CN112612922A - Method and device for safely storing mobile phone number, computer equipment and medium - Google Patents
Method and device for safely storing mobile phone number, computer equipment and medium Download PDFInfo
- Publication number
- CN112612922A CN112612922A CN202011486265.9A CN202011486265A CN112612922A CN 112612922 A CN112612922 A CN 112612922A CN 202011486265 A CN202011486265 A CN 202011486265A CN 112612922 A CN112612922 A CN 112612922A
- Authority
- CN
- China
- Prior art keywords
- user
- mobile phone
- phone number
- memory
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000000586 desensitisation Methods 0.000 claims abstract description 47
- 238000012795 verification Methods 0.000 claims description 27
- 238000004590 computer program Methods 0.000 claims description 14
- 230000006870 function Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 4
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/80—Information retrieval; Database structures therefor; File system structures therefor of semi-structured data, e.g. markup language structured data such as SGML, XML or HTML
- G06F16/81—Indexing, e.g. XML tags; Data structures therefor; Storage structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Bioethics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Data Mining & Analysis (AREA)
- Medical Informatics (AREA)
- Telephone Function (AREA)
Abstract
The invention provides a safe storage method and device of a mobile phone number, computer equipment and a storage medium, which are applied to the technical field of digital security and are used for solving the potential safety hazard caused by storing the mobile phone number in the local through a plaintext. The method provided by the invention comprises the steps of acquiring an input user mobile phone number; desensitizing the mobile phone number of the user to obtain a desensitized number; encrypting and storing the desensitization number in a memory; sending the mobile phone number of the user and the terminal equipment information of the user to a server; receiving a user ID sent by a server; the user ID is stored in the memory.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a method and a device for safely storing a mobile phone number, computer equipment and a medium.
Background
At present, personal privacy disclosure is more serious, but registration of each system is difficult to leave a mobile phone number, once the mobile phone number is disclosed, a continuous harassing call is made, and the mobile phone number is sold to a black industry chain to carry out illegal behaviors. Most of the time, developers store the mobile phone number in the plain text locally, and the Android localization storage is considered to be relatively safe storage, so that potential safety hazards cannot exist. But as long as the storage mode of the Android is known, an attacker can still take the mobile phone number. Since some interfaces need to transmit the mobile phone number field to acquire information after the user successfully logs in, many developers are used to store the mobile phone number in the local, namely, the memory of the user terminal by using plaintext, so that the mobile phone number can be conveniently called at any time. However, this mode has a great potential safety hazard, and once an attacker invades the user terminal through a malicious program, the attacker can easily obtain a complete mobile phone number stored in a plaintext, thereby causing leakage of personal privacy information.
Disclosure of Invention
The invention provides a safe storage method of a mobile phone number, which aims to solve the potential safety hazard caused by storing the mobile phone number in the local through a plaintext and prevent an attacker from obtaining the complete mobile phone number stored in the plaintext after invading a user terminal. The safe storage method of the mobile phone number provided by the invention comprises the following steps:
acquiring an input user mobile phone number;
desensitizing the mobile phone number of the user to obtain a desensitized number;
encrypting and storing the desensitization number in a memory;
sending the mobile phone number of the user and the terminal equipment information of the user to a server;
receiving a user ID sent by a server, wherein the user ID is generated by the server according to a user mobile phone number and terminal equipment information, or the user ID is obtained by matching according to the user mobile phone number;
the user ID is stored in the memory.
In another aspect of the present invention, the present invention further provides a secure storage device for a mobile phone number, including:
the user mobile phone number acquisition module is used for acquiring the input user mobile phone number;
the desensitization processing module is used for desensitizing the mobile phone number of the user to obtain a desensitization number;
the desensitization number storage module is used for encrypting the desensitization number and storing the desensitization number in the memory;
the information sending module is used for sending the mobile phone number of the user and the terminal equipment information of the user to the server;
the information receiving module is used for receiving a user ID sent by the server, wherein the user ID is generated by the server according to a user mobile phone number and terminal equipment information or is obtained by matching the user ID according to the user mobile phone number;
and the user ID storage module is used for storing the user ID in the memory.
In another aspect of the present invention, a computer device is provided, which includes a memory and a processor, wherein the memory stores computer readable instructions, and the computer readable instructions, when executed by the processor, cause the processor to execute the steps of the above method for securely storing a mobile phone number.
