is normal, the server directly sends a short message sending permission instruction to the short message gateway 104, without the need of the verification by the verification device 103; when the server 102 determines that the mobile user identification code is abnormal, it sends an auxiliary verification request to the verification device 103, and is further configured to receive token data and a short message request sent by the client 101, send the token data to the verification device 103, receive a token data verification result sent by the verification device 103, and send a short message transmission permission instruction to the short message gateway 104 when the token data verification result sent by the verification device 103 is successful. The method and the system pre-judge normal users and abnormal users, the normal users and the abnormal users are mainly judged through the mobile user identification codes, and the normal users are not subjected to auxiliary verification, so that the convenience of the normal users in using software is improved, and the verification cost of an application program manufacturer is reduced; the method has the advantages that the method carries out strict auxiliary verification on the abnormal users, can limit malicious short message bombing, avoids system breakdown caused by short message bombing, and further ensures the short message sending of the normal users.
In some embodiments, the determining, by the server 102 according to a preset rule, whether the mobile subscriber identity is normal includes: if the mobile subscriber identification code is a registered number and the short message request sending quantity of the mobile subscriber identification code in a preset time period does not reach a preset threshold value, judging that the mobile subscriber identification code is normal; or, if the mobile subscriber identity is a non-registered number but satisfies a preset condition, determining that the mobile subscriber identity is normal.
Through a large number of experiments, if the access amount of the IP address where the client 101 is located in a preset time period exceeds a preset threshold, or the sending amount of the short message request corresponding to the mobile subscriber identity exceeds a preset threshold, or the sending amount of the short message per second by the short message gateway 104 exceeds a preset threshold, it is generally determined that there is a malicious attack, and certainly, the server 102 itself may also be attacked by a malicious attack to cause an abnormal state thereof, so that when a preset condition is set, a situation that various malicious attacks are excluded as much as possible may be considered, for example, the preset condition is: the IP access amount is normal, the mobile subscriber identity access number is normal, the state of the server 102 is normal, and the current short message sending state of the short message gateway 104 is normal. At this time, the short message request further includes the IP address where the client 101 is located. In practical application, if other malicious attack means are researched, corresponding preset conditions can be added when judging whether the user identification code is normal. The present invention does not limit the specific contents of the preset conditions.
In this embodiment, for a registration number, when the short message request sending amount of the mobile subscriber identity in a preset time period does not reach a preset threshold, it is determined that the mobile subscriber identity is normal; for the unregistered number, the unregistered number is not directly judged as an abnormal user, but is combined with some preset conditions for eliminating malicious attacks, so that excessive verification requirements on unregistered normal users are reduced as much as possible, and the user experience of the user is prevented from being influenced.
Example two
This embodiment proposes a short message sending processing method, as shown in fig. 3, the method includes:
step S301: the server receives a short message request sent by the client, wherein the short message request at least comprises a mobile user identification code.
The mobile user identification code generally refers to a mobile phone number of a user, the auxiliary verification code at least can be graphic verification or behavior verification, and the user verifies according to the prompt of the auxiliary verification code. For example, if the auxiliary verification code prompts that a certain character in the image is selected, the user performs a click selection operation on the client. The client can be applied to mobile phones, computers, tablet computers and the like.
Step S302: the server judges whether the mobile user identification code is normal according to a preset rule.
If so, go to step S303: and sending a short message permission instruction to the short message gateway.
If not, go to step S304: and sending an auxiliary verification request to a verification device, receiving the token data and the short message request sent by the client, sending the token data to the verification device, receiving a token data verification result sent by the verification device, and sending a short message transmission permission instruction to the short message gateway when the token data verification result sent by the verification device is successful.
