CN112734440A - Transaction authentication method and device, electronic equipment and computer-readable storage medium - Google Patents

Transaction authentication method and device, electronic equipment and computer-readable storage medium Download PDF

Info

Publication number
CN112734440A
CN112734440A CN202110079045.2A CN202110079045A CN112734440A CN 112734440 A CN112734440 A CN 112734440A CN 202110079045 A CN202110079045 A CN 202110079045A CN 112734440 A CN112734440 A CN 112734440A
Authority
CN
China
Prior art keywords
user
identity authentication
identity
authentication
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110079045.2A
Other languages
Chinese (zh)
Inventor
薛红星
李坚明
谭世殊
胡玮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CCB Finetech Co Ltd
Original Assignee
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CCB Finetech Co Ltd filed Critical CCB Finetech Co Ltd
Priority to CN202110079045.2A priority Critical patent/CN112734440A/en
Publication of CN112734440A publication Critical patent/CN112734440A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The embodiment of the application provides a transaction authentication method, a transaction authentication device, electronic equipment and a computer-readable storage medium. The method comprises the following steps: when a transaction request sent by terminal equipment is received, a trusted digital identity file of a user is acquired from the terminal equipment; performing first identity authentication on the user based on the trusted digital identity file; the transaction request is processed based on whether the first identity authentication passes. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.

Description

Transaction authentication method and device, electronic equipment and computer-readable storage medium
Technical Field
The present application relates to the field of identity authentication technologies, and in particular, to a transaction authentication method, apparatus, electronic device, and computer-readable storage medium.
Background
The traditional bank transfer generally confirms the identity of a client on line by sending a short message verification code, and the client inputs a corresponding short message verification code to complete the transfer after receiving the verification code.
In the existing short message verification mode, the short message verification code has the risk of being hijacked, so that the fund security can be influenced. In addition, the user may not receive the short message verification code or input the short message verification code incorrectly, which results in poor experience.
Disclosure of Invention
The present application aims to solve at least one of the above technical drawbacks. The technical scheme adopted by the application is as follows:
in a first aspect, an embodiment of the present application provides a transaction authentication method, where the method includes:
when a transaction request sent by terminal equipment is received, a trusted digital identity file of a user is acquired from the terminal equipment;
performing first identity authentication on the user based on the trusted digital identity file;
the transaction request is processed based on whether the first identity authentication passes.
Optionally, performing a first identity authentication on the user based on the trusted digital identity file, including:
based on whether the trusted digital identity file corresponds to the identity information of the user, a first identity authentication is performed on the user.
Optionally, processing the transaction request based on whether the first identity authentication passes comprises:
if the first identity authentication is passed, acquiring the biological characteristic information of the user;
performing second identity authentication on the user based on the biological characteristic information;
and processing the transaction request based on whether the second identity authentication is passed.
Optionally, processing the transaction request based on whether the second identity authentication passes includes:
and if the second identity authentication passes, processing the transaction corresponding to the transaction request.
Optionally, the biometric information comprises at least one of:
vein image information;
iris image information;
face image information;
fingerprint image information.
Optionally, performing a second identity authentication on the user based on the biometric information includes:
acquiring face image information of a user, which is acquired by terminal equipment;
comparing the face image information with the pre-stored image information of the user;
and performing second identity authentication based on the comparison result.
Optionally, comparing the face image information with pre-stored image information of the user, and performing second identity authentication based on a comparison result, including:
inputting face image information of a user into a face feature extraction model to obtain a first face feature;
comparing a second face feature of pre-stored image information of the user with the first face feature to determine face similarity;
and performing second identity authentication based on the face similarity.
Optionally, performing a second identity authentication based on the face similarity, including:
if the face similarity is larger than a preset similarity threshold, determining that the second identity authentication is passed;
and if the face similarity is not greater than the preset similarity threshold, determining that the second identity authentication fails.
Optionally, the trusted digital identity file is stored in the terminal device.
In a second aspect, an embodiment of the present application provides another transaction authentication method, including:
sending a transaction request to a server;
when a trusted digital identity file acquisition request sent by the server is received, the trusted digital identity file is returned to the server, so that the server performs first identity authentication on the user based on the trusted digital identity file, and processes the transaction request based on whether the first identity authentication passes or not.
Optionally, the method further includes:
and receiving a processing result of the transaction request returned by the server.
Optionally, the method further comprises:
when a biological characteristic information acquisition request sent by the server is received, the biological characteristic information of the user is acquired, and the biological characteristic information is returned to the server, so that the server performs second identity authentication on the user based on the biological characteristic information, and processes the transaction request based on whether the second identity authentication passes or not.
In a third aspect, an embodiment of the present application provides a transaction authentication device, including:
the trusted digital identity file acquisition module is used for acquiring a trusted digital identity file of a user from the terminal equipment when receiving a transaction request sent by the terminal equipment;
the first identity authentication module is used for performing first identity authentication on the user based on the trusted digital identity file;
and the transaction request processing module is used for processing the transaction request based on whether the first identity authentication passes or not.
Optionally, the first identity authentication module is specifically configured to:
based on whether the trusted digital identity file corresponds to the identity information of the user, a first identity authentication is performed on the user.
Optionally, the transaction request processing module is specifically configured to:
if the first identity authentication is passed, acquiring the biological characteristic information of the user;
performing second identity authentication on the user based on the biological characteristic information;
and processing the transaction request based on whether the second identity authentication is passed.
Optionally, when the transaction request processing module processes the transaction request based on whether the second identity authentication passes or not, the transaction request processing module is specifically configured to:
and if the second identity authentication passes, processing the transaction corresponding to the transaction request.
Optionally, the biometric information comprises at least one of:
vein image information;
iris image information;
face image information;
fingerprint image information.
Optionally, when performing the second identity authentication on the user based on the biometric information, the transaction request processing module is specifically configured to:
acquiring face image information of a user, which is acquired by terminal equipment;
comparing the face image information with the pre-stored image information of the user;
and performing second identity authentication based on the comparison result.
Optionally, the transaction request processing module is specifically configured to, when comparing the face image information with pre-stored image information of the user and performing second identity authentication based on a comparison result:
inputting face image information of a user into a face feature extraction model to obtain a first face feature;
comparing a second face feature of pre-stored image information of the user with the first face feature to determine face similarity;
and performing second identity authentication based on the face similarity.
Optionally, the transaction request processing module is specifically configured to, when performing the second identity authentication based on the face similarity:
if the face similarity is larger than a preset similarity threshold, determining that the second identity authentication is passed;
and if the face similarity is not greater than the preset similarity threshold, determining that the second identity authentication fails.
Optionally, the trusted digital identity file is stored in the terminal device.
In a fourth aspect, an embodiment of the present application provides another transaction authentication device, including:
the transaction request sending module is used for sending a transaction request to the server;
and the trusted digital identity file returning module is used for returning the trusted digital identity file to the server when receiving a trusted digital identity file acquisition request sent by the server, so that the server performs first identity authentication on the user based on the trusted digital identity file and processes the transaction request based on whether the first identity authentication passes or not.
Optionally, the apparatus further comprises:
and the biological characteristic information returning module is used for collecting the biological characteristic information of the user when receiving the biological characteristic information acquisition request sent by the server and returning the biological characteristic information to the server so that the server performs second identity authentication on the user based on the biological characteristic information and processes the transaction request based on whether the second identity authentication passes or not.
Optionally, the apparatus further comprises:
and the processing result receiving module is used for receiving the processing result of the transaction request returned by the server.
In a fifth aspect, an embodiment of the present application provides a terminal device, where a trusted digital identity file is stored in the terminal device, and the trusted digital identity file is returned to a server by the terminal device when receiving a trusted digital identity file acquisition request sent by the server, so that the server performs a first identity authentication on a user based on the trusted digital identity file.
In a sixth aspect, an embodiment of the present application provides an electronic device, including: a processor and a memory;
a memory for storing operating instructions;
a processor configured to execute the transaction authentication method as shown in any implementation of the first aspect of the present application or as shown in any implementation of the second aspect by calling an operation instruction.
In a seventh aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the transaction authentication method shown in any of the embodiments of the first aspect or shown in any of the embodiments of the second aspect.
The technical scheme provided by the embodiment of the application has the following beneficial effects:
according to the scheme provided by the embodiment of the application, when the transaction request sent by the terminal equipment is received, the credible digital identity file of the user is acquired from the terminal equipment, the terminal equipment is verified based on the credible digital identity file, and therefore the transaction request is processed based on whether the verification is passed or not. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.
FIG. 1 is a schematic view of a conventional transfer transaction flow;
fig. 2 is a schematic flowchart of a transaction authentication method according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of an embodiment of a transaction authentication method according to an embodiment of the present disclosure;
fig. 4 is a schematic flow chart illustrating another transaction authentication method according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a transaction authentication device according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of another transaction authentication device according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
A conventional transfer transaction flow diagram is shown in fig. 1, and the specific flow in fig. 1 is as follows:
(1) client on-line bank clicking transfer operation
(2) System sending short message verification code
(3) Verification code for receiving short message by customer mobile phone
(3) Inputting short message identifying code for verification, if the verification fails, re-submitting the repeated short message identifying code by the system
Traditional bank transfer generally sends a short message verification code, and a customer inputs the corresponding short message verification code to complete the transfer after receiving the verification code. The experience is not good due to the fact that the short message verification code cannot be received or the short message verification code is input incorrectly when the client network is not good.
The embodiment of the application provides a transaction authentication method, a transaction authentication device, an electronic device and a computer-readable storage medium, which aim to solve at least one of the above technical problems in the prior art.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 2 is a schematic flowchart illustrating a transaction authentication method according to an embodiment of the present application, and as shown in fig. 2, the method mainly includes:
step S110: when a transaction request sent by terminal equipment is received, a trusted digital identity file of a user is acquired from the terminal equipment;
step S120: verifying the terminal equipment based on the credible digital identity file;
step S130: based on whether the verification passes, the transaction request is processed.
In the embodiment of the application, the transaction corresponding to the transaction request can be a transfer or the like.
The credible digital identity adopts a state secret algorithm, identity information carried by a resident identity card is desensitized and de-identified by a CTID platform, and the generated irreversible data file which does not contain plaintext information and is mapped with legal certificates one by one can realize online identity authentication on the premise of not revealing the identity information.
In the embodiment of the application, the trusted digital identity file of the user can be acquired through the terminal device, so that the first identity authentication of the user is realized according to the trusted digital identity file, and the transaction request is processed based on the result of the first identity authentication.
In the embodiment of the application, the user identity authentication is carried out through the credible digital identity, so that the potential safety hazard possibly existing in the conventional short message verification mode can be avoided, and the use experience of a user can be improved due to the fact that the user does not need to input the short message verification code.
According to the method provided by the embodiment of the application, when the transaction request sent by the terminal equipment is received, the credible digital identity file of the user is acquired from the terminal equipment, the terminal equipment is verified based on the credible digital identity file, and therefore the transaction request is processed based on whether the verification is passed or not. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
In an optional mode of the embodiment of the present application, performing a first identity authentication on a user based on a trusted digital identity file includes:
based on whether the trusted digital identity file corresponds to the identity information of the user, a first identity authentication is performed on the user.
In the embodiment of the application, the trusted digital identity file corresponds to the identity of the user, so that the identity authentication of the user can be realized by judging whether the trusted digital identity file corresponds to the identity information of the user.
In an optional manner of the embodiment of the present application, processing the transaction request based on whether the first identity authentication passes includes:
if the first identity authentication is passed, acquiring the biological characteristic information of the user;
performing second identity authentication on the user based on the biological characteristic information;
and processing the transaction request based on whether the second identity authentication is passed.
In the embodiment of the application, if the first identity authentication is passed, the processing of the transaction request can be refused.
In the embodiment of the application, if the first identity authentication is passed, the biological characteristic information of the user can be acquired, so that the second identity authentication is performed on the user based on the biological characteristic information. And processing the transaction request according to the result of the second identity authentication.
In an optional manner of the embodiment of the present application, processing the transaction request based on whether the second identity authentication passes includes:
and if the second identity authentication passes, processing the transaction corresponding to the transaction request.
In the embodiment of the application, if the second identity authentication is not passed, the processing of the transaction request can be refused; if the second identity authentication is passed, the transaction corresponding to the transaction request is processed, for example, the current transfer operation may be allowed.
In an optional manner of the embodiment of the present application, the biometric information includes at least one of:
vein image information;
iris image information;
face image information;
fingerprint image information.
In the embodiment of the application, the selected biological feature recognition mode can comprise vein recognition, iris recognition, face recognition, fingerprint recognition and the like. The vein image information, the iris image information, the face image information, the fingerprint image information and other information can be acquired through the terminal equipment.
In an optional mode of the embodiment of the present application, performing second identity authentication on the user based on the biometric information includes:
acquiring face image information of a user, which is acquired by terminal equipment;
comparing the face image information with the pre-stored image information of the user;
and performing second identity authentication based on the comparison result.
In the embodiment of the application, the face image information of the user can be acquired through the image acquisition module of the terminal device, so that the face image information is compared with the pre-stored image information of the user, and the second identity authentication is performed on the user based on the comparison result.
In an optional mode of this application embodiment, compare with the image information of prestoring of user based on facial image information, carry out second authentication based on the comparison result, include:
inputting face image information of a user into a face feature extraction model to obtain a first face feature;
comparing a second face feature of pre-stored image information of the user with the first face feature to determine face similarity;
and performing second identity authentication based on the face similarity.
In the embodiment of the application, when the face image information is compared with the pre-stored image information of the user, the collected face image information of the user can be input into a face feature extraction model, the first face feature of the collected face image is extracted, and then the first face feature is compared with the second face feature of the pre-stored image information of the user, so that the face similarity is determined.
In the embodiment of the application, the second identity authentication can be performed based on the face similarity between the collected face image information and the pre-stored image information of the user.
In actual use, a plurality of facial images of a user can be collected, the facial images are preprocessed, and facial images with poor quality (such as facial images with the situations of incorrect posture of the user or blurred images) are screened out. Thereby performing the second authentication based on the face image of better quality. In an optional mode of the embodiment of the present application, performing the second identity authentication based on the face similarity includes:
if the face similarity is larger than a preset similarity threshold, determining that the second identity authentication is passed;
and if the face similarity is not greater than the preset similarity threshold, determining that the second identity authentication fails.
Specifically, when the similarity between the face image information and the pre-stored image information of the user is higher than a preset similarity threshold, the user currently performing the operation is considered to be the user himself, and it can be determined that the second identity authentication is passed.
When the similarity between the face image information and the pre-stored image information of the user is not higher than the preset similarity threshold, the user who is currently operating may not be the user himself, the current transaction has a risk, and it can be determined that the second identity authentication is not passed.
In practical use, if the second identity authentication fails, the user can be promoted to re-collect the face image information and re-perform the second identity authentication.
In an optional manner of the embodiment of the present application, the trusted digital identity file is stored in the terminal device.
In the embodiment of the application, the trusted digital identity file can be stored in the terminal device, and is sent to the server by the terminal device during identity authentication.
As an example, fig. 3 is a schematic flowchart illustrating a specific implementation of a transaction authentication method provided in an embodiment of the present application.
(1) The client clicks on a bank on line to perform account transfer operation;
(2) the system reads the credible identity data file to perform first identity authentication on the user, if the first authentication fails, the transaction is considered to have risk, and the processing of the account transfer transaction is stopped;
(3) if the first authentication passes, the face brushing verification can be carried out on the client, if the verification fails, the face brushing needs to be carried out again, if the continuous failure times of the face brushing verification exceed a specified value, the transaction is considered to have risk, and the processing of the account-transfer transaction is stopped.
(4) If the face-brushing verification passes, the transfer transaction may be allowed to proceed.
Fig. 4 is a schematic flowchart illustrating another transaction authentication method provided in an embodiment of the present application, and as shown in fig. 4, the method mainly includes:
step S210: sending a transaction request to a server;
step S220: when a trusted digital identity file acquisition request sent by the server is received, the trusted digital identity file is returned to the server, so that the server performs first identity authentication on the user based on the trusted digital identity file, and processes the transaction request based on whether the first identity authentication passes or not.
In the embodiment of the application, the user can carry out transactions on the terminal equipment, such as transfer transactions and the like. When the transaction operation of the user is detected, the terminal device can send a transaction request to the server.
In the embodiment of the application, after receiving the transaction request, the server may send a trusted digital identity file acquisition request to the terminal device, and the terminal device may return the trusted digital identity file of the user to the server. The server may perform a first identity authentication of the user based on the trusted digital identity file, thereby processing the transaction request based on a result of the first identity authentication.
In the embodiment of the application, the user identity authentication is carried out through the credible digital identity, so that the potential safety hazard possibly existing in the conventional short message verification mode can be avoided, and the use experience of a user can be improved due to the fact that the user does not need to input the short message verification code.
According to the method provided by the embodiment of the application, the transaction request is sent to the server; when a trusted digital identity file acquisition request sent by the server is received, the trusted digital identity file is returned to the server, so that the server performs first identity authentication on the user based on the trusted digital identity file, and processes the transaction request based on whether the first identity authentication passes or not. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
In the embodiment of the application, the user identity authentication is carried out through the credible digital identity, so that the potential safety hazard possibly existing in the conventional short message verification mode can be avoided, and the use experience of a user can be improved due to the fact that the user does not need to input the short message verification code.
In an optional implementation manner of the present application, the method further includes:
when a biological characteristic information acquisition request sent by the server is received, the biological characteristic information of the user is acquired, and the biological characteristic information is returned to the server, so that the server performs second identity authentication on the user based on the biological characteristic information, and processes the transaction request based on whether the second identity authentication passes or not.
In the embodiment of the application, the server can send the biological characteristic information acquisition request to the terminal equipment after the first identity authentication of the user is passed according to the trusted digital identity file, and the terminal equipment can acquire the biological characteristic information of the user and return the biological characteristic information to the server. The server, after receiving the biometric information, may perform a second identity authentication for the user based on the biometric information.
If the second identity authentication passes, the transaction corresponding to the transaction request can be allowed to be processed.
If the second identity authentication is not passed, the processing of the transaction corresponding to the transaction request can be refused.
In an optional implementation manner of the present application, the method further includes:
and receiving a processing result of the transaction request returned by the server.
In the embodiment of the application, if the first identity authentication fails, a prompt message indicating that the first identity authentication fails may be returned to the terminal device. If the first identity authentication is successful, the server can also perform second identity authentication on the user, and after the second identity authentication is passed, the server can process the transaction request and then return the processing result of the transaction request to the terminal equipment.
Based on the same principle as the method shown in fig. 2, fig. 5 shows a schematic structural diagram of a transaction authentication device provided by an embodiment of the present application, and as shown in fig. 5, the transaction authentication device 20 may include:
a trusted digital identity file obtaining module 310, configured to, when receiving a transaction request sent by a terminal device, obtain a trusted digital identity file of a user from the terminal device;
a first identity authentication module 320 for performing a first identity authentication on the user based on the trusted digital identity file;
and the transaction request processing module 330 is configured to process the transaction request based on whether the first identity authentication passes.
According to the device provided by the embodiment of the application, when the transaction request sent by the terminal equipment is received, the credible digital identity file of the user is acquired from the terminal equipment, the terminal equipment is verified based on the credible digital identity file, and therefore the transaction request is processed based on whether the verification is passed or not. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
Optionally, the first identity authentication module is specifically configured to:
based on whether the trusted digital identity file corresponds to the identity information of the user, a first identity authentication is performed on the user.
Optionally, the transaction request processing module is specifically configured to:
if the first identity authentication is passed, acquiring the biological characteristic information of the user;
performing second identity authentication on the user based on the biological characteristic information;
and processing the transaction request based on whether the second identity authentication is passed.
Optionally, when the transaction request processing module processes the transaction request based on whether the second identity authentication passes or not, the transaction request processing module is specifically configured to:
and if the second identity authentication passes, processing the transaction corresponding to the transaction request.
Optionally, the biometric information comprises at least one of:
vein image information;
iris image information;
face image information;
fingerprint image information.
Optionally, when performing the second identity authentication on the user based on the biometric information, the transaction request processing module is specifically configured to:
acquiring face image information of a user, which is acquired by terminal equipment;
comparing the face image information with the pre-stored image information of the user;
and performing second identity authentication based on the comparison result.
Optionally, the transaction request processing module is specifically configured to, when comparing the face image information with pre-stored image information of the user and performing second identity authentication based on a comparison result:
inputting face image information of a user into a face feature extraction model to obtain a first face feature;
comparing a second face feature of pre-stored image information of the user with the first face feature to determine face similarity;
and performing second identity authentication based on the face similarity.
Optionally, the transaction request processing module is specifically configured to, when performing the second identity authentication based on the face similarity:
if the face similarity is larger than a preset similarity threshold, determining that the second identity authentication is passed;
and if the face similarity is not greater than the preset similarity threshold, determining that the second identity authentication fails.
Optionally, the trusted digital identity file is stored in the terminal device.
It is understood that the above modules of the transaction authentication device in the present embodiment have functions of implementing the corresponding steps of the transaction authentication method in the embodiment shown in fig. 2. The function can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the functions described above. The modules can be software and/or hardware, and each module can be implemented independently or by integrating a plurality of modules. For the functional description of each module of the transaction authentication device, reference may be specifically made to the corresponding description of the transaction authentication method in the embodiment shown in fig. 2, and details are not repeated here.
Based on the same principle as the method shown in fig. 4, fig. 6 shows a schematic structural diagram of another transaction authentication device provided in the embodiment of the present application, and as shown in fig. 6, the transaction authentication device 40 may include:
a transaction request sending module 410, configured to send a transaction request to a server;
the trusted digital identity file returning module 420 is configured to, when receiving a trusted digital identity file acquisition request sent by a server, return a trusted digital identity file to the server, so that the server performs a first identity authentication on the user based on the trusted digital identity file, and processes the transaction request based on whether the first identity authentication passes or not.
The device provided by the embodiment of the application sends a transaction request to the server; when a trusted digital identity file acquisition request sent by the server is received, the trusted digital identity file is returned to the server, so that the server performs first identity authentication on the user based on the trusted digital identity file, and processes the transaction request based on whether the first identity authentication passes or not. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
Optionally, the apparatus further comprises:
and the biological characteristic information returning module is used for collecting the biological characteristic information of the user when receiving the biological characteristic information acquisition request sent by the server and returning the biological characteristic information to the server so that the server performs second identity authentication on the user based on the biological characteristic information and processes the transaction request based on whether the second identity authentication passes or not.
Optionally, the apparatus further comprises:
and the processing result receiving module is used for receiving the processing result of the transaction request returned by the server.
In a fifth aspect, an embodiment of the present application provides a terminal device, where a trusted digital identity file is stored in the terminal device, and the trusted digital identity file is returned to a server by the terminal device when receiving a trusted digital identity file acquisition request sent by the server, so that the server performs a first identity authentication on a user based on the trusted digital identity file.
It is understood that the above modules of the transaction authentication device in the present embodiment have functions of implementing the corresponding steps of the transaction authentication method in the embodiment shown in fig. 4. The function can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the functions described above. The modules can be software and/or hardware, and each module can be implemented independently or by integrating a plurality of modules. For the functional description of each module of the transaction authentication device, reference may be specifically made to the corresponding description of the transaction authentication method in the embodiment shown in fig. 4, which is not described herein again.
The embodiment of the application provides a terminal device, wherein a trusted digital identity file is stored in the terminal device, and the trusted digital identity file is returned to a server by the terminal device when receiving a trusted digital identity file acquisition request sent by the server, so that the server performs first identity authentication on a user based on the trusted digital identity file.
The terminal device provided by the embodiment of the application returns the trusted digital identity file to the server when receiving the trusted digital identity file acquisition request sent by the server, so that the server performs first identity authentication on the user based on the trusted digital identity file. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
In the embodiment of the application, a user can send a transaction request through a terminal device, a server can obtain a trusted digital identity file from the terminal device and perform first identity authentication on the user based on the trusted digital identity file, when the first identity authentication on the user based on the trusted digital identity file is passed, the server can send a biological characteristic information obtaining request to the terminal device, and the terminal device can collect biological characteristic information of the user and return the biological characteristic information to the server. The server, after receiving the biometric information, may perform a second identity authentication for the user based on the biometric information.
The biological characteristic information of the user is collected through the terminal equipment, for example, the face image information of the user can be collected through a camera of the terminal equipment.
The embodiment of the application provides an electronic device, which comprises a processor and a memory;
a memory for storing operating instructions;
and the processor is used for executing the transaction authentication method provided by any embodiment of the application by calling the operation instruction.
As an example, fig. 7 shows a schematic structural diagram of an electronic device to which an embodiment of the present application is applicable, and as shown in fig. 7, the electronic device 2000 includes: a processor 2001 and a memory 2003. Wherein the processor 2001 is coupled to a memory 2003, such as via a bus 2002. Optionally, the electronic device 2000 may also include a transceiver 2004. It should be noted that the transceiver 2004 is not limited to one in practical applications, and the structure of the electronic device 2000 is not limited to the embodiment of the present application.
The processor 2001 is applied to the embodiment of the present application to implement the method shown in the above method embodiment. The transceiver 2004 may include a receiver and a transmitter, and the transceiver 2004 is applied to the embodiments of the present application to implement the functions of the electronic device of the embodiments of the present application to communicate with other devices when executed.
The Processor 2001 may be a CPU (Central Processing Unit), general Processor, DSP (Digital Signal Processor), ASIC (Application Specific Integrated Circuit), FPGA (Field Programmable Gate Array) or other Programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 2001 may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs and microprocessors, and the like.
Bus 2002 may include a path that conveys information between the aforementioned components. The bus 2002 may be a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus 2002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 7, but this is not intended to represent only one bus or type of bus.
The Memory 2003 may be a ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, a RAM (Random Access Memory) or other type of dynamic storage device that can store information and instructions, an EEPROM (Electrically Erasable Programmable Read Only Memory), a CD-ROM (Compact Disc Read Only Memory) or other optical Disc storage, optical Disc storage (including Compact Disc, laser Disc, optical Disc, digital versatile Disc, blu-ray Disc, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to these.
Optionally, the memory 2003 is used for storing application program code for performing the disclosed aspects, and is controlled in execution by the processor 2001. The processor 2001 is configured to execute application program code stored in the memory 2003 to implement the transaction authentication method provided in any of the embodiments of the present application.
The electronic device provided by the embodiment of the application is applicable to any embodiment of the method, and is not described herein again.
Compared with the prior art, the embodiment of the application provides the electronic equipment, when the transaction request sent by the terminal equipment is received, the credible digital identity file of the user is acquired from the terminal equipment, the terminal equipment is verified based on the credible digital identity file, and therefore the transaction request is processed based on whether verification is passed or not. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
Embodiments of the present application provide a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the transaction authentication method shown in the above method embodiments.
The computer-readable storage medium provided in the embodiments of the present application is applicable to any of the embodiments of the foregoing method, and is not described herein again.
Compared with the prior art, when a transaction request sent by a terminal device is received, a trusted digital identity file of a user is acquired from the terminal device, the terminal device is verified based on the trusted digital identity file, and therefore the transaction request is processed based on whether verification is passed or not. Based on the scheme, because the identity authentication of the user is carried out through the credible digital identity file, the potential safety hazard possibly existing in the existing short message verification mode can be avoided, and the use experience of the user is improved.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (16)

1. A transaction authentication method, comprising:
when a transaction request sent by terminal equipment is received, a trusted digital identity file of a user is acquired from the terminal equipment;
performing a first identity authentication on the user based on the trusted digital identity file;
processing the transaction request based on whether the first identity authentication passes.
2. The method of claim 1, wherein the first authenticating the user based on the trusted digital identity file comprises:
and performing first identity authentication on the user based on whether the trusted digital identity file corresponds to the identity information of the user.
3. The method of claim 1, wherein processing the transaction request based on whether the first identity authentication is passed comprises:
if the first identity authentication is passed, acquiring the biological characteristic information of the user;
performing a second identity authentication on the user based on the biometric information;
and processing the transaction request based on whether the second identity authentication is passed or not.
4. The method of claim 3, wherein processing the transaction request based on whether the second identity authentication is passed comprises:
and if the second identity authentication passes, processing the transaction corresponding to the transaction request.
5. The method of claim 3, wherein the biometric information comprises at least one of:
vein image information;
iris image information;
face image information;
fingerprint image information.
6. The method of claim 5, wherein the second authenticating the user based on the biometric information comprises:
acquiring the face image information of the user, which is acquired by the terminal equipment;
comparing the face image information with prestored image information of the user;
and performing second identity authentication based on the comparison result.
7. The method according to claim 6, wherein the comparing based on the face image information and the pre-stored image information of the user, and performing a second identity authentication based on a comparison result comprises:
inputting the facial image information of the user into a facial feature extraction model to obtain a first facial feature;
comparing second face features of the pre-stored image information of the user with the first face features to determine face similarity;
and performing second identity authentication based on the face similarity.
8. The method of claim 7, wherein performing a second identity authentication based on the face similarity comprises:
if the face similarity is larger than a preset similarity threshold, determining that the second identity authentication is passed;
and if the face similarity is not greater than a preset similarity threshold, determining that the second identity authentication fails.
9. The method according to any of claims 1-8, characterized in that the trusted digital identity file is stored at the terminal device.
10. A transaction authentication method, comprising:
sending a transaction request to a server;
and when a trusted digital identity file acquisition request sent by the server is received, returning a trusted digital identity file to the server so that the server performs first identity authentication on the user based on the trusted digital identity file and processes the transaction request based on whether the first identity authentication passes or not.
11. A transaction authentication device, comprising:
the trusted digital identity file acquisition module is used for acquiring a trusted digital identity file of a user from the terminal equipment when receiving a transaction request sent by the terminal equipment;
the first identity authentication module is used for carrying out first identity authentication on the user based on the credible digital identity file;
and the transaction request processing module is used for processing the transaction request based on whether the first identity authentication passes or not.
12. The apparatus of claim 11, wherein the first identity authentication module is specifically configured to:
and performing first identity authentication on the user based on whether the trusted digital identity file corresponds to the identity information of the user.
13. A transaction authentication device, comprising:
the transaction request sending module is used for sending a transaction request to the server;
and the trusted digital identity file returning module is used for returning the trusted digital identity file to the server when receiving a trusted digital identity file acquisition request sent by the server, so that the server performs first identity authentication on the user based on the trusted digital identity file and processes the transaction request based on whether the first identity authentication passes or not.
14. A terminal device is characterized in that a trusted digital identity file is stored, and the trusted digital identity file is returned to a server by the terminal device when receiving a trusted digital identity file acquisition request sent by the server, so that the server performs first identity authentication on a user based on the trusted digital identity file.
15. An electronic device comprising a processor and a memory;
the memory is used for storing operation instructions;
the processor is used for executing the method of any one of claims 1-10 by calling the operation instruction.
16. A computer-readable storage medium, characterized in that the storage medium has stored thereon a computer program which, when being executed by a processor, carries out the method of any one of claims 1-10.
CN202110079045.2A 2021-01-21 2021-01-21 Transaction authentication method and device, electronic equipment and computer-readable storage medium Pending CN112734440A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110079045.2A CN112734440A (en) 2021-01-21 2021-01-21 Transaction authentication method and device, electronic equipment and computer-readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110079045.2A CN112734440A (en) 2021-01-21 2021-01-21 Transaction authentication method and device, electronic equipment and computer-readable storage medium

