CN112950199A - Anti-theft method and server for communication identifier - Google Patents

Anti-theft method and server for communication identifier Download PDF

Info

Publication number
CN112950199A
CN112950199A CN202110155475.8A CN202110155475A CN112950199A CN 112950199 A CN112950199 A CN 112950199A CN 202110155475 A CN202110155475 A CN 202110155475A CN 112950199 A CN112950199 A CN 112950199A
Authority
CN
China
Prior art keywords
terminal
information
verification
hook
verification information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110155475.8A
Other languages
Chinese (zh)
Other versions
CN112950199B (en
Inventor
肖征荣
白琳
邢建兵
田新雪
张丽云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202110155475.8A priority Critical patent/CN112950199B/en
Publication of CN112950199A publication Critical patent/CN112950199A/en
Application granted granted Critical
Publication of CN112950199B publication Critical patent/CN112950199B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Technology Law (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

The application discloses a method and a server for preventing a communication identifier from being stolen, and relates to the technical field of communication. The anti-theft method for the mobile phone number comprises the following steps: acquiring management verification information of a first multi-terminal management node on an off-hook terminal, social security verification information corresponding to the off-hook terminal and financial verification information; determining whether the mobile phone number corresponding to the unhook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information; and limiting the use permission of the off-hook terminal under the condition that the communication identifier is determined to be stolen. The leakage of user information and the loss of user property caused by the leakage of identity information are avoided, the safety of the user information and the property is guaranteed, and the user experience degree is improved.

Description

Anti-theft method and server for communication identifier
Technical Field
The application relates to the technical field of communication, in particular to an anti-theft method and a server for a communication identifier.
Background
At present, an intelligent terminal (e.g., a smart phone, etc.) used by a user mostly has a network payment function, and the user also binds own identity information with the intelligent terminal to verify identity verification under the condition of network payment.
However, if the smart phone of the user is stolen or lost, and the business hall of the telecom operator is just in an off-business state (for example, the business hall goes off duty), the user cannot supplement the card in time; although the mobile phone number can be subjected to loss reporting processing in a calling mode, a third party can still perform the loss reporting processing on the mobile phone number in the calling mode, so that the mobile phone number of the user is still in a stolen state, and the third party can obtain user information and fund for a long time, for example, the identity information of the stolen user is obtained through the mobile phone number, so that the identity information of the user is leaked; or the property loss of the stolen user is caused by purchasing the commodity through the network payment function of the mobile phone.
Disclosure of Invention
Therefore, the application provides the anti-theft method and the server for the communication identifier, and solves the problems of how to prevent the communication identifier from being stolen and ensure the safety of user information and property.
In order to achieve the above object, a first aspect of the present application provides a method for preventing theft of a communication identifier, the method comprising: acquiring management verification information of a first multi-terminal management node on an off-hook terminal, social security verification information corresponding to the off-hook terminal and financial verification information; determining whether the communication identifier corresponding to the unhook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information; and limiting the use permission of the off-hook terminal under the condition that the communication identifier is determined to be stolen.
In some implementations, the management verification information includes a first verification result and a second verification result, the first verification result is a verification result determined according to the registered cell information corresponding to the trusted terminal and the information of the cell to be disconnected when the disconnection terminal performs the disconnection operation, and the second verification result is a verification result determined according to the call record of the disconnection terminal and the identifier of the trusted terminal.
In some specific implementations, determining whether a communication identifier corresponding to the disconnect terminal is stolen according to the management verification information, the social security verification information, and the financial verification information includes: judging whether a communication identifier corresponding to the unhook terminal logs in a social security platform or not according to the social security verification information, and acquiring identity card information corresponding to the communication identifier to obtain a first judgment result; judging whether the communication identifier corresponding to the off-hook terminal carries out financial transaction or not according to the financial verification information to obtain a second judgment result; judging whether the off-hook terminal is communicated with the trust terminal or not according to the management verification information, and judging whether the off-hook terminal and the trust terminal are positioned in the same cell or not when the off-hook terminal performs off-hook operation to obtain a third judgment result; and determining whether the communication identifier corresponding to the off-hook terminal is stolen or not according to any one or more of the first judgment result, the second judgment result and the third judgment result.
In some implementations, in the case that it is determined that the communication identifier is stolen, limiting the right of use of the unlinking terminal includes: generating an identifier which is embezzled by a communication identifier corresponding to the off-hook terminal; and generating and sending an alarm message to the block chain network according to the stolen identifier so that each financial node in the block chain network freezes an account corresponding to the communication identifier.
In some specific implementations, after limiting the usage right of the suspend terminal when it is determined that the communication identifier is stolen, the method further includes: acquiring fingerprint information fed back by the off-hook terminal; and performing living body verification on the user of the off-hook terminal according to the fingerprint information, and determining whether to recover the use authority of the off-hook terminal.
In order to achieve the above object, a second aspect of the present application provides a method for preventing theft of a communication identifier, the method comprising: acquiring registered cell information corresponding to the trusted terminal and information of an unlinking cell of the unlinking terminal during an unlinking operation; determining a first verification result according to the information of the registered cell and the information of the cell to be disconnected; acquiring a call record of an off-hook terminal and an identifier of a trusted terminal; inquiring the call record according to the identification of the trusted terminal, determining whether the off-hook terminal is communicated with the trusted terminal or not, and obtaining a second verification result; and generating and sending management verification information to the block chain network according to the first verification result and the second verification result so that the user number security assurance node obtains the management verification information, determining whether the communication identifier corresponding to the off-hook terminal is stolen or not according to the management verification information, the social security verification information of the off-hook terminal and the financial verification information, and limiting the use permission of the off-hook terminal under the condition of determining that the communication identifier is stolen.
In some specific implementations, the registration cell information includes registration position information and registration time of the trusted terminal, and the release cell information includes release time of release position information of the release terminal when the release terminal performs release operation; determining a first verification result according to the registered cell information and the cell information, including: comparing the registration position information and the unhooking position information under the condition that the unhooking time is the same as the registration time to obtain a comparison result; and determining a first verification result according to the comparison result, wherein the first verification result comprises that the disconnection terminal and the trust terminal are positioned in the same cell when the disconnection operation is carried out, or the disconnection terminal and the trust terminal are not positioned in the same cell when the disconnection operation is carried out.
In some implementations, the call log includes an identifier of the off-hook terminal and an identifier of a first terminal, the first terminal being a terminal in communication with the off-hook terminal; inquiring the call record according to the identification of the trust terminal, determining whether the off-hook terminal is communicated with the trust terminal, and obtaining a second verification result, wherein the method comprises the following steps: under the condition that the identification of the trust terminal is identical to the identification of the first terminal, determining that the second verification result is that the off-hook terminal is communicated with the trust terminal; otherwise, determining that the second verification result is that the disconnection terminal and the trust terminal are not communicated.
In some specific implementations, querying the call record according to the identifier of the trusted terminal, determining whether the off-hook terminal has communicated with the trusted terminal, and after obtaining the second verification result, generating and sending the management verification information to the blockchain network according to the first verification result and the second verification result, further includes: and verifying whether the off-hook terminal has a verification password preset by the user or not to obtain a password verification result.
In order to achieve the above object, a third aspect of the present application provides a subscriber number security node server, including: the first acquisition module is used for acquiring management verification information of the first multi-terminal management node on the unhook terminal, social security verification information corresponding to the unhook terminal and financial verification information; the judging module is used for determining whether the communication identifier corresponding to the unhook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information; and the limiting module is used for limiting the use permission of the off-hook terminal under the condition that the communication identifier is determined to be stolen.
In order to achieve the above object, a fourth aspect of the present application provides a multi-terminal management node server, including: the second acquisition module is used for acquiring the information of the registered cell corresponding to the trusted terminal and the information of the cell to be disconnected when the disconnection terminal is in disconnection operation; the first verification module is used for determining a first verification result according to the registered cell information and the cell information to be disconnected; the third acquisition module is used for acquiring the call record of the off-hook terminal and the identification of the trust terminal; the second verification module is used for inquiring the call record according to the identification of the trust terminal, determining whether the off-hook terminal is communicated with the trust terminal or not and obtaining a second verification result; and the processing module is used for generating and transmitting management verification information to the block chain network according to the first verification result and the second verification result so that the user number security assurance node can obtain the management verification information, determining whether the communication identifier corresponding to the off-hook terminal is stolen according to the management verification information, the social security verification information of the off-hook terminal and the financial verification information, and limiting the use permission of the off-hook terminal under the condition of determining that the communication identifier is stolen.
According to the method and the server for preventing the communication identifier from being used illegally, the information security of the off-hook terminal can be determined by acquiring the management verification information of the one-number multi-terminal management node on the off-hook terminal, the social security verification information corresponding to the off-hook terminal and the financial verification information; determining whether the corresponding communication identifier of the off-hook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information, and judging whether the communication identifier is stolen by other people or not so as to determine whether the off-hook terminal is in a safe state or not; under the condition that the communication identifier is determined to be stolen, the use permission of the unlinking terminal is limited, leakage of user information and loss of user property caused by leakage of identity information are avoided, safety of the user information and property is guaranteed, and user experience is improved.
Drawings
The accompanying drawings are included to provide a further understanding of the embodiments of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the principles of the disclosure and not to limit the disclosure. The above and other features and advantages will become more apparent to those skilled in the art by describing in detail exemplary embodiments thereof with reference to the attached drawings, in which:
fig. 1 is a flowchart illustrating a method for preventing fraudulent use of communication identifiers in an embodiment of the present application.
Fig. 2 is a flow chart illustrating a method for preventing fraudulent use of communication identifiers in another embodiment of the present application.
Fig. 3 is a flow chart illustrating a method for preventing unauthorized use of a communication identifier according to still another embodiment of the present application.
Fig. 4 shows a block diagram of a user number security node server in the embodiment of the present application.
Fig. 5 is a block diagram showing components of a multi-terminal management node server according to an embodiment of the present application.
Fig. 6 is a block diagram showing components of an antitheft system using a communication tag in the embodiment of the present application.
Fig. 7 is a flowchart illustrating an operating method of the anti-theft system for communication identifiers according to the embodiment of the present application.
In the drawings:
401: the first obtaining module 402: judging module
403: the limiting module 501: second acquisition module
502: the first authentication module 503: third acquisition module
504: the second authentication module 505: processing module
610: user number security assurance node 620: hang-off terminal
The server 640: social security node server
630: loss reporting terminal 650: bank supervision node server
660: network loan platform administration node services 670: operator node server
The device 672: operator core network node server
671: operator short message node service 673: user behavior analysis node server
The device 680: trust terminal
690: one-number multi-terminal management node garment
Server
Detailed Description
The following detailed description of embodiments of the present application will be made with reference to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present application, are given by way of illustration and explanation only, and are not intended to limit the present application. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by illustrating examples thereof.
In the technical solution according to the present application, the acquisition of the personal information data of the user complies with the relevant national laws and regulations (e.g., "information security technology personal information security regulations"). Moreover, the information acquisition mode is that the user is explicitly informed, and a legal way is passed; the type of the obtained information is directly related to the service function of the product or service, and the obtained information is collected with the lowest frequency and the minimum quantity; collecting personal information without violating the autonomous will of the personal information subject; obtaining authorization approval when collecting personal information; when the personal information is obtained indirectly, or a data set is disclosed for a network, or obtained in other ways, and the specification requirement of obtaining the indirect personal information is met.
In the technical solution according to the present application, the storage of the user personal information data complies with the relevant national laws and regulations (e.g., "information security technology personal information security regulations"). If the technical scheme involves some specific operations as follows, the following corresponding processing modes can be further selected: personal information storage time is minimized; the personal information has been subjected to a de-identification process; encrypting and storing the personal sensitive information; the personal biological information and the personal identity information are stored separately; the original personal biometric information is not stored, such as only the digest information is stored, or only used, or deleted after use.
The technical scheme is characterized in that the use of the user data follows the relevant national laws and regulations (such as personal information safety regulations of information safety technology). Such as: the personal information access control takes corresponding prescribed measures; the display of personal information gives regulatory restrictions; the personal information use purpose is not beyond the direct or reasonable association range; and when the personal information is used, the definite identity directivity is eliminated, and the specific individual is prevented from being accurately positioned.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
Fig. 1 is a flowchart illustrating a method for preventing fraudulent use of communication identifiers in an embodiment of the present application. The method for preventing the theft of the communication identifier can be applied to a user number security guarantee node server. As shown in fig. 1, the method for preventing theft of communication identifier includes the following steps:
step S101, acquiring management verification information of the first multi-terminal management node to the off-hook terminal, social security verification information corresponding to the off-hook terminal and financial verification information.
The communication identifier may be a mobile phone number or a device identification number corresponding to the off-hook terminal, which can represent the off-hook terminal during communication. The management verification information comprises a first verification result and a second verification result, the first verification result is a verification result determined according to the registered cell information corresponding to the trusted terminal and the information of the cell to be disconnected when the disconnected terminal is disconnected, and the second verification result is a verification result determined according to the call record of the disconnected terminal and the identification of the trusted terminal.
The social security verification information is determined by the social security node server searching the social security database through the communication identifier corresponding to the unlinking terminal, and for example, the social security verification information includes information such as whether the communication identifier logs in the social security node server, whether the communication identifier obtains user identity information corresponding to the communication identifier, and operation time. The social security verification information is only illustrated, and may be specifically set according to actual needs, and other social security verification information not illustrated is also within the protection scope of the present application, and is not described herein again.
The financial verification information is determined by the bank monitoring node server and/or the network credit platform monitoring node server searching the corresponding database through the communication identifier corresponding to the unlinking terminal. For example, the financial verification information includes: the bank supervision node server searches a bank database through the communication identifier corresponding to the unlinking terminal, and determines whether the communication identifier logs in a bank system and carries out financial transaction (for example, financial operation information such as login, registration, card binding, account transfer and the like) information, time information corresponding to the information carrying out the financial transaction and the like. The financial verification information may further include: the network loan platform supervision node server searches a network loan database through the communication identifier corresponding to the unlinking terminal, and determines whether the communication identifier is subjected to network loan operation, network loan operation information (such as information of operations of login, registration, loan and the like) during network loan operation, time information corresponding to the performed network loan operation information and the like. The financial verification information is only illustrated, and may be specifically set according to actual needs, and other financial verification information that is not illustrated is also within the protection scope of the present application, and is not described herein again.
It should be noted that, the first-number multi-terminal management node, the security node server, the bank supervision node server and the network credit platform supervision node server all perform inquiry, confirmation and verification on the communication identifier under the condition of obtaining the authorization and approval of the user. The obtained information type is directly related to the business function of the product or the service, the obtained information is collected with the lowest frequency and the minimum quantity, and the collected personal information does not violate the independent intention of a personal information main body.
And step S102, determining whether the communication identifier corresponding to the unhook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information.
In the process of determining whether the communication identifier corresponding to the unlinking terminal is stolen, any one or more of management verification information, social security verification information and financial verification information can be used to ensure the safety of the communication identifier.
In some specific implementations, determining whether a communication identifier corresponding to the disconnect terminal is stolen according to the management verification information, the social security verification information, and the financial verification information includes: judging whether a communication identifier corresponding to the unhook terminal logs in a social security platform or not according to the social security verification information, and acquiring identity card information corresponding to the communication identifier to obtain a first judgment result; judging whether the communication identifier corresponding to the off-hook terminal carries out financial transaction or not according to the financial verification information to obtain a second judgment result; judging whether the off-hook terminal is communicated with the trust terminal or not according to the management verification information, and judging whether the off-hook terminal and the trust terminal are positioned in the same cell or not when the off-hook terminal performs off-hook operation to obtain a third judgment result; and determining whether the communication identifier corresponding to the off-hook terminal is stolen or not according to any one or more of the first judgment result, the second judgment result and the third judgment result.
The first judgment result comprises that the communication identifier logs in the social security platform and obtains identity card information and login time corresponding to the communication identifier; or the communication identifier is not logged in the social security platform.
The second judgment result comprises the information that the communication identifier carries out financial transaction (for example, information of operations such as login, registration, card binding, transfer, loan and the like) and financial transaction time information; or, the communication identifies that no financial transaction has been conducted.
The third judgment result comprises that the off-hook terminal and the trust terminal are communicated, and when the off-hook terminal carries out off-hook operation, the off-hook terminal and the trust terminal are positioned in the same cell; or the off-hook terminal is not communicated with the trust terminal, and when the off-hook terminal performs off-hook operation, the off-hook terminal and the trust terminal are located in different cells.
When any one or more of the following conditions is met, determining that the communication identifier corresponding to the off-hook terminal is not stolen: when the first judgment result is that the communication identifier is not logged in the social security platform, the second judgment result is that the communication identifier is not subjected to financial transaction, and the third judgment result is that the unlinking terminal is communicated with the trust terminal and the unlinking terminal is subjected to unlinking operation, the unlinking terminal and the trust terminal are positioned in the same cell; otherwise, determining that the communication identifier corresponding to the off-hook terminal is stolen.
And step S103, limiting the use authority of the off-hook terminal under the condition that the communication identifier is determined to be stolen.
The using authority of the off-hook terminal comprises any one or more of the authorities of receiving and sending short messages, making a call, carrying out network communication and the like. And under the condition that the communication identifier is determined to be stolen, the user number security guarantee node server can close any one or more of the using authorities of the off-hook terminal. The usage right of the off-hook terminal is only illustrated by way of example, and may be specifically set according to actual needs, and the usage rights of other off-hook terminals not illustrated are also within the protection scope of the present application, and are not described herein again.
In some implementations, in the case that it is determined that the communication identifier is stolen, limiting the right of use of the unlinking terminal includes: generating an identifier which is embezzled by a communication identifier corresponding to the off-hook terminal; and generating and sending an alarm message to the block chain network according to the stolen identifier so that each financial node in the block chain network freezes an account corresponding to the communication identifier.
The financial node comprises any one or more of a network credit platform supervision node server, a bank supervision node server and a network payment platform server. Under the condition that the communication identifier is determined to be stolen, each financial node acquires the stolen identifier from the block chain network, and an account corresponding to the communication identifier is closed or frozen according to the stolen identifier, so that the fund loss of a user is avoided, and the property safety of the user is improved.
In the embodiment, the information security of the un-hung terminal can be determined by acquiring the management verification information of the first multi-terminal management node to the un-hung terminal, the social security verification information corresponding to the un-hung terminal and the financial verification information; determining whether the corresponding communication identifier of the off-hook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information, and judging whether the communication identifier is stolen by other people or not so as to determine whether the off-hook terminal is in a safe state or not; under the condition that the communication identifier is determined to be stolen, the use permission of the unlinking terminal is limited, leakage of user information and loss of user property caused by leakage of identity information are avoided, safety of the user information and property is guaranteed, and user experience is improved.
Fig. 2 is a flow chart illustrating a method for preventing fraudulent use of communication identifiers in another embodiment of the present application. The method for preventing the theft of the communication identifier can be applied to a user number security guarantee node server. As shown in fig. 2, the method for preventing theft of communication identifier includes the following steps:
step S201, acquiring management verification information of the first multi-terminal management node to the un-hung terminal, social security verification information corresponding to the un-hung terminal and financial verification information.
Step S202, according to the management verification information, the social security verification information and the financial verification information, whether the communication identification corresponding to the unhook terminal is stolen is determined.
And step S203, limiting the use authority of the off-hook terminal under the condition that the communication identifier is determined to be stolen.
It should be noted that steps S201 to S203 in this embodiment are the same as steps S101 to S103 in the previous embodiment, and are not described again here.
And step S204, acquiring fingerprint information fed back by the off-hook terminal.
The fingerprint information is acquired by a user of the off-hook terminal through a fingerprint acquirer on the off-hook terminal, and the acquisition and the use of the fingerprint information are authorized and agreed by the user.
It should be noted that the fingerprint information is only used for authenticating the user, and when storing the fingerprint information, the fingerprint information needs to be encrypted, and the encrypted fingerprint information and the personal identity information of the user are stored separately, so as to ensure the security of the personal information.
Step S205, performing living body verification on the user of the off-hook terminal according to the fingerprint information, and determining whether to resume the usage right of the off-hook terminal.
The in-vivo verification is to compare the fingerprint information of the registered user corresponding to the mobile phone number arranged in the off-hook terminal and prestored corresponding to the mobile phone number with the fingerprint information of the user currently reported by the off-hook terminal, if the two fingerprint information are the same, the user is the registered user corresponding to the mobile phone number, and the use authority of the off-hook terminal can be recovered; otherwise, the user is a third party, the user cannot recover the use permission of the off-hook terminal, the user cannot provide the user with the on-line recovery of the use permission of the off-hook terminal, and the registered user corresponding to the mobile phone number arranged in the off-hook terminal needs to go to an off-line operator business hall to recover the use permission of the mobile phone number.
The mobile phone number is prevented from being stolen by a third party, leakage of user information and property loss of the user due to leakage of identity information are avoided, safety of the user information and property is guaranteed, and user experience is improved.
Fig. 3 is a flow chart illustrating a method for preventing unauthorized use of a communication identifier according to still another embodiment of the present application. The anti-theft method of the communication identifier can be applied to a one-number multi-terminal management node server. As shown in fig. 3, the method for preventing theft of communication identifier includes the following steps:
step S301, acquiring registered cell information corresponding to the trusted terminal and information of an unlinking cell of the unlinking terminal during an unlinking operation.
The information of the registered cell comprises the registered position information and the registered time of the trusted terminal, and the information of the unhook cell comprises the unhook time of the unhook position information of the unhook terminal during the operation of the unhook terminal.
For example, the registration location information includes longitude information, latitude information, and the like of the trusted terminal at the time of cell registration. The information of the disconnection position includes longitude information, latitude information, and the like of the disconnection terminal when performing the disconnection operation.
Step S302, according to the registered cell information and the cell information, a first verification result is determined.
The first verification result is used for representing whether the information of the registered cell and the information of the unlinked cell are the same or similar, and further verifying whether the positions of the trust terminal and the unlinked terminal are the same or similar.
In some implementations, determining the first verification result according to the registered cell information and the suspended cell information includes: comparing the registration position information and the unhooking position information under the condition that the unhooking time is the same as the registration time to obtain a comparison result; and determining a first verification result according to the comparison result, wherein the first verification result comprises that the disconnection terminal and the trust terminal are positioned in the same cell when the disconnection operation is carried out, or the disconnection terminal and the trust terminal are not positioned in the same cell when the disconnection operation is carried out.
In the case where it is determined that the unlinking terminal is not in the same cell as the trusted terminal when the unlinking operation is performed, it is described that the unlinking terminal may not be a terminal with which the trusted terminal is familiar, that is, the unlinking terminal may be a terminal used by a third party.
Step S303, acquiring the call record of the off-hook terminal and the identification of the trusted terminal.
The call record comprises an identifier of the off-hook terminal and an identifier of the first terminal, and the first terminal is a terminal communicating with the off-hook terminal.
Step S304, inquiring the call record according to the identification of the trust terminal, determining whether the off-hook terminal is communicated with the trust terminal, and obtaining a second verification result.
If the off-hook terminal is communicated with the trust terminal, the identifier of the off-hook terminal can be found in the call record; otherwise, the identifier of the off-hook terminal is not in the call record.
In some specific implementations, querying the call record according to the identifier of the trusted terminal, determining whether the off-hook terminal has communicated with the trusted terminal, and obtaining a second verification result includes: under the condition that the identification of the trust terminal is identical to the identification of the first terminal, determining that the second verification result is that the off-hook terminal is communicated with the trust terminal; otherwise, determining that the second verification result is that the disconnection terminal and the trust terminal are not communicated.
For example, the identifier of the trusted terminal is 135XXXX6565, and if the identifier of the first terminal is also 135XXXX6565 by searching the call record, it means that the identifier of the trusted terminal is the same as the identifier of the first terminal, and it is determined that the off-hook terminal has communicated with the trusted terminal.
Step S305, generating and sending the management verification information to the blockchain network according to the first verification result and the second verification result.
When the user number security guarantee node obtains the management verification information from the blockchain network, whether the communication identifier corresponding to the off-hook terminal is stolen or not is determined according to the management verification information, the social security verification information of the off-hook terminal and the financial verification information, and the use permission of the off-hook terminal is limited under the condition that the communication identifier is determined to be stolen.
In some specific implementations, after performing step S304 and before performing step S305, the method further includes: and verifying whether the off-hook terminal has a verification password preset by the user or not to obtain a password verification result.
The password verification result comprises that the verification of the off-hook terminal is successful or the verification of the off-hook terminal is failed. During specific implementation, the loss reporting terminal can verify the off-hook terminal, or the one-number multi-terminal management node server can verify the off-hook terminal.
For example, when the loss reporting terminal verifies the loss reporting terminal, the loss reporting terminal performs hash operation on a password to be verified (for example, abcv) to obtain a hash value to be verified, performs private key signature on the hash value to be verified to generate a signed message to be verified, and sends the signed message to be verified to the blockchain network, so that the loss reporting terminal obtains the hash value to be verified.
When the loss reporting terminal obtains a message to be verified sent by the loss reporting terminal from the block chain network, a private key signature of the message to be verified is verified first, and when the verification is passed, a hash value to be verified is obtained. Meanwhile, the loss reporting terminal performs hash calculation on a preset password (for example, abcv) preset by a user and stored in advance to obtain a preset hash value; comparing the preset hash value with the hash value to be verified, and determining that the verification of the off-hook terminal is successful when the preset hash value is the same as the hash value to be verified; otherwise, determining that the verification of the off-hook terminal fails.
In this embodiment, a first verification result is determined according to acquired registered cell information corresponding to a trusted terminal and information of an unlinking cell of an unlinking terminal during an unlinking operation, so as to verify whether the unlinking terminal and the trusted terminal are located in the same cell during the unlinking; acquiring a call record of the unlinking terminal and an identifier of the trusted terminal, inquiring the call record according to the identifier of the trusted terminal, determining whether the unlinking terminal is communicated with the trusted terminal or not, and acquiring a second verification result; and generating and sending management verification information to the block chain network according to the first verification result and the second verification result so that the user number security assurance node obtains the management verification information, determining whether the communication identifier corresponding to the off-hook terminal is stolen or not according to the management verification information, the social security verification information of the off-hook terminal and the financial verification information, and limiting the use permission of the off-hook terminal under the condition of determining that the communication identifier is stolen, so that the security of the communication identifier is ensured, the property loss of a stolen user is avoided, the security of the user is improved, and the user experience is improved.
Fig. 4 shows a block diagram of a user number security node server in the embodiment of the present application. As shown in fig. 4, the user number security node server specifically includes the following modules:
the first obtaining module 401 is configured to obtain management verification information of the first multi-terminal management node for the disconnected terminal, social security verification information corresponding to the disconnected terminal, and financial verification information; a determining module 402, configured to determine whether a communication identifier corresponding to the disconnect terminal is stolen according to the management verification information, the social security verification information, and the financial verification information; and a limiting module 403, configured to limit the usage right of the off-hook terminal when it is determined that the communication identifier is stolen.
In this embodiment, the first obtaining module obtains the management verification information of the first multi-terminal management node to the unlinking terminal, the social security verification information corresponding to the unlinking terminal and the financial verification information, so as to determine the information security of the unlinking terminal; the use judgment module determines whether the corresponding communication identifier of the off-hook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information, and judges whether the communication identifier is stolen by other people or not so as to determine whether the off-hook terminal is in a safe state or not; the use limiting module limits the use permission of the unhooking terminal under the condition that the communication identifier is determined to be stolen, so that the leakage of user information and the loss of user property caused by the leakage of identity information are avoided, the safety of the user information and the property is guaranteed, and the user experience degree is improved.