In another aspect of the present invention, a computer-readable storage medium is provided, in which a mobile phone number secure storage program is stored, and the mobile phone number secure storage program, when executed by a processor, implements the steps of the mobile phone number secure storage method.
The method, the device, the computer equipment and the computer readable storage medium for safely storing the mobile phone number can solve the potential safety hazard caused by storing the mobile phone number in the local through the plaintext, desensitize the acquired user mobile phone number to obtain a desensitized number, encrypt the desensitized number and store the desensitized number in the memory, and prevent an attacker from acquiring the complete mobile phone number stored in the plaintext after invading the user terminal. In addition, the complete user mobile phone number is uploaded and stored in the server, and the server has higher-level safety measures, so that the complete user mobile phone number can be prevented from being revealed. In addition, the server also generates a user ID corresponding to the mobile phone number of the user and stores the user ID on the user terminal for identity verification, and the user ID is a string of character strings and has no use for attackers, so that the mobile phone number and the personal privacy of the user can be effectively protected.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.
Fig. 1 is a schematic diagram of an application environment of a method for securely storing a mobile phone number according to an embodiment of the present invention;
FIG. 2 is a flow chart of a method for secure storage of a cell phone number in one embodiment of the invention;
FIG. 3 is a flow chart of the user ID verification steps of a method for secure storage of a cell phone number in one embodiment of the invention;
FIG. 4 is a flow chart of the token validation steps of a method for secure storage of a cell phone number in one embodiment of the invention;
FIG. 5 is a schematic diagram of a secure storage device for a cell phone number according to an embodiment of the invention;
FIG. 6 is a schematic diagram of a computer device in an embodiment of the invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The method for safely storing the mobile phone number can be applied to the application environment shown in fig. 1, wherein the terminal device communicates with the server through the network. The terminal device may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices. The server may be implemented as a stand-alone server or as a server cluster consisting of a plurality of servers.
In one embodiment, as shown in fig. 2, a method for securely storing a mobile phone number is provided, which is described by taking the method as an example for being applied to the terminal device in fig. 1, and includes the following steps S1 to S6.
S1: and acquiring the input mobile phone number of the user.
In step S1, the user operates the terminal device, and inputs the mobile phone number of the user into the terminal device, and specifically, the mobile phone number of the user acquired by the terminal device will be used as the user identifier in the subsequent steps.
S2: and desensitizing the mobile phone number of the user to obtain a desensitized number.
In step S2, desensitization processing is performed on the user mobile phone number to obtain a desensitization number.
In some service scenarios, the client running on the terminal needs to use the mobile phone number that has been input, for example, to display the mobile phone number of the user back to remind the user of which mobile phone number to use for logging in the system. However, if the complete mobile phone number is stored, it may be obtained by an attacker or malicious software intruding into the mobile phone, so that privacy of the user is revealed, and therefore, desensitization processing needs to be performed on the mobile phone number of the user first, where desensitization processing refers to shielding a plurality of digits in the complete mobile phone number, for example: the 13512345678 is desensitized to 135 x 5678, so that the possibility that an attacker obtains the complete mobile phone number of the user after invading the client is fundamentally eliminated. The mobile phone number of the user after the desensitization treatment is called a desensitization number, and can be used for replacing a complete mobile phone number of the user to remind the user.
S3: the desensitization number is encrypted and stored in memory.
In step S3, the terminal stores the desensitization number in its memory for subsequent use. Further, the desensitization number may also be stored in encrypted form in the memory of the terminal to further enhance security for user privacy.
S4: and sending the mobile phone number of the user and the terminal equipment information of the user to a server.
In step S4, the terminal transmits the received user mobile phone number and its own terminal device information to the server. The device information of the user may be an International Mobile Equipment Identity (IMEI), a Universally Unique Identifier (UUID) generated by the client, or which terminal (e.g., a mobile phone, a tablet computer, etc.) the client is through the device of the user, which brand model, and which version of android generates by itself.
S5: and receiving a user ID sent by the server, wherein the user ID is generated by the server according to the mobile phone number of the user and the terminal equipment information, or the user ID is obtained by matching according to the mobile phone number of the user.
In step S5, the user ID is a character string generated by the AES encryption operation by the server based on the information such as the mobile phone number of the user and the terminal device information, and is the unique identifier of the user, and the user ID is used to log in to the server
In addition, since there is a possibility that the user is already registered in the system, the server receives the mobile phone number of the user sent by the client running on the terminal, and should first query in the database whether the mobile phone number already registers the user ID in the system, that is, the user has already used the service. If the user ID corresponding to the received user mobile phone number is found in the database, the user ID does not need to be generated again, and the existing user ID is directly extracted from the database and is transmitted back to the client.
If the server does not find the user ID corresponding to the received user mobile phone number in the database after being inquired, the server indicates that the user has not been registered in the system before, namely, the service is used for the first time, and at this moment, the user ID corresponding to the mobile phone number is generated for the user and is issued to the client of the user.
S6: the user ID is stored in the memory.
In step S6, the software of the client or the like running on the terminal stores the user ID in the memory. Since the user ID is only a character string, even if an attacker or malware invades a terminal used by the user and obtains the user ID, any information that may reveal the privacy of the user cannot be resolved from the user ID.
The method, the device, the computer equipment and the computer readable storage medium for safely storing the mobile phone number can solve the potential safety hazard caused by storing the mobile phone number in the local through the plaintext, desensitize the acquired user mobile phone number to obtain a desensitized number, encrypt the desensitized number and store the desensitized number in the memory, and prevent an attacker from acquiring the complete mobile phone number stored in the plaintext after invading the user terminal. In addition, the complete user mobile phone number is uploaded and stored in the server, and the server has higher-level safety measures, so that the complete user mobile phone number can be prevented from being revealed. In addition, the server also generates a user ID corresponding to the mobile phone number of the user and stores the user ID on the user terminal for identity verification, and the user ID is a string of character strings and has no use for attackers, so that the mobile phone number and the personal privacy of the user can be effectively protected.
In another embodiment, the step of encrypting and storing the desensitization number in memory further comprises: the desensitization number is stored in a memory in a SharedPreference mode;
the step of storing the user ID in the memory further comprises:
the user ID is stored in the memory by means of SharedPreference.
The SharedPreference mode is a lightweight data storage mode provided by Android, and is mainly used for storing some simple configuration information, such as a default welcome language, a login user name and a password. It is stored in a key-value pair fashion and also supports multiple different data type storage. The character string, integer, Boolean type, what type is stored, and what type is the type that is fetched. The storage form and complexity are indeed much more convenient than file storage, which stores small data, and the data is stored in the xml file at the back.
In the embodiment, the terminal uses a SharedPreference mode to store the encrypted desensitization number and the user ID in a character string form in an xml file under a/data/data/"app package name"/shared _ prefs directory of an Android system.
In another embodiment, after the step of encrypting and storing the desensitization number in the memory, the method further comprises:
the encrypted desensitization number is read from memory by the SharedPreference method and then decrypted and displayed in the user interface.
In some service scenarios, the client needs to display the mobile phone number that has been input, for example, to remind the client that the client has logged in using the mobile phone number, and the client may read the encrypted field from the xml file storing the encrypted desensitization number through SharedPreference, decrypt the encrypted field to restore the desensitization number, and then display the desensitization number in the user interface of the client.
The user interface is an interface used by a user to log in a server, and specifically, the user interface may include a user mobile phone number/password login mode, a user mobile phone number/short message verification code login mode, and a two-dimensional code scanning login mode. In order to prevent malicious attacks, an auxiliary module of an authentication code or the like may also be included.
In another embodiment, the method for securely storing a mobile phone number further includes:
when a login request of a user mobile phone number is received, verifying whether a user ID corresponding to the user mobile phone number is stored in a memory in a SharedPreference mode;
if the verification memory does not store the user ID corresponding to the user' S mobile phone number, go to step S1;
if the verification memory stores the user ID corresponding to the mobile phone number of the user, the user ID is extracted from the memory.
Before each authentication, the terminal needs to determine whether the user ID is stored in the memory, specifically, the key value pair in the specified xml file in the specified directory is read through the SharedPreference, and if the specified xml file is not found or the specified key value pair is not found in the specified xml file, it may be that the terminal installs the client for the first time, or the user uses the service for the first time, and needs to obtain the user ID from the server. At this time, the terminal executes the secure storage method to obtain the user ID. The specific method for obtaining the user ID is already described in the above method, and is not described herein again.
If the key value pair serving as the user ID is found in the specified xml file in the specified directory, the key value pair is extracted and put into a cache, and then the next step is carried out.
Further, the verification memory stores a user ID corresponding to the mobile phone number of the user, and after the step of extracting the user ID from the memory, the method further includes:
and verifying whether the storage stores the token by a SharedPreference mode:
if the verification memory stores the token, the user ID and the token are sent to the server side, the server side carries out cross verification on the user ID, the token and the user mobile phone number stored in the server side, and if the cross verification is passed, the server side is authorized to log in;
in order to simplify the login procedure and avoid the degradation of the use experience caused by the frequent password input by the user, the embodiment also provides the use token to simplify the login procedure. When the user logs in the client, whether the token is stored in the memory of the terminal is verified in a SharedPreference manner by a method similar to the above-described verification of the user ID. And when the token is verified to be stored in the memory of the terminal, the user ID and the token are sent to the server, and after the user ID, the token and the user mobile phone number stored in the server are subjected to cross verification at the server, the terminal is authorized to log in the server. The process does not require password input to improve the user experience.
And if the storage is verified not to store the token, the user ID stored in the storage is sent to the server side, so that the server side can match the user ID with the user mobile phone number stored in the server side, and a user interface is displayed for logging in.
When the memory does not store the token, the user interface needs to log in according to a common method, and the method of logging in the user interface is described above and is not described again.
Further, when the user logs in the server through the user interface, a token returned by the server is received, the token is generated by the server according to the mobile phone number of the user and the terminal equipment information of the user, and then the token is stored in the memory in a SharedPreference mode.
When a user logs in the server through the user interface, in order to avoid the problem that the use experience is reduced due to the fact that the user frequently inputs a password in the subsequent use, the server generates a token according to the user ID, the terminal device information used in the logging-in process and the timestamp, and sends the token to the client. The token can be used for carrying out identity authentication within a certain time when the user logs in the server again, and the password does not need to be input again, so that the use experience of the user can be improved. The token is a string of characters, in the form of key-value pairs, stored in an xml file under the/data/data/"app package name"/shared _ prefs directory of the android system.
In a specific embodiment, the method for securely storing a mobile phone number further includes that the token carries a valid time set by the server, and after the step of storing the token in the memory in a SharedPreference manner, the method further includes:
when the token exceeds the validity time, the token is marked as invalid.
Specifically, according to actual service needs, the server may also set a valid time for the token, that is, the token exceeding the valid time is regarded as invalid. Each time when logging in to the server, the server generates a token and sends the token to the client, and the user can directly enter the system without inputting a password within the valid time of the token, and the verification method is as described above and is not described herein again.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
In another embodiment, a device for securely storing a mobile phone number is provided, where the device for securely storing a mobile phone number corresponds to the method for securely storing a mobile phone number in the above embodiments one to one. As shown in fig. 5, the device for storing mobile phone numbers securely includes a user mobile phone number obtaining module 11, a desensitization processing module 12, a desensitization number storing module 13, an information sending module 14, an information receiving module 15, and a user ID storing module 16. The functional modules are explained in detail as follows:
a user mobile phone number obtaining module 11, configured to obtain an input user mobile phone number;
a desensitization processing module 12, configured to perform desensitization processing on the mobile phone number of the user to obtain a desensitization number;
a desensitization number storage module 13, configured to encrypt and store the desensitization number in a memory;
the information sending module 14 is used for sending the mobile phone number of the user and the terminal equipment information of the user to the server;
the information receiving module 15 is configured to receive a user ID sent by the server, where the user ID is generated by the server according to a user mobile phone number and terminal device information, or is obtained by matching the user ID with the user mobile phone number;
a user ID storage module 16 for storing the user ID in the memory.
In a specific embodiment, the desensitization number storage module 13 further includes:
the desensitization number SharedPreference storage unit is used for storing the desensitization number in a memory in a SharedPreference mode;
the user ID storage module 16 further includes:
and the user IDSharedPreference storage unit is used for storing the user ID in the memory by the SharedPreference mode.
In a specific embodiment, the device for securely storing a mobile phone number further comprises:
the desensitization number reading module is used for reading the encrypted desensitization number from the memory in a SharedPreference mode;
and the desensitization number echoing module is used for decrypting the encrypted desensitization number and displaying the decrypted desensitization number in the user interface.
In a specific embodiment, the device for securely storing a mobile phone number further comprises:
the user ID verification module is used for verifying whether the memory stores the user ID corresponding to the mobile phone number of the user in a SharedPreference mode when the login request of the mobile phone number of the user is received;
in one embodiment, the user mobile phone number obtaining module 11 is further configured to, if the verification storage does not store the user ID corresponding to the user mobile phone number, obtain the input user mobile phone number;
if the verification memory stores the user ID corresponding to the mobile phone number of the user, the user ID is extracted from the memory.
In a specific embodiment, if the user ID verification module verifies that the memory stores the user ID corresponding to the mobile phone number of the user, the mobile phone number security storage device further includes:
and the token verification module is used for verifying whether the storage stores the token or not in a SharedPreference mode.
Further, the token verification module specifically includes a first token verification unit and a second token verification unit.
The first token verifying unit is used for sending the user ID and the token to the server side if the token is stored in the verifying storage, so that the server side can carry out cross verification on the user ID, the token and the user mobile phone number stored in the server side, and if the cross verification is passed, the server side is authorized to log in;
and the second token verification unit is used for sending the user ID stored in the memory to the server side if the memory is verified not to store the token, so that the server side can match the user ID with the user mobile phone number stored in the server side and display a user interface for logging in.
In a specific embodiment, if the token verifying module verifies that the memory does not store the token, the secure storage of the mobile phone number further includes:
the token receiving module is used for receiving a token returned by the server when logging in the server through the user interface, wherein the token is generated by the mobile phone number of the user and the terminal equipment information of the user at the server;
and the token storage module is used for storing the token in the memory in a SharedPreference mode.
In a specific embodiment, the token carries valid time set by the server, and the secure storage device for the mobile phone number further includes:
and the token marking module is used for marking the token as invalid after the token exceeds the valid time.
Wherein the meaning of "first" and "second" in the above modules/units is only to distinguish different modules/units, and is not used to define which module/unit has higher priority or other defining meaning. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or modules is not necessarily limited to those steps or modules explicitly listed, but may include other steps or modules not explicitly listed or inherent to such process, method, article, or apparatus, and such that a division of modules presented in this application is merely a logical division and may be implemented in a practical application in a further manner.
For the specific definition of the security storage device of the mobile phone number, reference may be made to the above definition of the security method of the mobile phone number, and details are not described herein again. All or part of the modules in the mobile phone number safety storage device can be realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external server through a network connection. The computer program is executed by a processor to implement a method for secure storage of a mobile phone number.
In one embodiment, a computer device is provided, which includes a memory, a processor and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the steps of the method for securely storing a mobile phone number in the above embodiments are implemented, for example, steps S1 to S6 shown in fig. 2 and other extensions of the method and related steps. Alternatively, the processor, when executing the computer program, implements the functions of the modules/units of the secure storage apparatus for a mobile phone number in the above-described embodiment, for example, the functions of the modules 11 to 16 shown in fig. 5. To avoid repetition, further description is omitted here.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like which is the control center for the computer device and which connects the various parts of the overall computer device using various interfaces and lines.
The memory may be used to store the computer programs and/or modules, and the processor may implement various functions of the computer device by running or executing the computer programs and/or modules stored in the memory and invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, video data, etc.) created according to the use of the cellular phone, etc.
The memory may be integrated in the processor or may be provided separately from the processor.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which when executed by a processor implements the steps of the method for secure storage of a cell phone number in the above-described embodiments, such as the steps S1 through S6 shown in fig. 2 and extensions of other extensions and related steps of the method. Alternatively, the computer program, when executed by the processor, implements the functions of the modules/units of the secure storage of the mobile phone number in the above-described embodiments, such as the functions of the modules 11 to 16 shown in fig. 5. To avoid repetition, further description is omitted here.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.
Claims (10)
1. A method for safely storing a mobile phone number is characterized by comprising the following steps:
acquiring an input user mobile phone number;
desensitizing the mobile phone number of the user to obtain a desensitized number;
encrypting and storing the desensitization number in a memory;
sending the mobile phone number of the user and the terminal equipment information of the user to a server;
receiving a user ID sent by the server, wherein the user ID is generated by the server according to the user mobile phone number and the terminal equipment information, or the user ID is obtained by matching according to the user mobile phone number;
storing the user ID in the memory.
2. The method for securely storing a mobile phone number according to claim 1, wherein said step of encrypting and storing said desensitized number in a memory further comprises:
storing the desensitization number in the memory by a SharedPreference mode;
the step of storing the user ID in the memory further comprises:
and storing the user ID in the memory by a SharedPreference mode.
3. The method for securely storing a mobile phone number according to claim 2, further comprising, after said step of encrypting and storing said desensitized number in a memory:
reading the encrypted desensitization number from the memory by a SharedPreference manner;
decrypting and displaying the encrypted desensitization number in a user interface.
4. The method for securely storing a mobile phone number according to claim 1, further comprising:
when a login request of a user mobile phone number is received, verifying whether a user ID corresponding to the user mobile phone number is stored in the memory in a SharedPreference mode;
if the memory is verified not to store the user ID corresponding to the user mobile phone number, executing the step of acquiring the input user mobile phone number;
and if the memory is verified to store the user ID corresponding to the mobile phone number of the user, extracting the user ID from the memory.
5. The method of claim 4, wherein after the step of retrieving the user ID from the memory if it is verified that the memory stores the user ID corresponding to the user's mobile phone number, the method further comprises:
verifying whether the memory stores a token by means of SharedPreference:
if the storage is verified to store the token, the user ID and the token are sent to the server side, the server side carries out cross verification on the user ID, the token and the user mobile phone number stored in the server side, and if the cross verification is passed, the server side is authorized to log in;
and if the token is not stored in the memory through verification, the user ID stored in the memory is sent to the server, so that the server can match the user ID with the user mobile phone number stored in the server, and a user interface is displayed for logging in.
6. The method of claim 5, wherein if it is verified that the token is not stored in the memory, further comprising:
when the server is logged in through the user interface, receiving the token returned by the server, wherein the token is generated by the server according to the mobile phone number of the user and the terminal equipment information of the user;
storing the token in the memory by way of a SharedPreference.
7. The method as claimed in claim 6, wherein the token carries a valid time set by the server, and after the step of storing the token in the memory by SharedPreference, the method further comprises:
and marking the token as invalid after the token exceeds the valid time.
8. A secure storage device for a mobile phone number, comprising:
the user mobile phone number acquisition module is used for acquiring the input user mobile phone number;
the desensitization processing module is used for desensitizing the mobile phone number of the user to obtain a desensitization number;
desensitization number memory module, is used for encrypting and keeping in the memorizer the said desensitization number;
the information sending module is used for sending the mobile phone number of the user and the terminal equipment information of the user to a server;
the information receiving module is used for receiving a user ID sent by the server, wherein the user ID is generated by the server according to the user mobile phone number and the terminal equipment information, or the user ID is obtained by matching according to the user mobile phone number;
a user ID storage module for storing the user ID in the memory.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of a method for secure storage of a mobile phone number according to any of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, carries out the steps of a method for secure storage of a mobile phone number according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011486265.9A CN112612922A (en) | 2020-12-16 | 2020-12-16 | Method and device for safely storing mobile phone number, computer equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011486265.9A CN112612922A (en) | 2020-12-16 | 2020-12-16 | Method and device for safely storing mobile phone number, computer equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112612922A true CN112612922A (en) | 2021-04-06 |
Family
ID=75239518
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011486265.9A Pending CN112612922A (en) | 2020-12-16 | 2020-12-16 | Method and device for safely storing mobile phone number, computer equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112612922A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113220868A (en) * | 2021-05-28 | 2021-08-06 | 国网绿色能源有限公司 | Text data filtering and acquiring method, device, equipment and storage medium |
| CN114429341A (en) * | 2022-01-24 | 2022-05-03 | 吉林银行股份有限公司 | Grouped payment method, device and equipment |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104809410A (en) * | 2015-05-13 | 2015-07-29 | 上海凭安企业信用征信有限公司 | Individual privacy protected credit investigation data desensitized acquisition method |
| WO2016024076A1 (en) * | 2014-08-12 | 2016-02-18 | Jewel Aviation And Technology Limited | Data security system and method |
| CN106971121A (en) * | 2017-04-10 | 2017-07-21 | 深圳乐信软件技术有限公司 | Data processing method, device, server and storage medium |
| CN107171784A (en) * | 2017-05-12 | 2017-09-15 | 珠海富鸿科技有限公司 | Unexpected environmental accident emergency command dispatching method and system |
| CN108270917A (en) * | 2017-12-01 | 2018-07-10 | 南京嘉谷初成通信科技有限公司 | A kind of encryption smart mobile phone |
| CN109639740A (en) * | 2019-01-31 | 2019-04-16 | 平安科技(深圳)有限公司 | A kind of login state sharing method and device based on device id |
| KR102089957B1 (en) * | 2018-10-10 | 2020-03-17 | 윤정현 | User authentication apparatus and user authentication computer program |
| CN111666546A (en) * | 2020-06-19 | 2020-09-15 | 上海连尚网络科技有限公司 | Application login method and device |
-
2020
- 2020-12-16 CN CN202011486265.9A patent/CN112612922A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016024076A1 (en) * | 2014-08-12 | 2016-02-18 | Jewel Aviation And Technology Limited | Data security system and method |
| CN104809410A (en) * | 2015-05-13 | 2015-07-29 | 上海凭安企业信用征信有限公司 | Individual privacy protected credit investigation data desensitized acquisition method |
| CN106971121A (en) * | 2017-04-10 | 2017-07-21 | 深圳乐信软件技术有限公司 | Data processing method, device, server and storage medium |
| CN107171784A (en) * | 2017-05-12 | 2017-09-15 | 珠海富鸿科技有限公司 | Unexpected environmental accident emergency command dispatching method and system |
| CN108270917A (en) * | 2017-12-01 | 2018-07-10 | 南京嘉谷初成通信科技有限公司 | A kind of encryption smart mobile phone |
| KR102089957B1 (en) * | 2018-10-10 | 2020-03-17 | 윤정현 | User authentication apparatus and user authentication computer program |
| CN109639740A (en) * | 2019-01-31 | 2019-04-16 | 平安科技(深圳)有限公司 | A kind of login state sharing method and device based on device id |
| CN111666546A (en) * | 2020-06-19 | 2020-09-15 | 上海连尚网络科技有限公司 | Application login method and device |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113220868A (en) * | 2021-05-28 | 2021-08-06 | 国网绿色能源有限公司 | Text data filtering and acquiring method, device, equipment and storage medium |
| CN114429341A (en) * | 2022-01-24 | 2022-05-03 | 吉林银行股份有限公司 | Grouped payment method, device and equipment |
| CN114429341B (en) * | 2022-01-24 | 2022-12-02 | 吉林银行股份有限公司 | Grouped payment method, device and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110677418B (en) | Trusted voiceprint authentication method and device, electronic equipment and storage medium | |
| US10659237B2 (en) | System and method for verifying integrity of an electronic device | |
| US10445487B2 (en) | Methods and apparatus for authentication of joint account login | |
| US8850211B2 (en) | Method and apparatus for improving code and data signing | |
| US20170208049A1 (en) | Key agreement method and device for verification information | |
| CN111193740B (en) | Encryption method, device, decryption method, computer device and storage medium | |
| CN106612180A (en) | Method and device for realizing session identifier synchronization | |
| US11606202B2 (en) | Methods and systems for secure data transmission | |
| CN106372497B (en) | Application programming interface API protection method and protection device | |
| CN111031047A (en) | Device communication method, device, computer device and storage medium | |
| CN107819579B (en) | User request processing method, server and computer readable storage medium | |
| CN112131564A (en) | Encrypted data communication method, apparatus, device, and medium | |
| CN105975867A (en) | Data processing method | |
| CN112612922A (en) | Method and device for safely storing mobile phone number, computer equipment and medium | |
| CN112019548A (en) | User-defined interface signature method, server and system for preventing malicious attacks | |
| US11288381B2 (en) | Calculation device, calculation method, calculation program and calculation system | |
| CN112527835A (en) | Authentication request processing method and device based on cache and related equipment | |
| CN109740319B (en) | Digital identity verification method and server | |
| CN116049802B (en) | Application single sign-on method, system, computer equipment and storage medium | |
| CN110659474B (en) | Inter-application communication method, device, terminal and storage medium | |
| Jiang et al. | An effective authentication for client application using ARM trustzone | |
| CN111542050B (en) | TEE-based method for guaranteeing remote initialization safety of virtual SIM card | |
| CN114036546A (en) | Identity verification method and device based on mobile phone number, computer equipment and medium | |
| CN111740980B (en) | Method and device for logging in application, mobile terminal and storage medium | |
| CN114884710B (en) | Page data verification method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |