CN113068178A - Terminal authentication method and server - Google Patents
Terminal authentication method and server Download PDFInfo
- Publication number
- CN113068178A CN113068178A CN202110319128.4A CN202110319128A CN113068178A CN 113068178 A CN113068178 A CN 113068178A CN 202110319128 A CN202110319128 A CN 202110319128A CN 113068178 A CN113068178 A CN 113068178A
- Authority
- CN
- China
- Prior art keywords
- terminal
- authenticated
- information
- verified
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000012795 verification Methods 0.000 claims abstract description 151
- 238000004891 communication Methods 0.000 claims abstract description 92
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000004913 activation Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000013503 de-identification Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The application discloses an authentication method of a terminal and a server, and relates to the technical field of communication. The authentication method of the terminal comprises the following steps: determining a video verification score according to preset video information and the obtained video information of the terminal to be authenticated; determining a first verification result according to the video verification score and a preset threshold value; acquiring communication information to be verified of a terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information; and determining whether the terminal to be authenticated passes the authentication or not according to the first verification result and the second verification result. Through different verification dimensions, the accuracy of the authentication result is determined, the authentication success rate of the terminal to be authenticated is improved, the user can complete the opening of the online service safely by self, and the user experience is improved.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to an authentication method and a server for a terminal.
Background
At present, with the rapid development of the mobile internet and the development of the communication industry, the demand of users is also continuously increasing. The user can open an account on line of a 5th Generation Mobile network (5G) through the Mobile internet, and the user can complete real-name authentication through the Mobile internet, so that the inconvenience of going to a business hall and handling business is avoided.
However, in the process of opening an account on the 5G line, after the user selects the number, the user is required to upload the front/back photos of the identity card, and then the user is subjected to live body verification to determine whether to transact business by himself. However, the difference between the identity card picture and the identity person may cause the verification failure, so that the user cannot self-help open the related service online.
Disclosure of Invention
Therefore, the application provides an authentication method of the terminal and the server, and solves the problem of how to accurately and safely authenticate the terminal to be authenticated.
In order to achieve the above object, a first aspect of the present application provides an authentication method for a terminal, the method including: determining a video verification score according to preset video information and the obtained video information of the terminal to be authenticated; determining a first verification result according to the video verification score and a preset threshold value; acquiring communication information to be verified of a terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information; and determining whether the terminal to be authenticated passes the authentication or not according to the first verification result and the second verification result.
In some specific implementations, obtaining communication information to be verified of a terminal to be authenticated includes: acquiring any one or more of call record information to be verified of the terminal to be authenticated, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated.
In some implementations, the preset communication information includes preset voice information of a registered user of the terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: acquiring pre-stored preset voice information of a registered user of a terminal to be authenticated; and comparing the preset voice information with the voice information to be verified, and determining a second verification result.
In some specific implementations, the preset communication information includes history call record information corresponding to the terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: acquiring an identifier of a terminal to be authenticated; searching a database according to the identifier of the terminal to be authenticated to obtain historical call record information; and comparing the call record information to be verified with the historical call record information, and determining a second verification result.
In some specific implementations, the preset communication information includes history short message recording information corresponding to the terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: acquiring an identifier of a terminal to be authenticated; searching a database according to the identification of the terminal to be authenticated to obtain historical short message record information; and comparing the short message record information to be verified with the historical short message record information to determine a second verification result.
In some specific implementations, the preset communication information includes location information of a registration cell corresponding to the terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: and comparing the position information to be verified of the terminal to be authenticated with the position information of the registered cell, and determining a second verification result.
In some specific implementations, before determining the video verification score according to the preset video information and the obtained video information of the terminal to be authenticated, the method further includes: acquiring first fingerprint information of a user of a terminal to be authenticated; acquiring second fingerprint information of a registered user of the terminal to be authenticated; comparing the first fingerprint information with the second fingerprint information to determine a fingerprint comparison result; and determining whether the terminal to be authenticated passes the authentication or not according to the fingerprint comparison result.
In some implementations, after determining whether the terminal to be authenticated passes the authentication according to the first verification result and the second verification result, the method further includes: and under the condition that the terminal to be authenticated is determined to pass the authentication, responding to an opening request sent by the terminal to be authenticated, and opening a preset service for the terminal to be authenticated.
In order to achieve the above object, a second aspect of the present application provides a server comprising: the first acquisition module is used for determining a video verification score according to preset video information and acquired video information of the terminal to be authenticated, wherein the video information comprises identity information of a user of the terminal to be authenticated; the first verification module is used for determining a first verification result according to the video verification score and a preset threshold value; the second acquisition module is used for acquiring the communication information to be verified of the terminal to be authenticated; the second verification module is used for determining a second verification result according to the communication information to be verified and the preset communication information; and the authentication module is used for determining whether the terminal to be authenticated passes the authentication or not according to the first verification result and the second verification result.
In some implementations, the second obtaining module includes: and the obtaining submodule is used for obtaining any one or more of call record information to be verified of the terminal to be authenticated, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated.
According to the terminal authentication method and the server, a video verification score is determined according to preset video information and acquired video information of a terminal to be authenticated, wherein the video information comprises identity information of a user of the terminal to be authenticated; determining a first verification result according to the video verification score and a preset threshold value, determining whether a user of the terminal to be authenticated is a legal user, and ensuring the safety of the terminal to be authenticated; acquiring communication information to be verified of a terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, and ensuring that the communication information of the terminal to be verified meets the safety requirement; according to the first verification result and the second verification result, whether the terminal to be authenticated passes authentication or not is determined, the accuracy of the authentication result is determined through different verification dimensions, the success rate of the authentication of the terminal to be authenticated is improved, a user can complete the opening of the online service in a self-service and safe manner, and the user experience is improved.
Drawings
The accompanying drawings are included to provide a further understanding of the embodiments of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the principles of the application. The above and other features and advantages will become more apparent to those skilled in the art by describing in detail exemplary embodiments thereof with reference to the attached drawings, in which:
fig. 1 is a flowchart illustrating an authentication method of a terminal in an embodiment of the present application.
Fig. 2 is a flowchart illustrating an authentication method of a terminal according to another embodiment of the present application.
Fig. 3 shows a block diagram of the components of the server in the embodiment of the present application.
Fig. 4 is a block diagram showing components of an authentication system of a terminal in the embodiment of the present application.
Fig. 5 is a flowchart illustrating a working method of the authentication system of the terminal in the embodiment of the present application.
In the drawings:
301: the first obtaining module 302: first verification module
303: the second obtaining module 304: second verification module
305: the authentication module 401: terminal to be authenticated
402: the accessory device 403: service provisioning server
404: fingerprint verification system server
Detailed Description
The following detailed description of embodiments of the present application will be made with reference to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present application, are given by way of illustration and explanation only, and are not intended to limit the present application. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by illustrating examples thereof.
In the technical solution according to the present application, the acquisition of the personal information data of the user complies with the relevant national laws and regulations (e.g., "information security technology personal information security regulations"). Moreover, the information acquisition mode is that the user is explicitly informed, and a legal way is passed; the type of the obtained information is directly related to the service function of the product or service, and the obtained information is collected with the lowest frequency and the minimum quantity; collecting personal information without violating the autonomous will of the personal information subject; obtaining authorization approval when collecting personal information; when the personal information is obtained indirectly, or a data set is disclosed for a network, or obtained in other ways, and the specification requirement of obtaining the indirect personal information is met.
In the technical solution according to the present application, the storage of the user personal information data complies with the relevant national laws and regulations (e.g., "information security technology personal information security regulations"). If the technical scheme involves some specific operations as follows, the following corresponding processing modes can be further selected: personal information storage time is minimized; the personal information has been subjected to a de-identification process; encrypting and storing the personal sensitive information; the personal biological information and the personal identity information are stored separately; the original personal biometric information is not stored, such as only the digest information is stored, or only used, or deleted after use.
The technical scheme is characterized in that the use of the user data follows the relevant national laws and regulations (such as personal information safety regulations of information safety technology). Such as: the personal information access control takes corresponding prescribed measures; the display of personal information gives regulatory restrictions; the personal information use purpose is not beyond the direct or reasonable association range; and when the personal information is used, the definite identity directivity is eliminated, and the specific individual is prevented from being accurately positioned.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
Fig. 1 is a flowchart illustrating an authentication method of a terminal in an embodiment of the present application. The authentication method of the terminal can be applied to a server, for example: a service provisioning server of an operator, and the like. As shown in fig. 1, the authentication method of the terminal includes the steps of:
and S101, determining a video verification score according to preset video information and the obtained video information of the terminal to be authenticated.
The preset video information comprises identity information of a registered user of the terminal to be authenticated; the video information includes identity information of a user of the terminal to be authenticated.
For example, by comparing the preset video information with the video information of the terminal to be authenticated, the similarity between the user of the terminal to be authenticated and the registered user can be determined, and the video verification score can be determined according to the similarity.
In one specific implementation, since the video information includes the identity information of the registered user and the identity information of the user, the video verification score can be determined by directly comparing the identity information of the registered user and the identity information of the user. The accuracy of the video verification score is improved.
Step S102, determining a first verification result according to the video verification score and a preset threshold value.
Wherein, the preset threshold is a standard value preset according to an empirical value, and the first verification result comprises: the video verification score is larger than a preset threshold value, or the video verification score is smaller than or equal to the preset threshold value.
By comparing the video verification score with a preset threshold value, the difference between the registered user of the terminal to be authenticated and the user can be quantitatively determined, so that the obtained first verification result is more accurate.
Step S103, obtaining the communication information to be verified of the terminal to be authenticated.
The communication information to be verified can be any one or more of call record information to be verified, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated. The call record information to be verified comprises the latest call record (such as the calling number, the called number, the call duration and the like) of the terminal to be authenticated within the preset duration; the voice information to be verified comprises: the voice information recorded by the user of the terminal to be authenticated (for example, the user regularly records within a preset time period according to the system setting, the audio information that the user reads a certain random number or text, etc.).
In some specific implementations, obtaining communication information to be verified of a terminal to be authenticated includes: acquiring any one or more of call record information to be verified of the terminal to be authenticated, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated.
The short message record information to be verified can be a short message record of the terminal to be authenticated within a preset time length. For example, the short message related to the personal information of the user of the terminal to be authenticated is sent by any one or more of the bank, the functional institution or the operator, which is received by the terminal to be authenticated within the last 30 minutes. The position information to be verified of the terminal to be authenticated comprises longitude and latitude information of the terminal to be authenticated, which is acquired in real time, or a landmark building name of the position of the terminal to be authenticated and the like.
And step S104, determining a second verification result according to the communication information to be verified and the preset communication information.
The preset communication information comprises any one or more of preset voice information of a registered user of the terminal to be authenticated, historical call record information corresponding to the terminal to be authenticated, historical short message record information corresponding to the terminal to be authenticated and position information of a registered cell corresponding to the terminal to be authenticated.
And analyzing and comparing the communication information to be verified with preset communication information to determine a second verification result, wherein the second verification result comprises any one or more of call record information to be verified of the terminal to be authenticated, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated, or the verification of the communication information to be verified of the terminal to be authenticated fails. Due to the fact that the preset communication information can embody the information of multiple dimensions, the accuracy of the second verification result can be guaranteed, the authentication accuracy of the terminal to be authenticated is improved, and the safety of the terminal to be authenticated is guaranteed.
In some implementations, the preset communication information includes preset voice information of a registered user of the terminal to be authenticated. Determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: acquiring pre-stored preset voice information of a registered user of a terminal to be authenticated; and comparing the preset voice information with the voice information to be verified, and determining a second verification result.
The preset voice information may be audio information that is pre-recorded by a registered user of the terminal to be authenticated using the recording device, for example, the registered user reads audio information of some random numbers or characters.
The preset voice information is compared with the voice information to be verified, whether the voice of the user of the terminal to be authenticated is consistent with the business of the registered user of the terminal to be authenticated can be determined, a second verification result is further determined, whether the user of the terminal to be authenticated is the same as the registered user is represented through the second verification result, and the use safety of the terminal to be authenticated is guaranteed.
In some specific implementations, the preset communication information includes history call record information corresponding to the terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: acquiring an identifier of a terminal to be authenticated; searching a database according to the identifier of the terminal to be authenticated to obtain historical call record information; and comparing the call record information to be verified with the historical call record information, and determining a second verification result.
The history call record information includes call record information of the terminal to be authenticated within a certain time (for example, three months), for example, information of the number of calls of the terminal to be authenticated within the past three months, the call time of each call, the calling/called number of each call, and the like. The call record information to be verified comprises call duration to be verified, a calling/called number of a call to be verified and the like.
For example, by using the calling/called number of the call to be verified in the call record information to be verified as an index, historical call record information can be searched, whether the terminal to be authenticated has ever communicated with the calling/called number is determined, and the call security of the terminal to be verified is ensured.
By comparing the call record information to be verified with the historical call record information and determining the second verification result, whether the terminal to be authenticated is in call with a familiar number or not can be determined, the terminal to be authenticated is prevented from being stolen by a third party, and the safety of the terminal to be authenticated is improved.
In some specific implementations, the preset communication information includes history short message recording information corresponding to the terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: acquiring an identifier of a terminal to be authenticated; searching a database according to the identification of the terminal to be authenticated to obtain historical short message record information; and comparing the short message record information to be verified with the historical short message record information to determine a second verification result.
The short message record information to be verified comprises short messages which are sent by any one or more of banks, functional institutions or operators and are related to the personal information of the user of the terminal to be verified, and the short messages are received by the terminal to be verified within a preset time (for example, the last 30 minutes). The history short message recording information comprises short messages which are received by the terminal to be authenticated and are sent by any one or more of banks, functional institutions or operators and are related to the personal information of the registered user of the terminal to be authenticated.
By comparing the short message record information to be verified with the historical short message record information and determining the second verification result, the user of the terminal to be authenticated can be ensured to keep consistent with the registered user, abuse of the terminal to be authenticated is avoided, and the safety of the terminal to be authenticated is improved.
In some specific implementations, the preset communication information includes location information of a registration cell corresponding to the terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, wherein the second verification result comprises the following steps: and comparing the position information to be verified of the terminal to be authenticated with the position information of the registered cell, and determining a second verification result.
The location information to be verified includes geographic location information (e.g., longitude and latitude information or a name of a landmark building where the terminal to be authenticated is located in real time) where the terminal to be authenticated is located in real time. The location information of the registration Cell includes geographical location information of the registration Cell corresponding to the terminal to be authenticated (e.g., an Identifier (e.g., Physical Cell Identifier (PCI)) of the registration Cell), a longitude and latitude of the registration Cell, and the like).
The latitude and longitude information of the registration cell includes a coverage area of the registration cell, for example, latitude and longitude range information corresponding to a sector area covered with the base station corresponding to the registration cell as a center and a coverage radius of the registration cell as a radius. The longitude and latitude information of the position of the terminal to be authenticated is compared with the longitude and latitude range information corresponding to the registration cell, whether the terminal to be authenticated is in the coverage range of the registration cell is determined, the terminal to be authenticated can receive the communication signal of the registration cell, and the terminal to be authenticated is ensured to be in a safe use range.
And step S105, determining whether the terminal to be authenticated passes the authentication or not according to the first verification result and the second verification result.
When the first verification result is determined that the video verification score is larger than the preset threshold value, and the second verification result is determined that the verification of any one or more of call record information to be verified, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated is successful, the terminal to be authenticated is determined to pass the authentication, otherwise, the terminal to be authenticated is determined not to pass the authentication, at the moment, the terminal to be authenticated is represented to be possibly operated by a third party by mistake, and if the terminal to be authenticated still needs to perform relevant online service processing, a registered user of the terminal to be authenticated needs to go to an offline business hall for manual processing, so that the safety of the terminal to be authenticated is guaranteed.
In the embodiment, a video verification score is determined according to preset video information and acquired video information of the terminal to be authenticated, wherein the video information comprises identity information of a user of the terminal to be authenticated; determining a first verification result according to the video verification score and a preset threshold value, determining whether a user of the terminal to be authenticated is a legal user, and ensuring the safety of the terminal to be authenticated; acquiring communication information to be verified of a terminal to be authenticated; determining a second verification result according to the communication information to be verified and the preset communication information, and ensuring that the communication information of the terminal to be verified meets the safety requirement; according to the first verification result and the second verification result, whether the terminal to be authenticated passes authentication or not is determined, the accuracy of the authentication result is determined through different verification dimensions, the success rate of the authentication of the terminal to be authenticated is improved, a user can complete the opening of the online service in a self-service and safe manner, and the user experience is improved.
Fig. 2 is a flowchart illustrating an authentication method of a terminal according to another embodiment of the present application. The authentication method of the terminal can be applied to a service opening server of an operator. As shown in fig. 2, the authentication method of the terminal includes the steps of:
step S201, determining a video verification score according to preset video information and the obtained video information of the terminal to be authenticated.
Step S201 in this embodiment is the same as step S101 in the previous embodiment, and is not described herein again.
In some specific implementations, before determining the video verification score according to the preset video information and the obtained video information of the terminal to be authenticated, the method further includes: acquiring first fingerprint information of a user of a terminal to be authenticated; acquiring second fingerprint information of a registered user of the terminal to be authenticated; comparing the first fingerprint information with the second fingerprint information to determine a fingerprint comparison result; and determining whether the terminal to be authenticated passes the authentication or not according to the fingerprint comparison result.
The first fingerprint information can represent identity information of a user of the terminal to be authenticated, and the second fingerprint information can represent identity information of a registered user of the terminal to be authenticated. The fingerprint comparison result comprises the following steps: the first fingerprint information and the second fingerprint information are the same, or the first fingerprint information and the second fingerprint information are different.
When the first fingerprint information and the second fingerprint information are determined to be the same, the terminal to be authenticated can be determined to pass authentication; otherwise, when it is determined that the first fingerprint information and the second fingerprint information are different, it may be determined that the terminal to be authenticated does not pass the authentication, and further identity authentication of the terminal to be authenticated is required (e.g., step S202 is executed).
Whether the terminal to be authenticated passes authentication or not is determined through the fingerprint comparison result, the fact that the user of the terminal to be authenticated is the registered user of the user can be guaranteed, the fact that the operation of the terminal to be authenticated is legal is guaranteed, the fact that a third party carries out misoperation on the terminal to be authenticated to cause abnormal communication cost corresponding to the terminal to be authenticated is avoided, and safety of the terminal to be authenticated is improved.
Step S202, a first verification result is determined according to the video verification score and a preset threshold value.
Step S203, obtaining communication information to be verified of the terminal to be authenticated;
step S204, determining a second verification result according to the communication information to be verified and preset communication information;
step S205, determining whether the terminal to be authenticated passes the authentication according to the first verification result and the second verification result.
It should be noted that steps S202 to S205 in this embodiment are the same as steps S102 to S105 in the previous embodiment, and are not repeated herein.
Step S206, under the condition that the terminal to be authenticated is confirmed to pass the authentication, responding to the opening request sent by the terminal to be authenticated, and opening the preset service for the terminal to be authenticated.
The provisioning request includes a type of a preset service (e.g., a network call function in 5G, a color ring service, a video call service in a 4th Generation Mobile network (4G), and the like). The preset service is a service which is expected to be opened by the terminal to be authenticated.
For example, when it is determined that the terminal to be authenticated passes authentication, the terminal to be authenticated is set as a terminal to be opened for a preset service, and an opening process of the preset service is started. Inputting the opening requirement of the terminal to be opened of the preset service through front-end equipment, carrying out opening processing operation of the preset service for the terminal to be opened of the preset service by a background server according to the opening requirement and acquired data such as user identity information of the terminal to be opened of the preset service, feeding back a service opening result to the terminal to be opened of the preset service under the condition that the preset service is successfully opened, setting the terminal to be opened of the preset service as an opened terminal, and finishing the opening process of the preset service. Through the steps, the safe opening of the preset service can be ensured, the misoperation of a third party is avoided, and the accuracy of the service opening is improved.
In the embodiment, through the fingerprint comparison result, the first verification result determined by the video verification score and the preset threshold value, and the second verification result determined by the communication information to be verified and the preset communication information, the authentication of the terminal to be authenticated is performed through multiple dimensions, the accuracy of the authentication result is determined, the authentication success rate of the terminal to be authenticated is improved, a user can complete the opening of the online service in a self-service and safe manner, and the user experience is improved.
Fig. 3 shows a block diagram of the components of the server in the embodiment of the present application. As shown in fig. 3, the server specifically includes the following modules:
the first obtaining module 301 is configured to determine a video verification score according to preset video information and obtained video information of a terminal to be authenticated, where the video information includes identity information of a user of the terminal to be authenticated; a first verification module 302, configured to determine a first verification result according to the video verification score and a preset threshold; a second obtaining module 303, configured to obtain communication information to be verified of the terminal to be authenticated; the second verification module 304 is configured to determine a second verification result according to the communication information to be verified and the preset communication information; and an authentication module 305, configured to determine whether the terminal to be authenticated passes authentication according to the first verification result and the second verification result.
In some implementations, the second obtaining module 303 includes: and the obtaining submodule is used for obtaining any one or more of call record information to be verified of the terminal to be authenticated, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated.
In this embodiment, a first obtaining module determines a video verification score according to preset video information and obtained video information of a terminal to be authenticated, where the video information includes identity information of a user of the terminal to be authenticated; determining a first verification result by using a first verification module according to the video verification score and a preset threshold value, determining whether a user of the terminal to be authenticated is a legal user, and ensuring the safety of the terminal to be authenticated; acquiring to-be-verified communication information of the to-be-authenticated terminal by using a second acquisition module; determining a second verification result by using a second verification module according to the communication information to be verified and the preset communication information, and ensuring that the communication information of the terminal to be verified meets the safety requirement; the authentication module is used for determining whether the terminal to be authenticated passes the authentication or not according to the first authentication result and the second authentication result, the accuracy of the authentication result is determined through different authentication dimensions, the authentication success rate of the terminal to be authenticated is improved, a user can complete the opening of the online service in a self-service and safe manner, and the user experience is improved.
It should be noted that each module referred to in this embodiment is a logical module, and in practical applications, one logical unit may be one physical unit, may be a part of one physical unit, and may be implemented by a combination of multiple physical units. In addition, in order to highlight the innovative part of the present application, a unit that is not so closely related to solving the technical problem proposed by the present application is not introduced in the present embodiment, but it does not indicate that no other unit exists in the present embodiment.
Fig. 4 is a block diagram showing components of an authentication system of a terminal in the embodiment of the present application. As shown in fig. 4, the authentication system of the terminal specifically includes the following devices:
a terminal 401 to be authenticated, an accessory device 402, a service provisioning server 403 of an operator, and a fingerprint verification system server 404.
The terminal 401 to be authenticated and the accessory device 402 can communicate with each other in a short-distance communication manner such as bluetooth or a mobile hotspot (Wi-Fi); the terminal 401 to be authenticated, the service provisioning server 403 of the operator, and the fingerprint verification system server 404 may communicate with each other through the mobile internet.
Fig. 5 is a flowchart illustrating a working method of the authentication system of the terminal in the embodiment of the present application. As shown in fig. 5, the working method of the authentication system of the terminal includes the following steps:
in step S501, the terminal 401 to be authenticated and the accessory device 402 (e.g., a smart watch) complete pairing.
Wherein the terminal 401 to be authenticated corresponds to the first identifier (ID1), the accessory device 402 corresponds to the second identifier (ID2), and since two different IDs (ID1 and ID2) belong to the same household, the terminal 401 to be authenticated and the accessory device 402 can share the location and resources (e.g., software purchased through a network, etc.).
In step S502, the accessory device 402 encrypts the accessory device information to generate encrypted accessory device information, and sends the encrypted accessory device information to the terminal device 401 through short-range communication methods such as bluetooth or mobile hotspot (Wi-Fi).
The accessory device information includes any one or more of a communication identifier of the accessory device 402 (e.g., IMSI of watch), a device identifier of the accessory device 402 (e.g., ID2, etc.), and second location information of the accessory device 402.
In step S503, the terminal 401 to be authenticated sends its own terminal information and the acquired accessory device information to the account opening system server 403 of the operator.
The terminal information includes any one or more of a communication identifier (e.g., IMSI, IMEI, etc.), an equipment identifier (e.g., ID1, etc.) and first location information corresponding to the terminal 401 to be authenticated.
In step S504, after the terminal 401 to be authenticated completes pairing operation with the accessory device 402, it sends an authentication request to the account opening system server 403 of the operator.
The authentication request includes an account opening request identifier and identity information (e.g., a front/back photo of an identity card, etc.) of a user corresponding to the terminal 401 to be authenticated.
In step S505, the account opening system server 403 of the operator interacts with the terminal 401 to be authenticated, so as to complete the live body verification of the user of the terminal 401 to be authenticated.
For example, the operator's account opening system server 403 transmits an acquisition request for acquiring video information of the user of the terminal to be authenticated 401. When the terminal 401 to be authenticated obtains the obtaining request, the camera function module is called to obtain the video information of the user of the terminal 401 to be authenticated, for example, the video information includes information that the user reads a preset character string or text information. The terminal 401 to be authenticated sends the video information to the account opening system server 403 of the operator, and the account opening system server 403 of the operator responds to the video information fed back by the terminal 401 to be authenticated, compares the video information with the pre-stored video information (for example, the video information of the registered user of the terminal to be authenticated), and determines whether the user of the terminal 401 to be authenticated is the same as the identity information of the registered user, that is, whether the registered user himself/herself performs service activation.
In one specific implementation, a video verification score is determined according to video information corresponding to a user of the terminal 401 to be authenticated and pre-stored video information of a registered user of the terminal 401 to be authenticated; if the video verification score is larger than a preset threshold value (for example, 100%), determining that the registered user himself performs service activation, determining that the user of the terminal 401 to be authenticated succeeds in verification, and continuing to perform service activation operation on the terminal 401 to be authenticated; otherwise, the step S506 is continuously executed.
In step S506, the terminal 401 to be authenticated sends the voice message recorded by the user of the terminal 401 to be authenticated to the account opening system server 403.
In step S507, the account opening system server 403 compares the received voice information of the user of the terminal 401 to be authenticated with the pre-stored voice information of the registered user of the terminal 401 to be authenticated, and obtains a voice comparison result.
In step S508, the terminal 401 to be authenticated sends the call records (for example, K call records in the last 30 minutes, where K is an integer greater than or equal to 1) of the terminal 401 to be authenticated within a preset time period to the account opening system server 403.
In step S509, the account opening system server 403 compares the received call record of the terminal 401 to be authenticated within the preset time period with the pre-stored historical call record of the terminal 401 to be authenticated, so as to obtain a call record comparison result.
In step S510, the terminal 401 to be authenticated sends a short message record (for example, a short message related to the personal information of the user of the authentication terminal 401 sent by any one or more of the bank, the functional institution or the operator received within the last 30 minutes) of the terminal 401 to be authenticated within a preset duration to the account opening system server 403.
In step S511, the account opening system server 403 compares the received short message record of the terminal 401 to be authenticated within the preset time period with the pre-stored historical short message record of the terminal 401 to be authenticated, so as to obtain a short message record comparison result.
In step S512, the terminal 401 to be authenticated sends the geographic location information of the terminal 401 to be authenticated to the account opening system server 403.
In step S513, the account opening system server 403 compares the received geographic location information of the terminal 401 to be authenticated with the pre-stored geographic location information (e.g., the registered 5G/4G cell information (including information such as the cell PCI) of the terminal 401 to be authenticated within a preset time period (e.g., the last 10 minutes), and obtains a location comparison result.
In some specific implementations, the terminal 401 to be authenticated may further upload a self-portrait photo to the account opening system server 403, where the self-portrait photo carries location information, and the account opening system server 403 determines a location comparison result by comparing the self-portrait photo with the identity information of the registered user of the terminal 401 to be authenticated.
In step S514, the terminal 401 to be authenticated encrypts the fingerprint information of the user and the identity information of the user, generates and sends the encrypted fingerprint information to be verified to the fingerprint verification system server 404.
In step S515, the fingerprint verification system server 404 decrypts the received fingerprint information to be verified, and obtains the fingerprint information of the user of the authentication terminal 401 and the identity information of the user. Then, the fingerprint verification system server 404 searches the database according to the identity information of the user to obtain the correct fingerprint information stored in advance; and compares the fingerprint information of the user of the authentication terminal 401 with the correct fingerprint information to obtain a fingerprint authentication result, and sends the fingerprint authentication result to the account opening system server 403.
In step S516, the account opening system server 403 determines whether the user of the terminal 401 to be authenticated passes the authentication according to any one or more of the voice comparison result, the call record comparison result, the short message record comparison result, the location comparison result, and the fingerprint authentication result in the above steps. If the authentication is successful, the required service is opened for the terminal 401 to be authenticated; otherwise, manual review is performed to determine the authentication result of the terminal 401 to be authenticated.
In the embodiment, the user of the terminal to be authenticated is authenticated through various different information, the related information of the user is uploaded to the account opening system server of the operator, the user of the terminal to be authenticated is authenticated from multiple dimensions, the accuracy of the authentication result is determined, the authentication success rate of the terminal to be authenticated is improved, the user can complete the opening of the online service safely by self, and the user experience is improved.
It is to be understood that the above embodiments are merely exemplary embodiments that are employed to illustrate the principles of the present application, and that the present application is not limited thereto. It will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the application, and these changes and modifications are to be considered as the scope of the application.
Claims (10)
1. An authentication method of a terminal, the method comprising:
determining a video verification score according to preset video information and the obtained video information of the terminal to be authenticated;
determining a first verification result according to the video verification score and a preset threshold value;
acquiring communication information to be verified of the terminal to be authenticated;
determining a second verification result according to the communication information to be verified and preset communication information;
and determining whether the terminal to be authenticated passes the authentication or not according to the first verification result and the second verification result.
2. The method according to claim 1, wherein the obtaining of the communication information to be verified of the terminal to be authenticated comprises:
and acquiring any one or more of call record information to be verified of the terminal to be authenticated, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated.
3. The method according to claim 2, wherein the preset communication information comprises preset voice information of a registered user of the terminal to be authenticated;
determining a second verification result according to the communication information to be verified and preset communication information, wherein the determining comprises:
acquiring the pre-stored preset voice information of the registered user of the terminal to be authenticated;
and comparing the preset voice information with the voice information to be verified, and determining the second verification result.
4. The method according to claim 2, wherein the preset communication information comprises historical call record information corresponding to the terminal to be authenticated;
determining a second verification result according to the communication information to be verified and preset communication information, wherein the determining comprises:
acquiring the identifier of the terminal to be authenticated;
searching a database according to the identifier of the terminal to be authenticated to obtain historical call record information;
and comparing the call record information to be verified with the historical call record information, and determining the second verification result.
5. The method according to claim 2, wherein the preset communication information includes history short message record information corresponding to the terminal to be authenticated;
determining a second verification result according to the communication information to be verified and preset communication information, wherein the determining comprises:
acquiring the identifier of the terminal to be authenticated;
searching a database according to the identification of the terminal to be authenticated to obtain the historical short message recording information;
and comparing the short message record information to be verified with the historical short message record information, and determining the second verification result.
6. The method according to claim 2, wherein the preset communication information includes location information of a registration cell corresponding to the terminal to be authenticated;
determining a second verification result according to the communication information to be verified and preset communication information, wherein the determining comprises:
and comparing the position information to be verified of the terminal to be authenticated with the position information of the registered cell, and determining the second verification result.
7. The method according to claim 1, wherein before determining the video verification score according to the preset video information and the obtained video information of the terminal to be authenticated, the method further comprises:
acquiring first fingerprint information of a user of the terminal to be authenticated;
acquiring second fingerprint information of a registered user of the terminal to be authenticated;
comparing the first fingerprint information with the second fingerprint information to determine a fingerprint comparison result;
and determining whether the terminal to be authenticated passes the authentication or not according to the fingerprint comparison result.
8. The method according to any one of claims 1 to 7, wherein after determining whether the terminal to be authenticated is authenticated according to the first verification result and the second verification result, the method further comprises:
and under the condition that the terminal to be authenticated is determined to pass the authentication, responding to an opening request sent by the terminal to be authenticated, and opening a preset service for the terminal to be authenticated.
9. A server, characterized in that it comprises:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for determining a video verification score according to preset video information and acquired video information of a terminal to be authenticated, and the video information comprises identity information of a user of the terminal to be authenticated;
the first verification module is used for determining a first verification result according to the video verification score and a preset threshold value;
the second acquisition module is used for acquiring the communication information to be verified of the terminal to be authenticated;
the second verification module is used for determining a second verification result according to the communication information to be verified and preset communication information;
and the authentication module is used for determining whether the terminal to be authenticated passes the authentication or not according to the first verification result and the second verification result.
10. The server according to claim 9, wherein the second obtaining module comprises:
and the obtaining submodule is used for obtaining any one or more of call record information to be verified of the terminal to be authenticated, short message record information to be verified, voice information to be verified of a user of the terminal to be authenticated and position information to be verified of the terminal to be authenticated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110319128.4A CN113068178A (en) | 2021-03-25 | 2021-03-25 | Terminal authentication method and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110319128.4A CN113068178A (en) | 2021-03-25 | 2021-03-25 | Terminal authentication method and server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113068178A true CN113068178A (en) | 2021-07-02 |
Family
ID=76561847
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110319128.4A Pending CN113068178A (en) | 2021-03-25 | 2021-03-25 | Terminal authentication method and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113068178A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114389893A (en) * | 2022-01-22 | 2022-04-22 | 重庆长安汽车股份有限公司 | Live video processing vehicle real-name authentication system and method and automobile |
| CN114745193A (en) * | 2022-04-25 | 2022-07-12 | 深圳市联洲国际技术有限公司 | Camera identity authentication method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180337917A1 (en) * | 2017-05-17 | 2018-11-22 | Bank Of America Corporation | System for electronic authentication with live user determination |
| CN109905401A (en) * | 2019-03-22 | 2019-06-18 | 深圳市元征科技股份有限公司 | Real name identification method and terminal, server |
| CN110166416A (en) * | 2018-03-29 | 2019-08-23 | 贵州国信通电子商务有限公司 | A method of it is assessed based on Internet authentication and credit |
| CN112437428A (en) * | 2020-11-27 | 2021-03-02 | 中国联合网络通信集团有限公司 | Verification method and server |
-
2021
- 2021-03-25 CN CN202110319128.4A patent/CN113068178A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180337917A1 (en) * | 2017-05-17 | 2018-11-22 | Bank Of America Corporation | System for electronic authentication with live user determination |
| CN110166416A (en) * | 2018-03-29 | 2019-08-23 | 贵州国信通电子商务有限公司 | A method of it is assessed based on Internet authentication and credit |
| CN109905401A (en) * | 2019-03-22 | 2019-06-18 | 深圳市元征科技股份有限公司 | Real name identification method and terminal, server |
| CN112437428A (en) * | 2020-11-27 | 2021-03-02 | 中国联合网络通信集团有限公司 | Verification method and server |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114389893A (en) * | 2022-01-22 | 2022-04-22 | 重庆长安汽车股份有限公司 | Live video processing vehicle real-name authentication system and method and automobile |
| CN114745193A (en) * | 2022-04-25 | 2022-07-12 | 深圳市联洲国际技术有限公司 | Camera identity authentication method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9998922B2 (en) | Instant mobile device based capture and credentials issuance system | |
| US9548984B2 (en) | Authorizing a user by means of a portable communications terminal | |
| CN110326265B (en) | Method and apparatus for authentication of client | |
| US20120296818A1 (en) | Method for authorizing the activation of a spending card | |
| US10136307B2 (en) | Method for providing multi number service | |
| KR101970123B1 (en) | Dual channel identity authentication | |
| JP7204016B2 (en) | IDENTIFICATION METHOD AND ITS IDENTIFICATION AUTHENTICATION SYSTEM BASED ON BIOLOGICAL FEATURES | |
| CN105553928B (en) | Communication method, device and system based on biological feature recognition | |
| WO2018000885A1 (en) | Time card clocking method, device, system, mobile terminal and server | |
| CN113068178A (en) | Terminal authentication method and server | |
| KR101891781B1 (en) | Time and attendance management apparatus based on mac address verification and operating method thereof | |
| WO2018137309A1 (en) | Wireless communication processing method and device | |
| US10348723B2 (en) | Method for biometric recognition of a user amongst a plurality of registered users to a service, employing user localization information | |
| KR20190045486A (en) | Method for Managing Distributed Commuting Record | |
| CN113068155A (en) | Service provisioning method and server | |
| WO2022143160A1 (en) | Method for user identity recognition for multiple devices, and terminal device | |
| EP3864878B1 (en) | Method for accessing data or a service from a first user device and corresponding second user device, server and system | |
| CN113068189A (en) | Authentication method and server based on block chain | |
| EP3840322A1 (en) | Method to facilitate user authenticating in a wireless network | |
| CN108492214B (en) | Mobile terminal, server, management system and self-service check-in system | |
| KR20170069556A (en) | Automatic attendance and absence management server and control method thereof, and device and recording media for managing automatic attendance and absence | |
| CN107241318B (en) | Account loss reporting method and device | |
| KR102575351B1 (en) | Mobile Using NFC Function Conducting Certification and Method thereof | |
| KR102340398B1 (en) | Apparatus, system, and control method for access control | |
| CN111179480A (en) | Control method based on access control terminal and access control platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210702 |
|
| RJ01 | Rejection of invention patent application after publication |