Publications (1)

Publication Number Publication Date
CN112734440A true CN112734440A (en) 2021-04-30

Family

ID=75594521

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110079045.2A Pending CN112734440A (en) 2021-01-21 2021-01-21 Transaction authentication method and device, electronic equipment and computer-readable storage medium

Country Status (1)

Country Link
CN (1) CN112734440A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190012674A1 (en) * 2017-07-05 2019-01-10 Accenture Global Solutions Limited System and method for processing a digital transaction
CN111091387A (en) * 2019-12-31 2020-05-01 中国银行股份有限公司 Authentication method, device and system
CN112199171A (en) * 2020-09-10 2021-01-08 中信银行股份有限公司 Face recognition method and device, electronic equipment and readable storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190012674A1 (en) * 2017-07-05 2019-01-10 Accenture Global Solutions Limited System and method for processing a digital transaction
CN111091387A (en) * 2019-12-31 2020-05-01 中国银行股份有限公司 Authentication method, device and system
CN112199171A (en) * 2020-09-10 2021-01-08 中信银行股份有限公司 Face recognition method and device, electronic equipment and readable storage medium

Similar Documents

Publication Publication Date Title
CN109583184B (en) Identity verification method and device and electronic equipment
CN107679861B (en) Resource transfer method, fund payment method, device and electronic equipment
CN108449321B (en) Login method, server and client
CN106910057B (en) Mobile terminal and security authentication method and device on mobile terminal side
CN109756458B (en) Identity authentication method and system
US11663306B2 (en) System and method for confirming a person's identity
CN110247898B (en) Identity verification method, identity verification device, identity verification medium and electronic equipment
US20220150243A1 (en) Authentication server, and non-transitory storage medium
CN111343636A (en) Unified authentication method, authentication system, terminal and storage medium
CN112287320A (en) Identity verification method and device based on biological characteristics and client
CN109829273B (en) Identity authentication method, device, system, equipment and readable storage medium
CN111104653B (en) User operation processing method and device, electronic equipment and readable storage medium
CN113194420A (en) Card password modification method and system based on 5G message and face recognition and each terminal
CN107786349B (en) Security management method and device for user account
CN113935008B (en) User authentication method, device, electronic equipment and computer readable storage medium
CN112734440A (en) Transaction authentication method and device, electronic equipment and computer-readable storage medium
CN115600178A (en) Transaction request processing method and device, electronic equipment and storage medium
CN111784355B (en) Transaction security verification method and device based on edge calculation
CN113194421B (en) Debit card degradation processing method and system based on 5G message and relevant terminals
EP3607722A1 (en) Online verification method and system for verifying the identity of a subject
CN114186209B (en) Identity verification method and system
CN116361764A (en) Face recognition method, system, equipment and medium based on java
CN113836509B (en) Information acquisition method, device, electronic equipment and storage medium
CN114900289B (en) Data security processing method, system, device and medium
CN112115454B (en) Single sign-on method, first server and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination