CN113347179A - Authentication server, card authentication system, secret-free authentication method and system - Google Patents
Authentication server, card authentication system, secret-free authentication method and system Download PDFInfo
- Publication number
- CN113347179A CN113347179A CN202110606465.1A CN202110606465A CN113347179A CN 113347179 A CN113347179 A CN 113347179A CN 202110606465 A CN202110606465 A CN 202110606465A CN 113347179 A CN113347179 A CN 113347179A
- Authority
- CN
- China
- Prior art keywords
- authentication
- login request
- card
- secret
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 238000012545 processing Methods 0.000 claims description 9
- 230000004044 response Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013475 authorization Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 206010044565 Tremor Diseases 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012559 user support system Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Abstract
The application discloses an authentication server, a card authentication system, a secret-free authentication method and a secret-free authentication system, wherein the secret-free authentication method applied to the authentication server comprises the following steps: responding to a pre-login request of a client, and acquiring user information corresponding to the pre-login request; sending the user information to a card authentication system, so that the card authentication system judges whether the user information supports card authentication or not, and obtains a corresponding judgment result; sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result; and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication. The technical problem that the security of the secret-free authentication method in the prior art is poor is partially solved.
Description
Technical Field
The present application relates to the field of identity authentication, and in particular, to an authentication server, a card authentication system, a secret-free authentication method, and a secret-free authentication system.
Background
With the development of information technology, operator-based secret-free authentication has been applied to internet products (APPs such as jitters and headlines).
The secret-free authentication principle is as follows: the mobile terminal accesses the authentication server of the operator side through the mobile flow, and the user information is authenticated by the authentication server. Although the secret-free authentication method can achieve a certain authentication effect, the secret-free authentication method has potential safety hazards and poor safety.
Disclosure of Invention
The application provides an authentication server, a card authentication system, a secret-free authentication method and a secret-free authentication system, and partially solves the technical problem that the secret-free authentication method in the prior art is poor in safety.
In view of the above, a first aspect of the present application provides a secret-free authentication method applied to an authentication server, the method including:
responding to a pre-login request of a client, and acquiring user information corresponding to the pre-login request;
sending the user information to a card authentication system, so that the card authentication system judges whether the user information supports card authentication or not, and obtains a corresponding judgment result;
sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result;
and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication.
Optionally, the method further comprises:
and when the login request data is judged to be the format data corresponding to the authentication server, performing secret-free authentication according to the login request data.
Optionally, in response to a pre-login request of a client, obtaining user information corresponding to the pre-login request includes:
responding to a pre-login request of a client, and acquiring pre-authentication data sent by a gateway corresponding to the client;
and acquiring user information corresponding to the pre-login request from the pre-authentication data.
A second aspect of the present application provides a secret-free authentication method applied to a card authentication system, where the method includes:
acquiring user information sent by an authentication server, wherein the user information corresponds to a pre-login request of a client;
judging whether the user information supports card authentication or not to obtain a corresponding judgment result;
sending the judgment result to the client through the authentication server, so that the client determines login request data according to the judgment result;
and when the authentication server judges that the login request data is the format data corresponding to the card authentication system, receiving the login request data sent by the authentication server, and performing secret-free authentication.
Optionally, when the determination result is that authentication is supported, receiving the login request data sent by the authentication server, and performing secret-less authentication, the method further includes:
sending a card authentication request to a mobile phone card corresponding to the client, so that the mobile phone card outputs popup information for a user to confirm card authentication, and a card authentication result is obtained;
and receiving the card authentication result sent by the mobile phone card, and storing the card authentication result.
Optionally, the receiving the login request data sent by the authentication server, and performing a secret-free authentication specifically includes:
and performing secret-free authentication on the login request data according to the login request data and the card authentication result.
A third aspect of the present application provides an authentication server, comprising:
the device comprises an acquisition unit, a pre-login processing unit and a pre-login processing unit, wherein the acquisition unit is used for responding to a pre-login request of a client and acquiring user information corresponding to the pre-login request;
the first sending unit is used for sending the user information to a card authentication system, so that the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result;
the second sending unit is used for sending the judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result;
and the third sending unit is used for sending the login request data to the card authentication system for secret-free authentication when the login request data is judged to be the format data corresponding to the card authentication system.
A fourth aspect of the present application provides a card authentication system, including:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring user information sent by an authentication server, and the user information corresponds to a pre-login request of a client;
the judging unit is used for judging whether the user information supports card authentication or not to obtain a corresponding judging result;
the sending unit is used for sending the judgment result to the client through the authentication server so that the client determines login request data according to the judgment result;
and the receiving unit is used for receiving the login request data sent by the authentication server and carrying out secret-free authentication when the authentication server judges that the login request data is the format data corresponding to the card authentication system.
A fifth aspect of the present application provides a secret-free authentication system, including: an authentication server according to the third aspect and a card authentication system according to the fourth aspect;
the authentication server is used for responding to a pre-login request of a client, acquiring user information corresponding to the pre-login request and sending the user information to a card authentication system;
the card authentication system is used for judging whether the user information supports card authentication to obtain a corresponding judgment result, and is also used for sending the judgment result to the client through the authentication server to ensure that the client determines login request data according to the judgment result;
and the authentication server is also used for sending the login request data to the card authentication system for secret-free authentication when the login request data is judged to be the format data corresponding to the card authentication system.
Optionally, the authentication server is further configured to perform secret-free authentication according to the login request data when it is determined that the login request data is format data corresponding to the authentication server.
From the above technical method, the present application has the following advantages:
in the secret-free authentication method in the prior art, user information is transmitted to an authentication server after being accessed to a gateway through the traffic of a mobile terminal. At this time, if the first terminal to be authenticated without secret is connected to the traffic hotspot of the second terminal, when the first terminal accesses the authentication server, because the first terminal uses the traffic of the second terminal, the authentication server authenticates the first terminal as the second terminal, which may cause an access terminal identification error in practical application, and there is a case where the user information (i.e., silent number fetching) can be obtained by invoking the secret-free authentication capability without sensing without requiring user authorization.
Based on the above, after the pre-login request of the client is obtained, the user information corresponding to the pre-login request is obtained, and then the user information is sent to the card authentication system, and the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result; then, sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result; and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication. The card authentication is a security authentication service for providing card (mobile phone card) hardware for a user by an operator, and through a special authentication mode of the card authentication, terminal identification errors and silent number fetching during secret-free authentication are avoided, so that the technical problem of poor security of a secret-free authentication method in the prior art is partially solved.
Drawings
In order to more clearly illustrate the technical method in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings can be obtained by those skilled in the art without inventive labor.
Fig. 1 is a schematic flowchart illustrating a first embodiment of a secret-less authentication method according to an embodiment of the present application;
FIG. 2 is a schematic diagram illustrating card authentication according to an embodiment of the present disclosure;
fig. 3 is a flowchart illustrating a second embodiment of a secret-less authentication method according to an embodiment of the present application;
FIG. 4 is a pop-up interface for card authentication in an embodiment of the present application;
fig. 5 is a schematic structural diagram of an embodiment of an authentication server in the embodiment of the present application;
FIG. 6 is a schematic diagram of a card authentication system according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an embodiment of a privacy-free authentication system in an embodiment of the present application;
fig. 8 is a schematic diagram of an information transmission process of the privacy-free authentication system in the embodiment of the present application in the privacy-free authentication process.
Detailed Description
The embodiment of the application provides an authentication server, a card authentication system, a secret-free authentication method and a secret-free authentication system, and partially solves the technical problem that the secret-free authentication method in the prior art is poor in safety.
In order to make the method of the present application better understood, the technical method in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
To facilitate understanding, please refer to fig. 1, where fig. 1 is a schematic flowchart of a secret-free authentication method according to a first embodiment of the present application.
The secret-free authentication method in the embodiment is applied to an authentication server, and includes:
The client is a program corresponding to the server and providing local services for the user, such as a tremble, a microblog, a WeChat, and the like.
It can be understood that, in response to a pre-login request of a client, acquiring user information corresponding to the pre-login request specifically includes:
responding to a pre-login request of a client, and acquiring pre-authentication data sent by a gateway corresponding to the client;
and acquiring user information corresponding to the pre-login request from the pre-authentication data.
The pre-login request in the password-free authentication generally refers to a loading request of a client, when a user clicks the client, the client loads, the client sends the loading request to the gateway at the moment, after the gateway obtains the loading request, user information is added into the loading request to obtain pre-authentication data, and the authentication server analyzes the pre-authentication data to obtain the user information corresponding to the pre-login request. It is understood that the user information may be a mobile phone number.