Fig. 5 is a block diagram showing components of a multi-terminal management node server according to an embodiment of the present application. As shown in fig. 5, the first-number multi-terminal management node server specifically includes the following modules:
a second obtaining module 501, configured to obtain information of a registered cell corresponding to the trusted terminal and information of an unlinking cell when the unlinking terminal performs an unlinking operation; a first verification module 502, configured to determine a first verification result according to the registered cell information and the cell unlinking information; a third obtaining module 503, configured to obtain a call record of the off-hook terminal and an identifier of the trusted terminal; the second verification module 504 is configured to query the call record according to the identifier of the trusted terminal, determine whether the off-hook terminal has communicated with the trusted terminal, and obtain a second verification result; and the processing module 505 is configured to generate and send management verification information to the blockchain network according to the first verification result and the second verification result, so that the user number security assurance node obtains the management verification information, determine whether the communication identifier corresponding to the off-hook terminal is stolen according to the management verification information, the social security verification information of the off-hook terminal, and the financial verification information, and limit the usage right of the off-hook terminal when it is determined that the communication identifier is stolen.
In this embodiment, a first verification result is determined by the first verification module according to the registered cell information corresponding to the trusted terminal and the information of the cell to be disconnected when the disconnected terminal performs the disconnection operation, which are acquired by the second acquisition module, and whether the disconnected terminal and the trusted terminal are located in the same cell when the disconnected terminal is disconnected is verified; acquiring a call record of the off-hook terminal and an identifier of the trusted terminal through a third acquisition module; using a second verification module to query the call record according to the identification of the trust terminal, and determining whether the off-hook terminal is communicated with the trust terminal or not to obtain a second verification result; the use processing module generates and sends management verification information to the block chain network according to the first verification result and the second verification result so that the user number security assurance node can obtain the management verification information, determines whether the communication identifier corresponding to the unlinking terminal is stolen or not according to the management verification information, the social security verification information of the unlinking terminal and the financial verification information, limits the use permission of the unlinking terminal under the condition that the communication identifier is determined to be stolen, ensures the security of the communication identifier, avoids property loss of stolen users, improves the security of users, and improves the user experience.
It should be noted that each module referred to in this embodiment is a logical module, and in practical applications, one logical unit may be one physical unit, may be a part of one physical unit, and may be implemented by a combination of multiple physical units. In addition, in order to highlight the innovative part of the present application, a unit that is not so closely related to solving the technical problem proposed by the present application is not introduced in the present embodiment, but it does not indicate that no other unit exists in the present embodiment.
Fig. 6 is a block diagram showing components of an antitheft system using a communication tag in the embodiment of the present application. As shown in fig. 6, the system for preventing theft of a communication identifier specifically includes the following devices: the system comprises a user number security assurance node server 610, an unlinking terminal 620, a loss reporting terminal 630, a social security node server 640, a bank supervision node server 650, a network credit platform supervision node server 660, an operator node server 670, a trust terminal 680 and a first-number multi-terminal management node server 690.
The communication identifier may be a mobile phone number in the one-number multi-terminal service, where the mobile phone number is a number corresponding to the user information acquired after the user agrees. The mobile phone number corresponding to the hang-off terminal 620 is the same as the mobile phone number corresponding to the loss reporting terminal 630 (for example, the hang-off terminal 620 and the loss reporting terminal 630 are two terminals in the one-number multi-terminal service). When the loss reporting terminal 630 is lost, the drop terminal 620 may be configured to drop the mobile phone number corresponding to the loss reporting terminal 630.
The trusted terminal 680 is a terminal trusted by the registered user corresponding to the unlinking terminal 620 (for example, the trusted terminal 680 may be a terminal used by a family member of the registered user, or may be a terminal used by a user in an address list of the unlinking terminal 620). The operator node server 670 includes: an operator short message node server 671, an operator core network node server 672 and a user behavior analysis node server 673.
It should be noted that each device in the mobile phone number theft prevention system communicates with each other through a blockchain network.
Fig. 7 is a flowchart illustrating an operating method of the anti-theft system for communication identifiers according to the embodiment of the present application. As shown in fig. 7, the method specifically includes the following steps.
In step S701, the loss report terminal 630 logs in the operator node server 670, and reports a loss of the mobile phone number (i.e., a to-be-verified number, for example, the to-be-verified number is 186XXXX8866) corresponding to the loss report terminal 630.
For example, the loss reporting terminal 630 may log in the operator node server 670 by calling an operator customer service telephone (e.g., 10010/10000/10086), or by using a mobile phone client (e.g., a mobile phone business office) of the loss reporting terminal 630, and perform loss reporting processing on the number to be verified, thereby generating loss reporting information. The loss reporting information includes any one or more of a device identifier of the loss reporting terminal 630, location information (e.g., latitude and longitude information, etc.) of the loss reporting terminal 630, and communication information of the loss reporting terminal 630.
For example, the communication information of the loss reporting terminal 630 includes Cell information (e.g., Physical Cell Identifier (PCI) and the like) of a base station where the loss reporting terminal 630 is located, an IMSI corresponding to the loss reporting terminal 630, and the like.
In step S702, the detach terminal 620 logs in the operator node server 670 to detach the to-be-authenticated number.
For example, the hang-off terminal 620 may log in the operator node server 670 by calling an operator customer service telephone (e.g., 10010/10000/10086), or by a mobile phone client (e.g., a mobile phone business office) of the hang-off terminal 620, and perform hang-off processing of the number to be authenticated. The information of the off-hook includes any one or more of a device identifier of the off-hook terminal 620, location information (e.g., longitude and latitude information, etc.) of the off-hook terminal 620, and communication information of the off-hook terminal 620.
For example, the communication information of the detach terminal 620 includes cell information (e.g., PCI, etc.) of a base station where the detach terminal 620 is located, IMSI corresponding to the detach terminal 620, and the like.
In step S703, the operator node server 670 reports the loss report information and the release information corresponding to the number to be verified to the user number security assurance node server 610.
Because the number to be verified is subjected to the loss reporting processing and the hang-up learning processing and the two processing processes are executed by different terminals, the user number security assurance node server 610 marks the number to be verified as a mobile phone number with a theft risk, and starts the monitoring operation of the number to be verified so as to prevent the number to be verified from being stolen.
In step S704, the user number security node server 610 generates a first broadcast message according to the number to be verified (e.g., 186xxxx8888), the loss report message, and the hang information.
Step S705, the user number security assurance node server 610 signs the first broadcast message using its own private key, generates and sends the signed first broadcast message to the blockchain network, so that other nodes in the blockchain network obtain the first broadcast message.
Step S706, when the social security node server 640 in the block chain network receives the first broadcast message and passes the verification of the private key signature, the social security node server 640 obtains a number to be verified, and searches its database according to the number to be verified to obtain a first search result, where the first search result includes: whether the number to be verified logs in the social security node server 640 and whether the number to be verified acquires user identity information corresponding to the number to be verified; if the social security node server 640 is determined to be logged in, generating social security verification information according to the operation information of the number to be verified on the social security node server 640, the time information corresponding to the operation information, and the identity information corresponding to the number to be verified. And performs private key signature on the social security verification information, generates and sends the signed social security verification information to the blockchain network, so that the user number security assurance node server 610 obtains the social security verification information.
In step S707, the bank supervisory node server 650 receives the first broadcast message, obtains the number to be verified after the private key signature verification is passed, searches its internal database according to the number to be verified, and obtains a second search result, where the second search result includes information of whether the number to be verified has logged in the bank system and performed financial transactions (e.g., financial operation information such as login, registration, card binding, and account transfer), and time information corresponding to the information of performing the financial transactions. The bank supervision node server 650 generates first financial verification information according to the number to be verified, the financial transaction information corresponding to the number to be verified, and the time information corresponding to the financial transaction information, and signs the first financial verification information using its own private key, and generates and transmits the signed first financial verification information to the blockchain network, so that the user number security assurance node server 610 obtains the first financial verification information.
In step S708, the network loan platform supervisory node server 660 receives the first broadcast message, obtains the number to be verified after the private key signature verification passes, searches its internal database according to the number to be verified, and obtains a third search result, where the third search result includes whether the number to be verified has performed a network loan operation, network loan operation information (e.g., information of operations such as login, registration, loan, etc.) during the network loan operation, and time information corresponding to the performed network loan operation information. The network credit platform supervision node server 660 generates second financial verification information according to the number to be verified, the network credit operation information corresponding to the number to be verified and the time information corresponding to the network credit operation information, signs the second financial verification information by using a private key of the network credit platform supervision node server 660, generates and sends the signed second financial verification information to the block chain network, so that the user number security assurance node server 610 obtains the second financial verification information.
Step S709, when the operator short message node server 671 in the block chain network receives the first broadcast message, and the private key signature of the first broadcast message is verified, a to-be-verified number is obtained; calling a short message record corresponding to the number to be verified according to the number to be verified; according to the short message record, judging whether the number to be verified sends short messages to a plurality of strange numbers or not, and whether verification short messages sent by a plurality of banks or verification short messages sent by a network credit platform are received or not, and obtaining a judgment result; and generating a short message verification message according to the judgment result and the number to be verified, performing private key signature on the short message verification message, and generating and sending the signed short message verification message to the blockchain network so that the user number security assurance node server 610 obtains the short message verification message.
Step S710, when a user behavior analysis node server 673 in the block chain network receives a first broadcast message and passes the signature verification of a private key thereof, obtaining a number to be verified, searching an internal database of the user behavior analysis node server according to the number to be verified, and obtaining a fourth search result, wherein the fourth search result comprises a call record corresponding to the number to be verified; judging whether the number to be verified has communicated with a plurality of strange telephone numbers or not according to the call record; if so, the call record information is subjected to private key signature, and a call record verification message is generated and sent to the block chain network, so that the user number security assurance node server 610 obtains the call record verification message.
In step S711, the user number security node server 610 obtains social security verification information, first financial verification information, second financial verification information, short message verification information, and call record verification information from the blockchain network, respectively. Then, the private key signature of each verification message is verified respectively. And when the verification is passed, obtaining the number to be verified. Acquiring whether the user logs in the social security node server 640 to acquire identity card information through the terminal according to the number to be authenticated; whether to log in the bank supervision node server 650 for relevant operations; whether to register and bind cards is determined by the logging-in network credit platform supervision node server 660; whether the operation information of the verification short message sent by a plurality of banks and network credit platform servers is received or not is judged according to the operation information and the information such as the identification, the position information, the call record and the like of the user terminal equipment used by the user when the number to be verified is subjected to loss reporting processing and releasing processing. If any one or more of the following conditions are determined to be true: 1) the number to be verified has a plurality of strange numbers to carry out communication; 2) logging in a plurality of network credit platform servers or banks for registration, card swiping and other operations; 3) the identity of the terminal device performing the loss reporting processing and the drop reporting processing is different from the identity of the terminal device stored in the operator core network node server 672, 4) the information of the registered cell is different, and 5) the geographical location is different. The number to be verified is indicated to have the risk of being stolen, and the identifier to be verified is generated.
Step S712, generating and sending a verification message to the one-number-multi-terminal management node server 690 according to the identifier to be verified.
Step S713, the first multi-terminal management node server 690 obtains a verification message from the blockchain network; and obtaining the identifier to be verified through analyzing the verification message. And generating and respectively sending an authentication request to the loss reporting terminal 630 and the loss reporting terminal 620 according to the to-be-verified identifier, so that the loss reporting terminal 630 and the loss reporting terminal 620 perform mutual authentication.
In step S714, the unlinking terminal 620 and the loss report terminal 630 perform mutual authentication.
Specifically, the suspend terminal 620 performs hash operation on the password to be verified to obtain a hash value to be verified, performs private key signature on the hash value to be verified to generate a signed message to be verified, and sends the signed message to be verified to the blockchain network, so that the loss report terminal 630 obtains the hash value to be verified. When the loss reporting terminal 630 obtains the to-be-verified message sent by the un-hanging terminal 620 from the blockchain network, the private key signature of the to-be-verified message is verified first, and when the verification passes, the hash value to be verified is obtained. Meanwhile, the loss reporting terminal 630 performs hash calculation on a preset password preset by a user and stored in advance to obtain a preset hash value; comparing the preset hash value with the hash value to be verified, and determining that the off-hook terminal 620 is verified when the preset hash value is the same as the hash value to be verified; otherwise, it is determined that the authentication fails for the detach terminal 620.
In step S715, the loss report terminal 630 sends the mutual authentication result to the one-number-multi-terminal management node server 690.
Wherein, the result of mutual authentication comprises verification success or verification failure.
For example, when the loss reporting terminal 630 determines that the authentication of the unlinking terminal 620 fails, the loss reporting terminal 630 generates an authentication failure identifier; according to the authentication failure identifier and the device identifier of the suspension terminal 620, an authentication failure message is generated and sent to the blockchain network, so that the one-number-multi-terminal management node server 690 obtains the authentication failure identifier. When the loss reporting terminal 630 determines that the verification of the loss releasing terminal 620 is successful, the loss reporting terminal 630 generates and sends a verification success message to the blockchain network, so that the one-number-multi-terminal management node server 690 determines that the verification of the loss reporting terminal 630 on the loss releasing terminal 620 is successful.
In step S716, when it is determined that the loss reporting terminal 630 successfully verifies the suspension releasing terminal 620, the first multi-terminal management node server 690 sends a verification request to the trusted terminal 680 in the blockchain network, so that the trusted terminal 680 can verify the suspension releasing terminal 620 again.
In step S717, the trusted terminal 680 sends the registered cell information of itself and the identifier of the trusted terminal 680 to the block chain network, so that the one-number-of-multiple-terminal management node server 690 obtains the registered cell information corresponding to the trusted terminal 680 and the information of the cell to be disconnected when the disconnecting terminal 620 performs the disconnecting operation.
In step S718, the first multi-terminal management node server 690 determines a first verification result according to the acquired registered cell information corresponding to the trusted terminal 680 and the information of the cell to be disconnected when the disconnecting terminal 620 performs the disconnecting operation, where the first verification result includes: whether the detach terminal 620 is located in the same cell as the trusted terminal 680 when performing the detach operation. And according to the identifier of the trusted terminal 680, inquiring the call record of the off-hook terminal 620, and determining a second verification result, where the second verification result includes whether the call record includes the identifier of the trusted terminal 680, that is, whether the trusted terminal 680 has made a call with the off-hook terminal 620. Then, according to the first verification result and the second verification result, management verification information is generated and sent to the blockchain network, so that the user number security assurance node server 610 performs re-verification on the hang-up terminal 620 according to the management verification information.
Step 719, after the user number security assurance node server 610 obtains the management verification information, when it is determined that the off-hook terminal 620 is located in the same cell as the trusted terminal 680 during the off-hook operation, and when the trusted terminal 680 and the off-hook terminal 620 have communicated, it is determined that the verification of the off-hook terminal 620 is successful; otherwise, it is determined that the authentication fails for the detach terminal 620.
It should be noted that, when it is determined that the verification of the off-hook terminal 620 is successful, the user number security node server 610 sends a verification success message to the operator core network node server 672, so that the off-hook terminal 620 can normally use the number to be verified.
Step S720, the user number security assurance node server 610 generates an identifier that the mobile phone number corresponding to the off-hook terminal 620 is stolen under the condition that the authentication of the off-hook terminal 620 is determined to be failed; and generating and sending an alarm message to the block chain network according to the stolen identifier so that each node in the block chain network freezes an account corresponding to the communication identifier.
For example, when the bank monitoring node server 650 and the network credit platform monitoring node server 660 obtain the alarm message from the blockchain network, the financial account corresponding to the unlinking terminal 620 is searched and obtained according to the device identifier of the unlinking terminal 620, and is frozen, so that property loss of the user is avoided, and safety of the user is improved.
When the operator core network node server 672 obtains the alarm message from the blockchain network, the communication function of the off-hook terminal 620 is stopped, and the off-hook terminal 620 is locked.
When the social security node server 640 obtains the alarm message from the blockchain network, the account corresponding to the unlinking terminal 620 is prohibited from logging in, so as to ensure the security of the identity information of the user.
In some implementations, in a case where the off-hook terminal 620 determines that the communication function thereof is stopped, the off-hook terminal 620 still needs to continue to use the mobile phone number, and the off-hook terminal 620 needs to upload the fingerprint information of the user of the off-hook terminal 620 to the user number security node server 610, so that the user number security node server 610 performs living body verification on the user of the off-hook terminal 620 according to the fingerprint information, and further determines whether to resume the use right of the off-hook terminal 620.
If it is determined that the biometric authentication fails, that is, the user of the off-hook terminal 620 is not a registered user of the mobile phone number, the communication function of the off-hook terminal 620 is still stopped, for example, the user of the off-hook terminal 620 is stopped from making a call, surfing the internet, sending and receiving a short message, and the like. Meanwhile, the identifier of the off-hook terminal 620 and the identifier of the stolen mobile phone number corresponding to the off-hook terminal 620 are sent to the blockchain network, so that it is ensured that other nodes in the blockchain network do not perform online opening operation for the user of the off-hook terminal 620 any more.
In this embodiment, in a business hall non-business time (for example, in a next-shift time), two different terminals in a one-number multi-terminal service perform operations of loss reporting and hang releasing on a number to be verified respectively, and a user number security assurance node server determines whether the number to be verified has a risk of being stolen or not through various verification information such as social security verification information, first financial verification information, second financial verification information, short message verification information and call record verification information obtained from a block chain network, so as to comprehensively measure the security of the number to be verified; and under the condition that the number to be verified is not stolen, mutually authenticating the unlinking terminal and the loss reporting terminal through the password to be verified, and under the condition that the loss reporting terminal passes the verification of the unlinking terminal, verifying the unlinking terminal again by using the trust terminal again to ensure the accuracy of the verification result and further determine whether the number to be verified is stolen. And under the condition that the number to be verified is stolen, the communication function of the un-hung terminal is stopped, and the financial account corresponding to the un-hung terminal is frozen through a bank supervision node server and a network credit platform supervision node server in the block chain network, so that the property loss of a stolen user is avoided, the safety of the user is improved, and the user experience degree is improved.
It is to be understood that the above embodiments are merely exemplary embodiments that are employed to illustrate the principles of the present application, and that the present application is not limited thereto. It will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the application, and these changes and modifications are to be considered as the scope of the application.

Claims (11)

1. A method for protecting a communication identifier from theft, the method comprising:
acquiring management verification information of a first multi-terminal management node to an off-hook terminal, social security verification information and financial verification information corresponding to the off-hook terminal;
determining whether the communication identifier corresponding to the unlinking terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information;
and limiting the use permission of the off-hook terminal under the condition that the communication identifier is determined to be stolen.
2. The method according to claim 1, wherein the management verification information includes a first verification result and a second verification result, the first verification result is a verification result determined according to registered cell information corresponding to a trusted terminal and cell information of the off-hook terminal during an off-hook operation, and the second verification result is a verification result determined according to a call record of the off-hook terminal and an identifier of the trusted terminal.
3. The method according to claim 2, wherein the determining whether the communication identifier corresponding to the disconnect terminal is stolen according to the management verification information, the social security verification information and the financial verification information comprises:
judging whether a communication identifier corresponding to the off-hook terminal logs in a social security platform or not according to the social security verification information, and acquiring identity card information corresponding to the communication identifier to obtain a first judgment result;
judging whether the communication identifier corresponding to the off-hook terminal carries out financial transaction according to the financial verification information to obtain a second judgment result;
judging whether the off-hook terminal is communicated with the trust terminal or not according to the management verification information, and judging whether the off-hook terminal and the trust terminal are positioned in the same cell or not when the off-hook terminal is subjected to off-hook operation, so as to obtain a third judgment result;
and determining whether the communication identifier corresponding to the off-hook terminal is stolen or not according to any one or more of the first judgment result, the second judgment result and the third judgment result.
4. The method according to claim 1, wherein the limiting the usage right of the suspension terminal in the case that the communication identifier is determined to be stolen comprises:
generating an identifier which is used by stealing the communication identifier corresponding to the off-hook terminal;
and generating and sending an alarm message to the block chain network according to the stolen identifier so that each node in the block chain network freezes an account corresponding to the communication identifier.
5. The method according to claim 1, wherein after limiting the usage right of the suspension terminal in case of determining that the communication identifier is stolen, the method further comprises:
acquiring fingerprint information fed back by the off-hook terminal;
and performing living body verification on the user of the off-hook terminal according to the fingerprint information, and determining whether to recover the use authority of the off-hook terminal.
6. A method for protecting a communication identifier from theft, the method comprising:
acquiring registered cell information corresponding to the trusted terminal and information of an unlinking cell of the unlinking terminal during an unlinking operation;
determining a first verification result according to the registered cell information and the cell information;
acquiring a call record of the off-hook terminal and an identifier of the trust terminal;
inquiring the call record according to the identification of the trust terminal, determining whether the off-hook terminal is communicated with the trust terminal or not, and obtaining a second verification result;
and generating and sending management verification information to a block chain network according to the first verification result and the second verification result so that a user number security assurance node obtains the management verification information, determining whether a communication identifier corresponding to the off-hook terminal is stolen according to the management verification information, the social security verification information of the off-hook terminal and the financial verification information, and limiting the use permission of the off-hook terminal under the condition that the communication identifier is determined to be stolen.
7. The method according to claim 6, wherein the registration cell information includes registration location information and registration time of the trusted terminal, and the release cell information includes release time of release location information of the release terminal when the release terminal performs the release operation;
determining a first verification result according to the registered cell information and the cell information, including:
comparing the registered position information with the unhooking position information under the condition that the unhooking time is determined to be the same as the registered time, and obtaining a comparison result;
and determining the first verification result according to the comparison result, wherein the first verification result comprises that the off-hook terminal and the trusted terminal are located in the same cell when the off-hook operation is carried out, or the off-hook terminal and the trusted terminal are not located in the same cell when the off-hook operation is carried out.
8. The method of claim 6, wherein the call log comprises an identification of the off-hook terminal and an identification of a first terminal, the first terminal being a terminal in communication with the off-hook terminal;
the inquiring the call record according to the identification of the trust terminal, determining whether the off-hook terminal is communicated with the trust terminal, and obtaining a second verification result, comprising:
under the condition that the identification of the trust terminal is identical to the identification of the first terminal, determining that the second verification result is that the disconnection terminal and the trust terminal are communicated;
otherwise, determining that the second verification result is that the unlinking terminal and the trust terminal are not communicated.
9. The method according to claim 6, wherein the querying the call record according to the identifier of the trusted terminal, determining whether the disconnect terminal has communicated with the trusted terminal, and after obtaining a second verification result, before generating and sending management verification information to the blockchain network according to the first verification result and the second verification result, further comprises:
and verifying whether the off-hook terminal has a verification password preset by the user or not to obtain a password verification result.
10. A subscriber number security node server, comprising:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring management verification information of a first multi-terminal management node on an off-hook terminal, social security verification information corresponding to the off-hook terminal and financial verification information;
the judging module is used for determining whether the communication identifier corresponding to the unhook terminal is stolen or not according to the management verification information, the social security verification information and the financial verification information;
and the limiting module is used for limiting the use permission of the off-hook terminal under the condition that the communication identifier is determined to be stolen.
11. A one number multi-terminal management node server, comprising:
the second acquisition module is used for acquiring the information of the registered cell corresponding to the trusted terminal and the information of the cell to be disconnected when the disconnection terminal is in disconnection operation;
the first verification module is used for determining a first verification result according to the registered cell information and the unhook cell information;
the third acquisition module is used for acquiring the call record of the off-hook terminal and the identification of the trust terminal;
the second verification module is used for inquiring the call record according to the identification of the trust terminal, determining whether the off-hook terminal is communicated with the trust terminal or not and obtaining a second verification result;
and the processing module is used for generating and sending management verification information to a block chain network according to the first verification result and the second verification result so that a user number security guarantee node can obtain the management verification information, determining whether the communication identifier corresponding to the off-hook terminal is stolen according to the management verification information, the social security verification information of the off-hook terminal and the financial verification information, and limiting the use permission of the off-hook terminal under the condition that the communication identifier is stolen.
CN202110155475.8A 2021-02-04 2021-02-04 Anti-theft method and server for communication identification Active CN112950199B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110155475.8A CN112950199B (en) 2021-02-04 2021-02-04 Anti-theft method and server for communication identification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110155475.8A CN112950199B (en) 2021-02-04 2021-02-04 Anti-theft method and server for communication identification