Specifically, when a user logs in a client, a mobile user identification code is input on the client, a short message request is sent to a server, the short message request at least comprises the mobile user identification code, and if the server judges that the mobile user identification code is normal, a short message sending permission instruction is directly sent to a short message gateway; the server judges that the mobile user identification code is abnormal, an auxiliary verification request is sent to the verification device, the verification device sends an auxiliary verification code to the client, the user verifies according to the prompt of the auxiliary verification code, the client sends auxiliary verification data to the verification device, the verification device verifies the auxiliary verification data and then returns an auxiliary verification result, if the auxiliary verification result is successful, the server receives token data and a short message request sent by the client and sends the token data to the verification device, the token data verification result sent by the verification device is received, and when the token data verification result sent by the verification device is successful, the server sends a short message transmission permission instruction to the short message gateway. The server needs to know whether the auxiliary verification is successful or not through token data, the verification device and the server are separated, the verification device and the server respectively perform own functions, the complexity and the coupling degree of codes are reduced, and convenience is brought to program design and maintenance of technical staff.
According to the short message sending and processing method provided by the embodiment, when the server judges that the mobile subscriber identification code is normal, the server directly sends the instruction allowing the sending of the short message to the short message gateway, a verification device is not needed for verification, and the cost required by verification is reduced; when the server judges that the mobile user identification code is abnormal, an auxiliary verification request is sent to the verification device, token data and a short message request sent by the client are received, the token data are sent to the verification device, a token data verification result sent by the verification device is received, and when the token data verification result sent by the verification device is successful, a short message sending permission instruction is sent to the short message gateway. The short message sending and processing method provided by the embodiment pre-judges normal users and abnormal users, the normal users and the abnormal users are mainly judged through mobile user identification codes, and the normal users are not subjected to auxiliary verification, so that the convenience of using software by the normal users is improved, and the cost of verifying by application program manufacturers is reduced; the method has the advantages that the method carries out strict auxiliary verification on the abnormal users, can limit malicious short message bombing, avoids system breakdown caused by short message bombing, and further ensures the short message sending of the normal users.
In some embodiments, the determining, by the server, whether the mobile subscriber identity is normal according to a preset rule includes: if the mobile subscriber identification code is a registered number and the short message request sending quantity of the mobile subscriber identification code in a preset time period does not reach a preset threshold value, judging that the mobile subscriber identification code is normal; or, if the mobile subscriber identity is a non-registered number but satisfies a preset condition, determining that the mobile subscriber identity is normal.
Through a large number of experiments, if the access quantity of the IP address where the client is located in the preset time period exceeds the preset threshold, or the sending quantity of the short message request corresponding to the mobile subscriber identity exceeds the preset threshold, or the sending quantity of the short message per second by the short message gateway exceeds the preset threshold, it is generally determined that malicious attack exists, and of course, the server itself may be subjected to malicious attack to cause abnormal state, so that when the preset condition is set, the situation that various malicious attacks are excluded as much as possible can be considered, for example, the preset condition is: the IP access amount is normal, the mobile user identification code access number is normal, the server state is normal, and the current short message sending state of the short message gateway is normal. At this time, the short message request further includes an IP address where the client is located. In practical application, if other malicious attack means are researched, corresponding preset conditions can be added when judging whether the user identification code is normal. The present invention does not limit the specific contents of the preset conditions.
In this embodiment, for a registration number, when the short message request sending amount of the mobile subscriber identity in a preset time period does not reach a preset threshold, it is determined that the mobile subscriber identity is normal; for the unregistered number, the unregistered number is not directly judged as an abnormal user, but is combined with some preset conditions for eliminating malicious attacks, so that excessive verification requirements on unregistered normal users are reduced as much as possible, and the user experience of the user is prevented from being influenced.
EXAMPLE III
This embodiment proposes another short message sending processing method, as shown in fig. 4, the method includes:
step S401: the client sends a short message request to the server, wherein the short message request at least comprises a mobile user identification code.
The mobile user identification code generally refers to a mobile phone number of a user, and the client can be applied to a mobile phone, a computer, a tablet computer and the like.
Step S402: and the client receives the auxiliary verification code or the re-auxiliary verification instruction sent by the verification device, sends auxiliary verification data to the verification device and receives an auxiliary verification result sent by the verification device.
The auxiliary verification code can be at least a graphic verification or a behavior verification, and the user verifies according to the prompt of the auxiliary verification code. For example, if the auxiliary verification code prompts that a certain character in the image is selected, the user performs a click selection operation on the client.
Step S403: the client receives the token data sent by the verification device and sends the token data and the short message request to the server.
Step S404: the client receives the verification short message from the short message gateway.
Specifically, when a user logs in a client, a mobile user identification code is input on the client, a short message request is sent to a server, after a verification device sends an auxiliary verification code or a re-auxiliary verification instruction, the user carries out verification according to the prompt of image verification or behavior verification, the client sends the auxiliary verification data to the verification device, the verification device carries out verification on the auxiliary verification data to obtain an auxiliary verification result, if the auxiliary verification result is verification failure, the client receives the auxiliary verification result and a re-auxiliary verification instruction sent by the verification device, if the auxiliary verification result is verification success, the client receives the auxiliary verification result and token data sent by the verification device, and sending the token data and the short message request to a server, sending the token data to a verification device by the server for verification, and receiving a verification short message from a short message gateway by the client after the token data is successfully verified.
In the method for sending and processing the short message, the client sends the short message request to the server, the client sends the auxiliary verification data to the verification device after receiving the auxiliary verification code or the re-auxiliary verification instruction sent by the verification device, and if the client does not receive the auxiliary verification code, the short message is directly sent without auxiliary verification; if the auxiliary verification result is verification failure, the client receives a re-auxiliary verification instruction sent by the verification device and performs auxiliary verification again. The short message sending and processing method provided by the embodiment does not perform auxiliary verification on normal users, improves the convenience of using software by the normal users, and reduces the verification cost of application program manufacturers; the method has the advantages that the method carries out strict auxiliary verification on the abnormal users, can limit malicious short message bombing, avoids system breakdown caused by short message bombing, and further ensures the short message sending of the normal users.
Example four
The present embodiment proposes a server, as shown in fig. 5, including a data receiving module 501 and a data processing module 502, where:
a data receiving module 501, configured to receive, by a server, a short message request sent by a client, where the short message request at least includes a mobile subscriber identity.
The mobile user identification code generally refers to a mobile phone number of a user, the auxiliary verification code at least can be graphic verification or behavior verification, and the user verifies according to the prompt of the auxiliary verification code. For example, if the auxiliary verification code prompts that a certain character in the image is selected, the user performs a click selection operation on the client. The client can be applied to mobile phones, computers, tablet computers and the like.
A data processing module 502, configured to determine whether the mobile subscriber identity is normal according to a preset rule, and if so, send a short message transmission permission instruction to the short message gateway; if not, sending an auxiliary verification request to the verification device, receiving the token data and the short message request sent by the client, sending the token data to the verification device, receiving a token data verification result sent by the verification device, and sending a short message transmission permission instruction to the short message gateway when the token data verification result sent by the verification device is successful.
Specifically, when a user logs in a client, a mobile user identification code is input on the client, a short message request is sent to a server, the short message request at least comprises the mobile user identification code, and if the server judges that the mobile user identification code is normal, a short message sending permission instruction is directly sent to a short message gateway; the server judges that the mobile user identification code is abnormal, an auxiliary verification request is sent to the verification device, the verification device sends an auxiliary verification code to the client, the user verifies according to the prompt of the auxiliary verification code, the client sends auxiliary verification data to the verification device, the verification device verifies the auxiliary verification data and then returns an auxiliary verification result, if the auxiliary verification result is successful, the server receives token data and a short message request sent by the client and sends the token data to the verification device, the token data verification result sent by the verification device is received, and when the token data verification result sent by the verification device is successful, the server sends a short message transmission permission instruction to the short message gateway. The server needs to know whether the auxiliary verification is successful or not through token data, the verification device and the server are separated, the verification device and the server respectively perform own functions, the complexity and the coupling degree of codes are reduced, and convenience is brought to program design and maintenance of technical staff.
In the server provided by the embodiment, when the data processing module 502 judges that the mobile subscriber identity is normal, the data processing module directly sends the instruction for allowing the sending of the short message to the short message gateway, and a verification device is not required for verification, so that the cost required by verification is reduced; when the data processing module 502 judges that the mobile user identification code is abnormal, an auxiliary verification request is sent to the verification device, token data and a short message request sent by the client are received, the token data is sent to the verification device, a token data verification result sent by the verification device is received, and when the token data verification result sent by the verification device is successful, a short message sending permission instruction is sent to the short message gateway. The server provided by the embodiment pre-judges normal users and abnormal users, the normal users and the abnormal users are mainly judged through mobile user identification codes, and the normal users are not subjected to auxiliary verification, so that the convenience of using software by the normal users is improved, and the cost of verifying by an application program manufacturer is reduced; the method has the advantages that the method carries out strict auxiliary verification on the abnormal users, can limit malicious short message bombing, avoids system breakdown caused by short message bombing, and further ensures the short message sending of the normal users.
In some embodiments, the determining, by the data processing module 502, whether the mobile subscriber identity is normal according to a preset rule includes: if the mobile subscriber identification code is a registered number and the short message request sending quantity of the mobile subscriber identification code in a preset time period does not reach a preset threshold value, judging that the mobile subscriber identification code is normal; or, if the mobile subscriber identity is a non-registered number but satisfies a preset condition, determining that the mobile subscriber identity is normal.
Through a large number of experiments, if the access quantity of the IP address where the client is located in the preset time period exceeds the preset threshold, or the sending quantity of the short message request corresponding to the mobile subscriber identity exceeds the preset threshold, or the sending quantity of the short message per second by the short message gateway exceeds the preset threshold, it is generally determined that malicious attack exists, and of course, the server itself may be subjected to malicious attack to cause abnormal state, so that when the preset condition is set, the situation that various malicious attacks are excluded as much as possible can be considered, for example, the preset condition is: the IP access amount is normal, the mobile user identification code access number is normal, the server state is normal, and the current short message sending state of the short message gateway is normal. At this time, the short message request further includes an IP address where the client is located. In practical application, if other malicious attack means are researched, corresponding preset conditions can be added when judging whether the user identification code is normal. The present invention does not limit the specific contents of the preset conditions.
In this embodiment, for a registration number, when the short message request sending amount of the mobile subscriber identity in a preset time period does not reach a preset threshold, it is determined that the mobile subscriber identity is normal; for the unregistered number, the unregistered number is not directly judged as an abnormal user, but is combined with some preset conditions for eliminating malicious attacks, so that excessive verification requirements on unregistered normal users are reduced as much as possible, and the user experience of the user is prevented from being influenced.
The specific working principle of the server has been described in detail in the second embodiment, and is not described herein again.
EXAMPLE five
The present embodiment proposes a client, as shown in fig. 6, including a request module 601, a verification data generation module 602, and a short message receiving module 603, where:
a request module 601, configured to send a short message request to a server, where the short message request at least includes a mobile subscriber identity; and the system is also used for receiving the token data sent by the verification device and sending the token data and the short message request to the server.
The mobile user identification code generally refers to a mobile phone number of a user, and the client can be applied to a mobile phone, a computer, a tablet computer and the like.
The verification data generating module 602 is configured to receive the auxiliary verification code or the re-auxiliary verification instruction sent by the verification apparatus, send the auxiliary verification data to the verification apparatus, and receive an auxiliary verification result sent by the verification apparatus.
The auxiliary verification code can be at least a graphic verification or a behavior verification, and the user verifies according to the prompt of the auxiliary verification code. For example, if the auxiliary verification code prompts that a certain character in the image is selected, the user performs a click selection operation on the client.
A short message receiving module 603, configured to receive the verification short message from the short message gateway.
In the client side provided by this embodiment, the request module 601 sends a short message request to the server, the verification data generation module 602 sends the auxiliary verification data to the verification apparatus after receiving the auxiliary verification code or the re-auxiliary verification instruction sent by the verification apparatus, and if the verification data generation module 602 does not receive the auxiliary verification code, the short message receiving module 603 receives the verification short message from the short message gateway without performing auxiliary verification; if the auxiliary verification result is verification failure, the client receives a re-auxiliary verification instruction sent by the verification device and performs auxiliary verification again. The client provided by the embodiment does not perform auxiliary verification on the normal user, improves the convenience of the normal user in using software, and reduces the verification cost of an application program manufacturer; the method has the advantages that the method carries out strict auxiliary verification on the abnormal users, can limit malicious short message bombing, avoids system breakdown caused by short message bombing, and further ensures the short message sending of the normal users.
The specific working principle of the client is described in detail in the third embodiment, and is not described herein again.
EXAMPLE six
The present embodiment provides a verification apparatus, as shown in fig. 7, including an auxiliary verification code generating module 701, an auxiliary verification data processing module 702, and an auxiliary verification result processing module 703, where:
an auxiliary verification code generation module 701, configured to receive an auxiliary verification request sent by a server, generate an auxiliary verification code, and send the auxiliary verification code to a client.
Specifically, when a user logs in a client, a mobile user identification code is input on the client, a short message request is sent to a server, when the server judges that the mobile user identification code is abnormal, an auxiliary verification request is sent to a verification device, and an auxiliary verification code is generated after the auxiliary verification request is received by the auxiliary verification code generation module 701. The auxiliary verification code can be at least a graphic verification or a behavior verification, and the user verifies according to the prompt of the auxiliary verification code. For example, if the auxiliary verification code prompts that a certain character in the image is selected, the user performs a click selection operation on the client.
And the auxiliary verification data processing module 702 is configured to receive auxiliary verification data sent by the client and perform verification to obtain an auxiliary verification result.
The auxiliary verification result processing module 703 is configured to send an auxiliary verification result and token data to the client when it is determined that the auxiliary verification result is successful, receive and verify the token data sent by the server, and send the token data verification result to the server; and when the auxiliary verification result is judged to be verification failure, sending the auxiliary verification result and a re-auxiliary verification instruction to the client.
When a server sends an auxiliary verification request to a verification device, an auxiliary verification code generation module 701 sends an auxiliary verification code to a client, the client sends auxiliary verification data to an auxiliary verification data processing module 702, the auxiliary verification data processing module 702 verifies the auxiliary verification data, the auxiliary verification is successful, the auxiliary verification result processing module 703 returns token data to the client, the client submits the token data and a short message request to the server, the server sends the token data to the auxiliary verification result processing module 703 for verification, the auxiliary verification result processing module 703 verifies the token data, if the token data is verified successfully, the server sends a command allowing to send the short message to a short message gateway, and if the token data is verified unsuccessfully, the auxiliary verification result processing module 703 returns an operation exception to the server. The server needs to know whether the auxiliary verification is successful or not through token data, the verification device and the server are separated, the verification device and the server respectively perform own functions, the complexity and the coupling degree of codes are reduced, and convenience is brought to program design and maintenance of technical staff.
In the verification apparatus provided in this embodiment, an auxiliary verification code generation module 701 receives an auxiliary verification request sent by a server, generates an auxiliary verification code, and sends the auxiliary verification code to a client, an auxiliary verification data processing module 702 receives auxiliary verification data sent by the client and verifies the auxiliary verification data to obtain an auxiliary verification result, when the auxiliary verification result is judged to be successful by the auxiliary verification result processing module 703, the auxiliary verification result and token data are sent to the client, the token data sent by the server are received and verified, and a token data verification result is sent to the server; when the auxiliary verification result processing module 703 determines that the auxiliary verification result is a verification failure, it sends a re-auxiliary verification result and a re-auxiliary verification instruction to the client. The verification device provided by the embodiment carries out strict auxiliary verification on abnormal users, can limit malicious short message bombing, avoids system breakdown caused by short message bombing, and further ensures the short message sending of normal users.
In the foregoing detailed description, various features are grouped together in a single embodiment for the purpose of streamlining the disclosure. This method of disclosure is not to be interpreted as reflecting an intention that the claimed embodiments of the subject matter require more features than are expressly recited in each claim. Rather, as the following claims reflect, invention lies in less than all features of a single disclosed embodiment. Thus, the following claims are hereby expressly incorporated into the detailed description, with each claim standing on its own as a separate preferred embodiment of the invention.
What has been described above includes examples of one or more embodiments. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the aforementioned embodiments, but one of ordinary skill in the art may recognize that many further combinations and permutations of various embodiments are possible. Accordingly, the embodiments described herein are intended to embrace all such alterations, modifications and variations that fall within the scope of the appended claims. Furthermore, to the extent that the term "includes" is used in either the detailed description or the claims, such term is intended to be inclusive in a manner similar to the term "comprising" as "comprising" is interpreted when employed as a transitional word in a claim. Furthermore, any use of the term "or" in the specification of the claims is intended to mean a "non-exclusive or".

Claims (10)

1. A short message sending processing system is characterized in that the system comprises a client, a server, a checking device and a short message gateway, wherein:
the client is used for sending a short message request to the server, wherein the short message request at least comprises a mobile user identification code; for receiving a verification short message from the short message gateway; the verification device is also used for receiving an auxiliary verification code or a re-auxiliary verification instruction sent by the verification device, sending auxiliary verification data to the verification device and receiving an auxiliary verification result sent by the verification device; the verification device is also used for receiving token data sent by the verification device and sending the token data and the short message request to the server;
the server is used for receiving a short message request sent by the client, judging whether the mobile user identification code is normal according to a preset rule, and if the mobile user identification code is normal, sending a short message transmission permission instruction to the short message gateway; if the verification result is abnormal, sending an auxiliary verification request to the verification device, receiving token data and a short message request sent by the client, sending the token data to the verification device, receiving a token data verification result sent by the verification device, and sending a short message transmission permission instruction to the short message gateway when the token data verification result sent by the verification device is successful;
the verification device is used for receiving an auxiliary verification request sent by the server and sending an auxiliary verification code to the client; the system comprises a client, a server and a server, wherein the client is used for receiving auxiliary verification data sent by the client and verifying the auxiliary verification data to obtain an auxiliary verification result; if the auxiliary verification result is successful, the system is also used for sending the auxiliary verification result and the token data to the client, receiving the token data sent by the server, verifying and sending the token data verification result to the server; if the auxiliary verification result is verification failure, the method is also used for sending an auxiliary verification result and a re-auxiliary verification instruction to the client;
and the short message gateway is used for receiving the short message sending permission instruction sent by the server and sending the verification short message to the corresponding client according to the mobile user identification code.
2. The system of claim 1, wherein the server determines whether the mobile subscriber identity is normal according to a predetermined rule, comprising:
if the mobile subscriber identification code is a registered number and the short message request sending quantity of the mobile subscriber identification code in a preset time period does not reach a preset threshold value, judging that the mobile subscriber identification code is normal; alternatively, the first and second electrodes may be,
if the mobile subscriber identification code is a non-registered number but meets the preset condition, the mobile subscriber identification code is judged to be normal.
3. The short message transmission processing system of claim 2, wherein the short message request further includes an IP address where the client is located, and the meeting of the preset condition includes:
the access quantity of the IP address where the client is located is normal in the preset time period, the sending quantity of the short message request corresponding to the mobile user identification code is normal, the state of the server is normal, and the current short message sending state of the short message gateway is normal.
4. A short message sending processing method is characterized by comprising the following steps:
a server receives a short message request sent by a client, wherein the short message request at least comprises a mobile user identification code;
the server judges whether the mobile user identification code is normal according to a preset rule, and if the mobile user identification code is normal, a short message instruction allowing to send a short message is sent to a short message gateway; if not, sending an auxiliary verification request to the verification device, receiving the token data and the short message request sent by the client, sending the token data to the verification device, receiving a token data verification result sent by the verification device, and sending a short message transmission permission instruction to the short message gateway when the token data verification result sent by the verification device is successful.
5. The method as claimed in claim 4, wherein the server determines whether the mobile subscriber identity is normal according to a preset rule, comprising:
if the mobile subscriber identification code is a registered number and the short message request sending quantity of the mobile subscriber identification code in a preset time period does not reach a preset threshold value, judging that the mobile subscriber identification code is normal; alternatively, the first and second electrodes may be,
if the mobile subscriber identification code is a non-registered number but meets the preset condition, the mobile subscriber identification code is judged to be normal.
6. The short message sending processing method of claim 5, wherein the short message request further includes an IP address where the client is located, and meeting the preset condition includes:
the access quantity of the IP address where the client is located is normal in the preset time period, the sending quantity of the short message request corresponding to the mobile user identification code is normal, the state of the server is normal, and the current short message sending state of the short message gateway is normal.
7. A short message sending processing method is characterized by comprising the following steps:
a client sends a short message request to a server, wherein the short message request at least comprises a mobile user identification code;
the client receives an auxiliary verification code or a re-auxiliary verification instruction sent by the verification device, sends auxiliary verification data to the verification device and receives an auxiliary verification result sent by the verification device;
the client receives the token data sent by the checking device and sends the token data and the short message request to the server;
the client receives the verification short message from the short message gateway.
8. A server, comprising a data receiving module and a data processing module, wherein:
the data receiving module is used for receiving a short message request sent by a client by a server, wherein the short message request at least comprises a mobile user identification code;
the data processing module is used for judging whether the mobile user identification code is normal according to a preset rule, and if the mobile user identification code is normal, sending a short message sending permission instruction to the short message gateway; and if the verification result of the token data sent by the verification device is successful, sending a command for allowing the sending of the short message to the short message gateway.
9. A client comprising a request module, a verification data generation module, and a short message reception module, wherein:
the request module is used for sending a short message request to the server, wherein the short message request at least comprises a mobile user identification code; the verification device is also used for receiving token data sent by the verification device and sending the token data and the short message request to the server;
the verification data generation module is used for receiving the auxiliary verification code or the re-auxiliary verification instruction sent by the verification device, sending the auxiliary verification data to the verification device and receiving the auxiliary verification result sent by the verification device;
and the short message receiving module is used for receiving the verification short message from the short message gateway.
10. The checking device is characterized by comprising an auxiliary verification code generation module, an auxiliary verification data processing module and an auxiliary verification result processing module, wherein:
the auxiliary verification code generation module is used for receiving an auxiliary verification request sent by the server, generating an auxiliary verification code and sending the auxiliary verification code to the client;
the auxiliary verification data processing module is used for receiving auxiliary verification data sent by the client and verifying the auxiliary verification data to obtain an auxiliary verification result;
the auxiliary verification result processing module is used for sending an auxiliary verification result and token data to the client when the auxiliary verification result is judged to be successful, receiving the token data sent by the server, verifying and sending the token data verification result to the server; and when the auxiliary verification result is judged to be verification failure, sending the auxiliary verification result and a re-auxiliary verification instruction to the client.
CN202010462447.6A 2020-05-27 2020-05-27 Short message sending processing method, system, client, server and verification device Pending CN111935655A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010462447.6A CN111935655A (en) 2020-05-27 2020-05-27 Short message sending processing method, system, client, server and verification device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010462447.6A CN111935655A (en) 2020-05-27 2020-05-27 Short message sending processing method, system, client, server and verification device

Publications (1)

Publication Number Publication Date
CN111935655A true CN111935655A (en) 2020-11-13

Family

ID=73316473

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010462447.6A Pending CN111935655A (en) 2020-05-27 2020-05-27 Short message sending processing method, system, client, server and verification device

Country Status (1)

Country Link
CN (1) CN111935655A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104253687A (en) * 2013-06-26 2014-12-31 深圳市腾讯计算机系统有限公司 Method for reducing verification efficiency, method for generating captcha, correlated system, and server
CN105208059A (en) * 2014-06-19 2015-12-30 腾讯科技(深圳)有限公司 Content distribution method, content distribution terminal, server, and content distribution system
CN107896224A (en) * 2017-12-04 2018-04-10 宁波升维信息技术有限公司 A kind of Web information issuance method based on dual link safety check
CN108183914A (en) * 2018-01-10 2018-06-19 浪潮通用软件有限公司 A kind of method for preventing malice swipe short message verification code from sending service
CN110944300A (en) * 2019-12-23 2020-03-31 四川虹美智能科技有限公司 Short message service system, forwarding interface device and defense server
CN111182547A (en) * 2020-01-08 2020-05-19 中国联合网络通信集团有限公司 Login protection method, device and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104253687A (en) * 2013-06-26 2014-12-31 深圳市腾讯计算机系统有限公司 Method for reducing verification efficiency, method for generating captcha, correlated system, and server
CN105208059A (en) * 2014-06-19 2015-12-30 腾讯科技(深圳)有限公司 Content distribution method, content distribution terminal, server, and content distribution system
CN107896224A (en) * 2017-12-04 2018-04-10 宁波升维信息技术有限公司 A kind of Web information issuance method based on dual link safety check
CN108183914A (en) * 2018-01-10 2018-06-19 浪潮通用软件有限公司 A kind of method for preventing malice swipe short message verification code from sending service
CN110944300A (en) * 2019-12-23 2020-03-31 四川虹美智能科技有限公司 Short message service system, forwarding interface device and defense server
CN111182547A (en) * 2020-01-08 2020-05-19 中国联合网络通信集团有限公司 Login protection method, device and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵坚勇: "《数字电视技术》", 31 January 2016 *

Similar Documents

Publication Publication Date Title
CN105847245B (en) Electronic mailbox login authentication method and device
CN106779716B (en) Authentication method, device and system based on block chain account address
CN114422139B (en) API gateway request security verification method, device, electronic equipment and computer readable medium
CN110958119A (en) Identity verification method and device
CN112491776B (en) Security authentication method and related equipment
CN107666470B (en) Verification information processing method and device
CN102946384A (en) User authentication method and device
CN103001770A (en) User verification method, user verification server and user verification system
CN113452531A (en) Data transmission method and device
CN115022047B (en) Account login method and device based on multi-cloud gateway, computer equipment and medium
CN113239397A (en) Information access method, device, computer equipment and medium
CN114070583A (en) Information access control method, information access control device, computer equipment and medium
CN114938288A (en) Data access method, device, equipment and storage medium
CN112260983B (en) Identity authentication method, device, equipment and computer readable storage medium
CN111581616B (en) Multi-terminal login control method and device
CN110177096B (en) Client authentication method, device, medium and computing equipment
CN108259436B (en) User identity authentication processing method, application server and authentication system server
CN111935655A (en) Short message sending processing method, system, client, server and verification device
CN115174122A (en) Verification code generation method, verification code verification method, device, equipment and medium
CN111565392B (en) Communication method and device
CN110417615B (en) Check switch control method, device and equipment and computer readable storage medium
CN114157472A (en) Network access control method, device, equipment and storage medium
CN107846410B (en) Network access verification method and device
CN107995587B (en) Authentication method, authentication platform, authentication system and service provider platform
CN110807181A (en) Method, device and system for logging in and verifying database in enterprise

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20201113