And 102, sending the user information to a card authentication system, so that the card authentication system judges whether the user information supports card authentication, and obtains a corresponding judgment result.
And after obtaining the user information, the authentication server sends the user information to a card authentication system, and the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result.
And 103, sending the judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result.
And after obtaining a judgment result of whether the user information supports card authentication, the card authentication system sends the judgment result to the authentication server, and the authentication server sends the judgment result to the client so that the client determines login request data during login according to the judgment result.
It will be appreciated that in one embodiment, the manner in which the client determines the login request data may be: and sending the specific judgment result of the authentication server and the login request data corresponding to the judgment result to the client, and directly obtaining the login request data from the obtained data by the client. In another embodiment, the client is preset with a corresponding relationship between the determination result and the login request data, and after the authentication server sends a specific determination result, the client specifically determines the login request data corresponding to the determination result based on the determination result and the corresponding relationship.
It can be understood that, when the determination result is that the authentication is supported, the corresponding login request data is the unique serial number identifier (i.e., seqid) of the authentication request data, and when the determination result is that the authentication is not supported, the corresponding login request data is the authentication authorization code (accesscode).
And step 104, when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication.
As shown in fig. 2, the card authentication is: when a user uses the shortcut authentication application to perform identity authentication on a terminal, the user inputs a mobile phone number in an interface (if the number is known, the mobile phone number does not need to be input), a login or payment confirmation button is clicked, the terminal receives a popup window, and the user clicks the confirmation to finish login or payment. If the quick authentication application needs a password, the user needs to input the password first, and after the password passes the verification, the user confirms login or payment. That is, card authentication requires interaction based on a mobile phone card and a user, and silent number fetching and terminal identification errors are avoided through the interaction.
And 105, when the login request data is judged to be the format data corresponding to the authentication server, performing secret-free authentication according to the login request data.
In the embodiment, after a pre-login request of a client is obtained, user information corresponding to the pre-login request is obtained, and then the user information is sent to a card authentication system, and the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result; then, sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result; and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication. The card authentication is a security authentication service for providing card (mobile phone card) hardware for a user by an operator, and through a special authentication mode of the card authentication, terminal identification errors and silent number fetching during secret-free authentication are avoided, so that the technical problem of poor security of a secret-free authentication method in the prior art is partially solved.
The foregoing is a first embodiment of a secret-less authentication method provided in the embodiments of the present application, and the following is a second embodiment of a secret-less authentication method provided in the embodiments of the present application.
Referring to fig. 3, fig. 3 is a flowchart illustrating a second embodiment of a secret-free authentication method according to the present application.
The secret-free authentication method in the embodiment is applied to a card authentication system, and comprises the following steps:
It should be noted that step 301 is similar to the description of step 101 in the first embodiment, and reference may be specifically made to the description of step 101, which is not repeated herein.
It should be noted that step 302 is similar to the description of step 102 in the first embodiment, and reference may be specifically made to the description of step 102, which is not repeated herein.
And step 303, sending the judgment result to the client through the authentication server, so that the client determines login request data according to the judgment result.
It should be noted that the description of step 303 is the same as that of step 103 in the first embodiment, and specifically, reference may be made to the description of step 103, and details are not described here.
And step 304, sending a card authentication request to a mobile phone card corresponding to the client, so that the mobile phone card outputs popup information for a user to confirm card authentication, and a card authentication result is obtained.
It is understood that the card authentication popup interface of the card authentication system during the secret-less authentication may be specifically as shown in fig. 4.
And 305, receiving a card authentication result sent by the mobile phone card, and storing the card authentication result.
And step 306, when the authentication server judges that the login request data is the format data corresponding to the card authentication system, performing secret-free authentication on the login request data according to the login request data and the card authentication result.
In the embodiment, after a pre-login request of a client is obtained, user information corresponding to the pre-login request is obtained, and then the user information is sent to a card authentication system, and the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result; then, sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result; and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication. The card authentication is a security authentication service for providing card (mobile phone card) hardware for a user by an operator, and through a special authentication mode of the card authentication, terminal identification errors and silent number fetching during secret-free authentication are avoided, so that the technical problem of poor security of a secret-free authentication method in the prior art is partially solved.
The second embodiment of the secret-less authentication method provided in the embodiments of the present application is as follows.
Referring to fig. 5, fig. 5 is a schematic structural diagram of an embodiment of an authentication server according to the present application.
The authentication server in this embodiment includes:
an obtaining unit 501, configured to respond to a pre-login request of a client, and obtain user information corresponding to the pre-login request;
a first sending unit 502, configured to send the user information to the card authentication system, so that the card authentication system determines whether the user information supports card authentication, and obtains a corresponding determination result;
a second sending unit 503, configured to send the determination result sent by the card authentication system to the client, so that the client determines login request data according to the determination result;
a third sending unit 504, configured to send the login request data to the card authentication system for secret-less authentication when it is determined that the login request data is format data corresponding to the card authentication system.
Further, the authentication server in this embodiment further includes an authentication unit, where the authentication unit is configured to perform secret-less authentication according to the login request data when it is determined that the login request data is the format data corresponding to the authentication server.
The obtaining unit 501 specifically includes:
the first acquiring subunit is used for responding to a pre-login request of the client and acquiring pre-authentication data sent by a gateway corresponding to the client;
and the second obtaining subunit is used for obtaining the user information corresponding to the pre-login request from the pre-authentication data.
In the embodiment, after a pre-login request of a client is obtained, user information corresponding to the pre-login request is obtained, and then the user information is sent to a card authentication system, and the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result; then, sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result; and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication. The card authentication is a security authentication service for providing card (mobile phone card) hardware for a user by an operator, and through a special authentication mode of the card authentication, terminal identification errors and silent number fetching during secret-free authentication are avoided, so that the technical problem of poor security of a secret-free authentication method in the prior art is partially solved.
The above is an embodiment of an authentication server provided in the present application, and the following is an embodiment of a card authentication system provided in the present application.
Referring to fig. 6, fig. 6 is a schematic structural diagram of an embodiment of a card authentication system according to an embodiment of the present application.
The card authentication system in the present embodiment includes:
an obtaining unit 601, configured to obtain user information sent by an authentication server, where the user information corresponds to a pre-login request of a client;
a determining unit 602, configured to determine whether the user information supports card authentication, and obtain a corresponding determination result;
a sending unit 603, configured to send the determination result to the client through the authentication server, so that the client determines login request data according to the determination result;
a receiving unit 604, configured to receive the login request data sent by the authentication server and perform the secret-less authentication when the authentication server determines that the login request data is the format data corresponding to the card authentication system.
Further, the card authentication system in this embodiment further includes:
the transmission unit is used for sending a card authentication request to a mobile phone card corresponding to the client, so that the mobile phone card outputs popup information for a user to confirm card authentication, and a card authentication result is obtained;
and the receiving unit is used for receiving the card authentication result sent by the mobile phone card and storing the card authentication result.
Receiving login request data sent by an authentication server, and performing secret-free authentication, specifically comprising:
and performing secret-free authentication on the login request data according to the login request data and the card authentication result.
In the embodiment, after a pre-login request of a client is obtained, user information corresponding to the pre-login request is obtained, and then the user information is sent to a card authentication system, and the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result; then, sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result; and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication. The card authentication is a security authentication service for providing card (mobile phone card) hardware for a user by an operator, and through a special authentication mode of the card authentication, terminal identification errors and silent number fetching during secret-free authentication are avoided, so that the technical problem of poor security of a secret-free authentication method in the prior art is partially solved.
The above is an embodiment of a card authentication system provided in the present application, and the following is an embodiment of a secret-less authentication system provided in the present application.
Referring to fig. 7, fig. 7 is a schematic structural diagram of an embodiment of a privacy-free authentication system in the embodiment of the present application.
The secret-free authentication system in this embodiment includes: the authentication server 701 and the card authentication system 702 in the above embodiments;
the authentication server 701 is configured to respond to a pre-login request of a client, acquire user information corresponding to the pre-login request, and send the user information to the card authentication system 702;
the card authentication system 702 is configured to determine whether the user information supports card authentication, obtain a corresponding determination result, and send the determination result to the client through the authentication server 701, so that the client determines login request data according to the determination result;
the authentication server 701 is further configured to send the login request data to the card authentication system 702 for secret-less authentication when it is determined that the login request data is the format data corresponding to the card authentication system 702.
Furthermore, the authentication server 701 is further configured to perform secret-less authentication according to the login request data when it is determined that the login request data is the format data corresponding to the authentication server 701.
It can be understood that, taking a telecom operator as an example, information transmission of the secret-less authentication system in the present embodiment in the secret-less authentication process is described, specifically as shown in fig. 8:
1. the client (e.g., jittering tone) loads the pre-authentication logic and sends a pre-login request to the telecom authentication server for authentication.
2. The pre-login request passes through a gateway at the operator side, and the gateway adds the mobile phone number of the user in the pre-login request to obtain pre-authentication data.
3. The telecommunication authentication server analyzes the pre-authentication data to obtain the mobile phone number of the user.
4. The telecommunication authentication server sends the mobile phone number of the user to the authentication card system, and the request card authentication system inquires whether the mobile phone number of the user supports card authentication.
5. The card authentication system judges whether the user mobile phone number supports card authentication or not, obtains a corresponding judgment result, and sends the judgment result to the authentication server, wherein the judgment result sent when the user mobile phone number supports is 10001, and the judgment result sent when the user mobile phone number does not support is 10000.
And 5A, the user mobile phone number supports card authentication, the card authentication system sends a card authentication message to the mobile phone card, and the mobile phone card pops up to allow the user to confirm after receiving the message.
And 5B, the mobile phone card returns the card authentication result to the card authentication system after the user confirms, and the card authentication system stores the card authentication result.
6. The telecommunication authentication server executes authentication logic according to the judgment result, returns 10001 and seqid to the client if the user mobile phone number supports card authentication, and returns 10000 and accesscode to the client if the user mobile phone number does not support card authentication.
7. If the authentication code received by the client is 10001, performing secret-free authentication of the 7A process through seqid; and if the authentication code received by the client is 10000, performing the secret-free authentication of the 7B flow through the accesscode.
It should be understood that the specific data form of the determination result for sending and the data form of the login request data are only schematic illustrations, and those skilled in the art may make other settings with reference to this description, which is not repeated and limited herein.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The terms "first," "second," "third," "fourth," and the like in the description of the application and the above-described figures, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that in the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" for describing an association relationship of associated objects, indicating that there may be three relationships, e.g., "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
In the several embodiments provided in the present application, it should be understood that the disclosed system, commodity loading server and method may be implemented in other ways. For example, the above-described embodiments of the merchandise loading server are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when the actual implementation is performed, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed coupling or direct coupling or communication connection between each other may be an indirect coupling or communication connection through some interfaces, commodity loading server or unit, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.
Claims (10)
1. A secret-free authentication method is applied to an authentication server, and comprises the following steps:
responding to a pre-login request of a client, and acquiring user information corresponding to the pre-login request;
sending the user information to a card authentication system, so that the card authentication system judges whether the user information supports card authentication or not, and obtains a corresponding judgment result;
sending a judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result;
and when the login request data is judged to be the format data corresponding to the card authentication system, sending the login request data to the card authentication system for secret-free authentication.
2. The secret-less authentication method according to claim 1, further comprising:
and when the login request data is judged to be the format data corresponding to the authentication server, performing secret-free authentication according to the login request data.
3. The secret-free authentication method of claim 1, wherein in response to a pre-login request of a client, obtaining user information corresponding to the pre-login request specifically comprises:
responding to a pre-login request of a client, and acquiring pre-authentication data sent by a gateway corresponding to the client;
and acquiring user information corresponding to the pre-login request from the pre-authentication data.
4. A secret-free authentication method is applied to a card authentication system, and comprises the following steps:
acquiring user information sent by an authentication server, wherein the user information corresponds to a pre-login request of a client;
judging whether the user information supports card authentication or not to obtain a corresponding judgment result;
sending the judgment result to the client through the authentication server, so that the client determines login request data according to the judgment result;
and when the authentication server judges that the login request data is the format data corresponding to the card authentication system, receiving the login request data sent by the authentication server, and performing secret-free authentication.
5. The secret-less authentication method according to claim 4, wherein when the determination result is that authentication is supported, the login request data sent by the authentication server is received, and secret-less authentication is performed, and the secret-less authentication method further comprises:
sending a card authentication request to a mobile phone card corresponding to the client, so that the mobile phone card outputs popup information for a user to confirm card authentication, and a card authentication result is obtained;
and receiving the card authentication result sent by the mobile phone card, and storing the card authentication result.
6. The secret-free authentication method of claim 4, wherein receiving the login request data sent by the authentication server and performing secret-free authentication specifically comprises:
and performing secret-free authentication on the login request data according to the login request data and the card authentication result.
7. An authentication server, comprising:
the device comprises an acquisition unit, a pre-login processing unit and a pre-login processing unit, wherein the acquisition unit is used for responding to a pre-login request of a client and acquiring user information corresponding to the pre-login request;
the first sending unit is used for sending the user information to a card authentication system, so that the card authentication system judges whether the user information supports card authentication or not to obtain a corresponding judgment result;
the second sending unit is used for sending the judgment result sent by the card authentication system to the client, so that the client determines login request data according to the judgment result;
and the third sending unit is used for sending the login request data to the card authentication system for secret-free authentication when the login request data is judged to be the format data corresponding to the card authentication system.
8. A card authentication system, comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring user information sent by an authentication server, and the user information corresponds to a pre-login request of a client;
the judging unit is used for judging whether the user information supports card authentication or not to obtain a corresponding judging result;
the sending unit is used for sending the judgment result to the client through the authentication server so that the client determines login request data according to the judgment result;
and the receiving unit is used for receiving the login request data sent by the authentication server and carrying out secret-free authentication when the authentication server judges that the login request data is the format data corresponding to the card authentication system.
9. A privacy-free authentication system, comprising: the authentication server according to claim 7 and the card authentication system according to claim 8;
the authentication server is used for responding to a pre-login request of a client, acquiring user information corresponding to the pre-login request and sending the user information to a card authentication system;
the card authentication system is used for judging whether the user information supports card authentication to obtain a corresponding judgment result, and is also used for sending the judgment result to the client through the authentication server to ensure that the client determines login request data according to the judgment result;
and the authentication server is also used for sending the login request data to the card authentication system for secret-free authentication when the login request data is judged to be the format data corresponding to the card authentication system.
10. The system according to claim 9, wherein the authentication server is further configured to perform the secret-less authentication according to the login request data when it is determined that the login request data is the format data corresponding to the authentication server.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110606465.1A CN113347179A (en) | 2021-05-28 | 2021-05-28 | Authentication server, card authentication system, secret-free authentication method and system |
| PCT/CN2022/094821 WO2022247842A1 (en) | 2021-05-28 | 2022-05-25 | Authentication server, card authentication system, and password-free authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110606465.1A CN113347179A (en) | 2021-05-28 | 2021-05-28 | Authentication server, card authentication system, secret-free authentication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113347179A true CN113347179A (en) | 2021-09-03 |
Family
ID=77473828
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110606465.1A Pending CN113347179A (en) | 2021-05-28 | 2021-05-28 | Authentication server, card authentication system, secret-free authentication method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN113347179A (en) |
| WO (1) | WO2022247842A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113890765A (en) * | 2021-10-28 | 2022-01-04 | 中国电信股份有限公司 | Secret-free authentication method, system and storage medium for internet application |
| WO2022247842A1 (en) * | 2021-05-28 | 2022-12-01 | 天翼数字生活科技有限公司 | Authentication server, card authentication system, and password-free authentication method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106453199A (en) * | 2015-08-06 | 2017-02-22 | 中国电信股份有限公司 | Unified authentication method and system based on subscriber identity module card |
| WO2019092046A1 (en) * | 2017-11-09 | 2019-05-16 | Yoti Holding Limited | Secure electronic payment |
| CN111031539A (en) * | 2019-09-30 | 2020-04-17 | 武汉信安珞珈科技有限公司 | Method and system for enhancing login security of Windows operating system based on mobile terminal |
| CN111654468A (en) * | 2020-04-29 | 2020-09-11 | 平安国际智慧城市科技股份有限公司 | Secret-free login method, device, equipment and storage medium |
| CN112312391A (en) * | 2019-07-26 | 2021-02-02 | 中国电信股份有限公司 | Authentication method, system and related equipment |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140165170A1 (en) * | 2012-12-10 | 2014-06-12 | Rawllin International Inc. | Client side mobile authentication |
| CN106790251B (en) * | 2017-01-24 | 2020-05-05 | 中国联合网络通信集团有限公司 | User access method and user access system |
| CN109688133B (en) * | 2018-12-26 | 2020-11-06 | 恒宝股份有限公司 | Communication method based on account login free |
| CN113347179A (en) * | 2021-05-28 | 2021-09-03 | 世纪龙信息网络有限责任公司 | Authentication server, card authentication system, secret-free authentication method and system |
-
2021
- 2021-05-28 CN CN202110606465.1A patent/CN113347179A/en active Pending
-
2022
- 2022-05-25 WO PCT/CN2022/094821 patent/WO2022247842A1/en unknown
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106453199A (en) * | 2015-08-06 | 2017-02-22 | 中国电信股份有限公司 | Unified authentication method and system based on subscriber identity module card |
| WO2019092046A1 (en) * | 2017-11-09 | 2019-05-16 | Yoti Holding Limited | Secure electronic payment |
| CN112312391A (en) * | 2019-07-26 | 2021-02-02 | 中国电信股份有限公司 | Authentication method, system and related equipment |
| CN111031539A (en) * | 2019-09-30 | 2020-04-17 | 武汉信安珞珈科技有限公司 | Method and system for enhancing login security of Windows operating system based on mobile terminal |
| CN111654468A (en) * | 2020-04-29 | 2020-09-11 | 平安国际智慧城市科技股份有限公司 | Secret-free login method, device, equipment and storage medium |
Non-Patent Citations (4)
| Title |
|---|
| 亿美EMAY: "一文读懂!一键登录的适用范围、", 《CSDN》 * |
| 辉哥: "APP 新用户注册、手机号绑定、用", 《CSDN》 * |
| 辉哥: "一次性说清楚秒验(本机号码一键", 《CSDN》 * |
| 郭茂文等: "运营商发展统一账号认证业务技术方案", 《电信科学》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022247842A1 (en) * | 2021-05-28 | 2022-12-01 | 天翼数字生活科技有限公司 | Authentication server, card authentication system, and password-free authentication method and system |
| CN113890765A (en) * | 2021-10-28 | 2022-01-04 | 中国电信股份有限公司 | Secret-free authentication method, system and storage medium for internet application |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022247842A1 (en) | 2022-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105827600B (en) | Method and device for logging in client | |
| US20190130381A1 (en) | Systems and Methods for Facilitating Card Present Transactions | |
| US10861000B2 (en) | Method, system, and apparatus for application loading | |
| CN107623690B (en) | Login method, device and storage medium | |
| US20140090045A1 (en) | Systems and methods for facilitating login aid functionality in mobile commerce | |
| US20120089521A1 (en) | Method and apparatus for billing purchases from a mobile phone application | |
| CN109257321B (en) | Secure login method and device | |
| EP2619717A1 (en) | Two phase payment link and authorization for mobile devices | |
| CN104348802A (en) | Quick registration method, device, and system, cell phone, and register server | |
| CN113347179A (en) | Authentication server, card authentication system, secret-free authentication method and system | |
| US20170202040A1 (en) | Dongle device for automatic pairing to a local device | |
| CN108990047B (en) | Test method, device and medium for subscription relationship management data preparation platform | |
| US20140172532A1 (en) | Optimal utilization of coupons | |
| CN108809969B (en) | Authentication method, system and device | |
| CN113179282A (en) | Method and device for merging account numbers and server | |
| CN110909330A (en) | Vehicle networking platform authorization method, device, equipment and storage medium | |
| TWI619042B (en) | System and method for online transaction security, SIM card, mobile phone and online transaction system realized by the method | |
| WO2020037013A2 (en) | System and method for automatically registering a verified identity in an on-line environment | |
| JP5978325B2 (en) | One-time authentication system, one-time authentication method, authentication server, portable terminal, and one-time authentication program | |
| JP2024033200A (en) | Information processing device, information processing method, and program | |
| CN115829556A (en) | Payment method, device, apparatus, medium and product | |
| CN111930535B (en) | Application function calling method and device, computer equipment and storage medium | |
| CN115018612A (en) | Business processing method and device based on bank counter | |
| KR102114032B1 (en) | Controlling method and apparatus of credit authorization terminal using router | |
| CN105721404B (en) | Method for processing business and its device based on computer system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20211215 Address after: Room 1423, No. 1256 and 1258, Wanrong Road, Jing'an District, Shanghai 200040 Applicant after: Tianyi Digital Life Technology Co.,Ltd. Address before: 1 / F and 2 / F, East Garden, Huatian International Plaza, 211 Longkou Middle Road, Tianhe District, Guangzhou, Guangdong 510000 Applicant before: Century Dragon Information Network Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210903 |