Publications (2)

Publication Number Publication Date
CN112950199A true CN112950199A (en) 2021-06-11
CN112950199B CN112950199B (en) 2023-06-23

Family

ID=76243930

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110155475.8A Active CN112950199B (en) 2021-02-04 2021-02-04 Anti-theft method and server for communication identification

Country Status (1)

Country Link
CN (1) CN112950199B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160012445A1 (en) * 2011-11-10 2016-01-14 Antony-Euclid C. Villa-Real Customer-controlled instant-response anti-fraud/anti-identity theft devices (with true-personal identity verification), methods and systems for secured global applications in personal/business e-banking, e-commerce, e-medical/health insurance checker, e-education/research/invention, e-disaster advisor, e-immigration, e-airport/aircraft security, e-military/e-law enforcement, with or without nfc component and system, with cellular/satellite phone/internet/multi-media functions
CN106302544A (en) * 2016-10-18 2017-01-04 深圳市金立通信设备有限公司 A kind of safe verification method and system
CN106330839A (en) * 2015-07-01 2017-01-11 阿里巴巴集团控股有限公司 Account loss report cancelling method and apparatus
CN106372474A (en) * 2016-09-08 2017-02-01 广州衡昊数据科技有限公司 Method and system for preventing identification card from being stolen
US20170330255A1 (en) * 2009-07-20 2017-11-16 Wenxuan Tonnison Online e-commerce and networking system with user-participated advertisements, joint online purchasing and dynamic user interactions
CN107464121A (en) * 2017-07-11 2017-12-12 阿里巴巴集团控股有限公司 Electronic account is reported the loss, solves extension, business management method, device and equipment
CN107895256A (en) * 2017-11-08 2018-04-10 平安科技(深圳)有限公司 Bank account cancel loss report method for processing business, system, terminal and storage medium
CN109033869A (en) * 2018-07-04 2018-12-18 深圳虚觅者科技有限公司 Encrypted file system hanging method and device

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170330255A1 (en) * 2009-07-20 2017-11-16 Wenxuan Tonnison Online e-commerce and networking system with user-participated advertisements, joint online purchasing and dynamic user interactions
US20160012445A1 (en) * 2011-11-10 2016-01-14 Antony-Euclid C. Villa-Real Customer-controlled instant-response anti-fraud/anti-identity theft devices (with true-personal identity verification), methods and systems for secured global applications in personal/business e-banking, e-commerce, e-medical/health insurance checker, e-education/research/invention, e-disaster advisor, e-immigration, e-airport/aircraft security, e-military/e-law enforcement, with or without nfc component and system, with cellular/satellite phone/internet/multi-media functions
CN106330839A (en) * 2015-07-01 2017-01-11 阿里巴巴集团控股有限公司 Account loss report cancelling method and apparatus
CN106372474A (en) * 2016-09-08 2017-02-01 广州衡昊数据科技有限公司 Method and system for preventing identification card from being stolen
CN106302544A (en) * 2016-10-18 2017-01-04 深圳市金立通信设备有限公司 A kind of safe verification method and system
CN107464121A (en) * 2017-07-11 2017-12-12 阿里巴巴集团控股有限公司 Electronic account is reported the loss, solves extension, business management method, device and equipment
CN107895256A (en) * 2017-11-08 2018-04-10 平安科技(深圳)有限公司 Bank account cancel loss report method for processing business, system, terminal and storage medium
CN109033869A (en) * 2018-07-04 2018-12-18 深圳虚觅者科技有限公司 Encrypted file system hanging method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MALIK NADEEM ANWAR 等: "Security threats taxonomy: Smart-home perspective", 《2017 3RD INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING,COMMUNICATION & AUTOMATION》, pages 1 - 4 *
孙尚文: "基于RFID技术的校园一卡通系统设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》, no. 7, pages 138 - 150 *

Also Published As

Publication number Publication date
CN112950199B (en) 2023-06-23

Similar Documents

Publication Publication Date Title
CN106991317B (en) Security verification method, platform, device and system
US9578025B2 (en) Mobile network-based multi-factor authentication
US8588415B2 (en) Method for securing a telecommunications terminal which is connected to a terminal user identification module
CN112437428B (en) Verification method and server
CN107113613B (en) Server, mobile terminal, network real-name authentication system and method
US11671819B2 (en) Systems and methods for porting communication devices
CN1219337A (en) Finding copied sim cards
JPH11507451A (en) System for detecting unauthorized account access
US11757911B2 (en) Method and system for providing security on in-vehicle network
CN109496443B (en) Mobile authentication method and system therefor
CN103108323A (en) Safety operation execution system and execution method
KR101281099B1 (en) An Authentication method for preventing damages from lost and stolen smart phones
CN109587683B (en) Method and system for preventing short message from being monitored, application program and terminal information database
CN114157438A (en) Network equipment management method and device and computer readable storage medium
CN106778334A (en) The guard method of account information and mobile terminal
CN112950199B (en) Anti-theft method and server for communication identification
KR20140043071A (en) Authentication system and method for device attempting connection
CN112954688B (en) Communication identifier verification method, server and core network equipment
CN112564915B (en) Verification method, one-number multi-terminal management server and terminal
CN105743883B (en) A kind of the identity attribute acquisition methods and device of network application
CN114553573A (en) Identity authentication method and device
CN112906027A (en) Cloud computing data center access management method
US20180332028A1 (en) Method For Detecting Unauthorized Copies Of Digital Security Tokens
KR101195027B1 (en) System and method for service security
CN112566098A (en) Identification information verification method and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant