CN113704826A

CN113704826A - Privacy protection-based business risk detection method, device and equipment

Info

Publication number: CN113704826A
Application number: CN202111069841.4A
Authority: CN
Inventors: 朱丙营; 文军; 林冠辰; 辛知; 万小飞
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2021-09-13
Filing date: 2021-09-13
Publication date: 2021-11-26

Abstract

The embodiment of the specification discloses a service risk detection method, a device and equipment based on privacy protection, wherein the method is applied to terminal equipment, a Trusted Execution Environment (TEE) is arranged in the terminal equipment, and the method comprises the following steps: acquiring a service processing request initiated by a target user for a preset target service through a target application in terminal equipment; the method comprises the steps that privacy data required by executing service processing of target services are obtained through a first trusted program on terminal equipment, and the obtained privacy data are transmitted to a TEE; in a trusted execution environment of the TEE, performing service risk detection on a target service corresponding to a service processing request initiated by a target user based on the acquired private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user; and transmitting the service risk detection result to the target application, and determining whether to execute the target service corresponding to the service processing request or not through the target application based on the service risk detection result.

Description

Privacy protection-based business risk detection method, device and equipment

Technical Field

The present document relates to the field of computer technologies, and in particular, to a method, an apparatus, and a device for detecting a business risk based on privacy protection.

Background

With the continuous development of the internet and terminal technology, people increasingly rely on terminal equipment in work and life, people use the terminal equipment to store personal important information, and can use the terminal equipment to process various important services (such as financial services or instant messaging services) and the like, so that a lot of personal privacy data exist in the terminal equipment. With the continuous emphasis on the security of personal private data and the continuous improvement of data security laws and regulations, the collection and use of personal private data are strictly limited, and therefore, a technical scheme that the service risk of the terminal device can be identified while the user private data is protected needs to be provided.

Disclosure of Invention

The embodiment of the specification aims to provide a technical scheme for protecting user privacy data and identifying service risks of terminal equipment.

In order to implement the above technical solution, the embodiments of the present specification are implemented as follows:

the service risk detection method based on privacy protection provided by the embodiment of the present specification is applied to a terminal device, where a trusted execution environment TEE is provided in the terminal device, and the method includes: and acquiring a service processing request initiated by a target user for a preset target service through a target application in the terminal equipment. And acquiring privacy data required by executing the service processing of the target service through a first trusted program which is used for executing the service processing of the target service and is arranged on the terminal equipment, and transmitting the acquired privacy data to the TEE. And in the trusted execution environment of the TEE, performing service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user. And transmitting the service risk detection result to the target application, and determining whether to execute the target service corresponding to the service processing request or not through the target application based on the service risk detection result.

An embodiment of this specification provides a business risk detection device based on privacy protection, be provided with trusted execution environment TEE in the device, the device includes: and the service processing request module is used for acquiring a service processing request initiated by a target user aiming at a preset target service through a target application in the device. And the private data transmission module is used for acquiring private data required by executing the service processing of the target service through a first trusted program which is used for executing the service processing of the target service and is arranged on the device, and transmitting the acquired private data to the TEE. And the risk detection module is used for carrying out service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired private data in the trusted execution environment of the TEE to obtain a service risk detection result corresponding to the service processing request initiated by the target user. And the service processing module is used for transmitting the service risk detection result to the target application and determining whether to execute the target service corresponding to the service processing request or not through the target application based on the service risk detection result.

An embodiment of the present specification provides a business risk detection device based on privacy protection, a trusted execution environment TEE is provided in the business risk detection device based on privacy protection, including: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to: and acquiring a service processing request initiated by a target user for a preset target service through a target application in the equipment. And acquiring privacy data required by executing the service processing of the target service through a first trusted program used for executing the service processing of the target service on the equipment, and transmitting the acquired privacy data to the TEE. And in the trusted execution environment of the TEE, performing service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user. And transmitting the service risk detection result to the target application, and determining whether to execute the target service corresponding to the service processing request or not through the target application based on the service risk detection result.

Embodiments of the present specification also provide a storage medium, where the storage medium is used to store computer-executable instructions, and the executable instructions, when executed, implement the following processes: and acquiring a service processing request initiated by a target user for a preset target service through a target application in the terminal equipment. And acquiring privacy data required by executing the service processing of the target service through a first trusted program used for executing the service processing of the target service on the terminal equipment, and transmitting the acquired privacy data to a TEE (trusted external equipment) of the terminal equipment. And in the trusted execution environment of the TEE, performing service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user. And transmitting the service risk detection result to the target application, and determining whether to execute the target service corresponding to the service processing request or not through the target application based on the service risk detection result.

Drawings

In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present specification, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.

Fig. 1 is a diagram illustrating an embodiment of a privacy protection-based business risk detection method according to the present disclosure;

FIG. 2 is a schematic illustration of a transfer page of the present description;

FIG. 3 is a schematic diagram of a privacy protection-based business risk detection process according to the present disclosure;

FIG. 4 is a diagram illustrating another embodiment of a privacy protection-based business risk detection method according to the present disclosure;

FIG. 5 is a block diagram illustrating another embodiment of a method for detecting business risk based on privacy protection;

FIG. 6 is a schematic diagram illustrating an embodiment of a privacy protection-based business risk detection apparatus according to the present disclosure;

fig. 7 is an embodiment of a service risk detection device based on privacy protection according to the present disclosure.

Detailed Description

The embodiment of the specification provides a method, a device and equipment for detecting business risks based on privacy protection.

In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step should fall within the scope of protection of the present specification.

Example one

As shown in fig. 1, an Execution subject of the method may be a terminal device, where the terminal device may be provided with a trusted Execution environment tee (trusted Execution environment), the trusted Execution environment may be implemented by a program written in a predetermined programming language (that is, may be implemented in a form of software), or may be implemented in a form of software and hardware, and the terminal device may be a mobile terminal device such as a mobile phone, a tablet computer, or an apparatus such as a personal computer or a notebook computer. The method may specifically comprise the steps of:

in step S102, a service processing request initiated by a target user for a preset target service through a target application in a terminal device is obtained.

The target user may be any user, specifically, an owner of the current terminal device, or only a user of the current terminal device. The target application may be any application program, and in this embodiment of the present specification, the target application may be an application program that provides a specified business service to a user, for example, the target application may be an application program corresponding to a certain financial business, an application program corresponding to a certain instant messaging business, or the like, and may be specifically set according to an actual situation. The target service may be any service, for example, a service related to finance (specifically, a transfer service, a payment service, and the like), or an instant messaging service, or a service related to online shopping, and the like, which may be set according to an actual situation, and this is not limited in this embodiment of the specification. The service processing request may include related information of the target application (e.g., an identifier, version information, current time, etc. of the target application), related information of the target service (e.g., an identifier of the target service, a service type of the target service, a trigger manner, etc.), and other related information (e.g., current location information, IP address information, etc.), which may be specifically set according to an actual situation, and this is not limited in this embodiment of the specification.

In implementation, with the continuous development of internet and terminal technology, people rely on terminal devices more and more in work and life, people use the terminal devices to store important personal information, and can use the terminal devices to process various important services (such as financial services or instant messaging services) and the like, so that a lot of personal privacy data exist in the terminal devices. With the continuous emphasis on the security of personal private data and the continuous improvement of data security laws and regulations, the collection and use of personal private data are strictly limited, and therefore, a technical scheme that the service risk of the terminal device can be identified while the user private data is protected needs to be provided. The embodiment of the present specification provides an implementable technical solution, which may specifically include the following contents:

the user (i.e. the target user) may register in advance on the transaction platform, the financial service platform, the instant messaging service platform, or the like, in the actual application, the user may not need to register in advance on the platform, in addition, the user may perform processing such as binding on an account to be used on the platform in advance, the platform may be provided with an application program (i.e. the target application) providing a corresponding service, and the target application may provide a plurality of different service services for the user. When a target user needs to execute a certain service (i.e., a target service), the target application installed in the terminal device may be started, the trigger mode of the target service may be found in the target application, and then, the target service may be triggered to be executed through the trigger mode.

The terminal device may obtain data related to a target service, and may load the data into a page of a target application, as shown in fig. 2, the page may be a transfer page, where the page may include an input box of an account password, and the like, and the target user may input the password of an account number in the input box, and after the input is completed, the terminal device may obtain information input by the target user, and may obtain other related information (such as currently logged-in account information, an IP address, and user identity information), may generate a service processing request of the target service based on the obtained information, and may then output the service processing request to a designated output interface of the target application through the target application.

For example, when a user needs to perform a transaction service, the target application may be started to log in a service platform corresponding to the transaction service, and related information of the transaction service, such as related information of a transaction object (e.g., name, number, etc. of the transaction object) and transaction time, may be found in the service platform, and then, the user may select the related information of the transaction service through the corresponding target application, and after the selection is completed, the target application may provide a payment page, and the target user may input a payment password, a payment account, and other related information, and after the input is completed, the target application may generate a service processing request for the transaction service based on the related information, and may submit the service processing request to a designated output interface of the target application.

In step S104, the private data required for performing the service processing of the target service is acquired by the first trusted program for performing the service processing of the target service on the terminal device, and the acquired private data is transferred to the TEE.

The TEE may be a trusted execution environment, and may be implemented by a program written in a predetermined programming language (i.e., may be implemented in the form of software), or may be implemented in the form of software and hardware. The trusted execution environment of the TEE may be a data processing environment that is secure and isolated from other environments, i.e., processes performed in the trusted execution environment, and data generated during data processing, etc., may not be accessible to other execution environments or applications outside of the trusted execution environment. The trusted execution environment of the TEE may be implemented by creating a small operating system that can run independently in a trusted zone (e.g., TrustZone, etc.), and the TEE may provide services directly in the form of system calls (e.g., handled directly by the TrustZone kernel). The terminal device may include an REE (rich execution environment) and a TEE, an operating system installed in the terminal device may be run under the REE, such as an Android operating system, an iOS operating system, a Windows operating system, a Linux operating system, and the like, and the REE may have characteristics of strong function, good openness and extensibility, and may provide all functions of the terminal device, such as a camera function, a touch function, and the like, for an upper application program. The TEE has its own execution space, that is, there is an operating system under the TEE, the TEE has a higher security level than the REE, software and hardware resources in the terminal equipment which can be accessed by the TEE are separated from the REE, but the TEE can directly acquire the information of the REE, and the REE cannot acquire the information of the TEE. The TEE can perform authentication and other processing through the provided interface, so that user information (such as payment information, user privacy data and the like) cannot be tampered, passwords cannot be hijacked, and information such as fingerprints or faces cannot be stolen. The first trusted program may be a pre-specified trusted program that may be used to perform service processing of a target service, where the first trusted program may be an application program different from a target application, and the first trusted program may be a program that needs to be installed in a terminal device, a code program (which may be set in an REE or in a TEE) that is pre-embedded in some hardware device of the terminal device, a program that is set in a plug-in form in a background of an operating system of the terminal device and runs, and the program may be specifically set according to an actual situation. The privacy data required for performing the service processing of the target service may include various types, such as identity characteristic information of the target user (specifically, biometric information of the target user (for example, the biometric information may include one or more of facial characteristic information, fingerprint characteristic information, palm print characteristic information, iris characteristic information, heart rate characteristic information, and voiceprint characteristic information), name of the target user, number of a designated certificate, and the like), device information of the terminal device (for example, MAC address, IMEI code, and the like of the terminal device), and other required information, and may be set according to practical situations, which is not limited by the embodiments of the present specification.

In an implementation, in order to ensure security of private data required for performing business processing of a target business and prevent the private data from being acquired by any application program in the REE, a trusted program (i.e., a first trusted program) for performing business processing of the target business may be provided, and the private data may be temporarily protected by the first trusted program, for example, data protection may be performed by preventing unauthorized other application programs from accessing the private data, or data protection may be performed by performing predetermined processing on the private data to obtain processed private data, for example, encrypting or signing the private data to obtain encrypted or signed private data. As shown in fig. 3, after a service processing request initiated by a target user for a target service through a target application is obtained, a terminal device may determine, through related information of a current service scenario, whether service risk detection is required, and a service scenario decision is completed, and if service risk detection is required, the terminal device may start a first trusted program for executing service processing of the target service, and may obtain, through the first trusted program, privacy data required for executing service processing of the target service. The first trusted program may be preset with a security interface, and correspondingly, the TEE of the terminal device may also be provided with a corresponding security interface, and a secure data transmission channel may be established between the first trusted program and the TEE through the security interface between the first trusted program and the TEE. The first trusted program can transmit the acquired private data to the TEE of the terminal device through the secure interface and the data transmission channel, and the security of the private data in the transmission process can be guaranteed through the setting of the first trusted program, the secure interface, the data transmission channel and the like.

It should be noted that the first trusted program may also include multiple types, and the corresponding first trusted program may be set according to a service type or a service identifier of a target service, or may also be set according to data content or a data type of private data, or may also be set according to a difference between target users.

In step S106, in the trusted execution environment of the TEE, performing service risk detection on the target service corresponding to the service processing request initiated by the target user based on the obtained private data, so as to obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In implementation, after the corresponding private data is obtained in the above manner and is transmitted to the TEE, in order to perform service risk detection on the target service corresponding to the service processing request initiated this time, relevant information may be extracted from the service processing request, and the extracted relevant information may be transmitted to the TEE through the first trusted program. Then, as shown in fig. 3, the extracted related information may be compared with the obtained private data in a trusted execution environment of the TEE, and if the two are matched or the matching degree of the two is higher than a first preset threshold, it may be indicated that the service risk existing when the target user executes the target service is small, at this time, it may be indicated that the service risk detection result corresponding to the service processing request initiated by the target user is small, and if the two are not matched or the matching degree of the two is lower than a second preset threshold, it may be indicated that the service risk existing when the target user executes the target service is large, at this time, it may be indicated that the service risk detection result corresponding to the service processing request initiated by the target user is large.

It should be noted that the foregoing manner is only one optional processing manner, and in practical applications, a variety of different implementation manners may also be included, which may be specifically set according to practical situations, and the embodiments of this specification are not described herein again.

In step S108, the service risk detection result is transmitted to the target application, and the target application determines whether to execute the target service corresponding to the service processing request based on the service risk detection result.

In implementation, as shown in fig. 3, after the service risk detection result is obtained in the foregoing manner, the service risk detection result may be transmitted to a target application, in an actual application, because the service risk detection result often does not include the above-mentioned private data, the service risk detection result may be directly transmitted to the target application by the TEE, or the service risk detection result may also be obtained from the TEE by a first trusted program, and then the service risk detection result is transmitted to the target application by the first trusted program, and the target application may determine whether to execute a target service corresponding to the service processing request based on the service risk detection result, specifically, if the service risk detection result is that the service risk is small, the target application may continue a subsequent processing process of the target service corresponding to the service processing request, and if the service risk detection result is that the service risk is large, the target application may send a prompt message for rejecting execution of the target service to the target user, where the prompt message may include a reason for rejecting execution of the target service, a manner for prompting the target user to re-initiate the target service, and the like, which may be specifically set according to an actual situation, and this is not limited in this embodiment of the specification.

An embodiment of the present specification provides a service risk detection method based on privacy protection, which is applied to a terminal device, where a trusted execution environment TEE is set in the terminal device, and when a service processing request initiated by a target user for a preset target service through a target application in the terminal device is obtained, private data required for performing service processing of the target service is obtained through a first trusted program for performing service processing of the target service on the terminal device, and the obtained private data is transmitted to the TEE, then, in the trusted execution environment of the TEE, service risk detection is performed on the target service corresponding to the service processing request initiated by the target user based on the obtained private data, a service risk detection result corresponding to the service processing request initiated by the target user is obtained, the service risk detection result is transmitted to the target application, and whether to execute the target service corresponding to the service processing request is determined based on the service risk detection result through the target application Therefore, in the mode, in the process of wind control processing of a service scene, the application program of a third party does not directly acquire and process any privacy data related to the user and the terminal, but processes the privacy data in a trusted execution environment and outputs a processing result, so that the risks of huge data of the user, stealing of financial properties or embezzlement and the like can be avoided, the purpose of protecting the privacy data of the user is achieved, and meanwhile, risk assessment can be carried out on the target service more accurately and in real time.

Example two

As shown in fig. 4, an Execution subject of the method may be a terminal device, where the terminal device may be provided with a trusted Execution environment tee (trusted Execution environment), the trusted Execution environment may be implemented by a program written in a predetermined programming language (that is, may be implemented in a form of software), or may be implemented in a form of software and hardware, and the terminal device may be a mobile terminal device such as a mobile phone, a tablet computer, or an apparatus such as a personal computer or a notebook computer. The method may specifically comprise the steps of:

in step S402, a service processing request initiated by a target user for a preset target service through a target application in a terminal device is obtained.

In step S404, the private data required for executing the service processing of the target service is acquired by the first trusted program on the terminal device for executing the service processing of the target service.

Wherein the privacy data comprises one or more of biometric data of the target user and device information of the terminal device. The biometric data of the target user may include one or more of facial feature data, fingerprint feature data, palm print feature data, iris feature data, heart rate feature data, and voiceprint feature data of the target user. The private data may include, in addition to the data, one or more of information of a preset certificate of the target user and a preset user key of the target user, where the preset certificate may be a certificate capable of proving an identity of the target user, such as an identity certificate, a social security card, a passport, and the like, and may be specifically set according to an actual situation, which is not limited in this embodiment of the specification. The preset user password may be a password which is preset for the target user and can verify the identity of the target user, and may be specifically set according to an actual situation, which is not limited in the embodiments of the present specification.

In step S406, the acquired private data is passed to the TEE in a ciphertext manner by the first trusted program.

In implementation, in order to ensure the security of the private data obtained in the data transmission process, the obtained private data may be encrypted, where the encryption algorithm used may include multiple kinds, such as a symmetric encryption algorithm or an asymmetric encryption algorithm. The first trusted program can encrypt the acquired private data by adopting the symmetric encryption algorithm or the asymmetric encryption algorithm to obtain the encrypted acquired private data (at this moment, the acquired private data is a ciphertext), and then the first trusted program can transmit the encrypted private data to the TEE of the terminal device through the corresponding interface and the data transmission channel, so that the security of the acquired private data in the transmission process is ensured.

It should be noted that, in the case that the service processing request in step S402 already includes the encrypted private data, there may be no need to encrypt the obtained private data, or the obtained private data may be encrypted again, which may be specifically set according to the actual situation.

In step S408, in the TEE, the private data is decrypted to obtain decrypted private data.

In step S410, a business risk detection rule of the target business is obtained through the first trusted program, and the business risk detection rule is transferred to the TEE.

Wherein the business risk detection rule is set based on one or more of the following: the target user executes the service verification rule of the target service; the target user executes the timeliness condition of the target service; and the identity verification rule of the target user. The service check rule for the target user to execute the target service may be, for example, a risk detection rule corresponding to a service, and a corresponding service risk detection rule may be set based on a difference between services, for example, if the service to which the private data corresponds is required to be an electronic transaction service, the service risk detection rule may be, for example, to check whether the private data is applicable to an electronic transaction service, and if it is determined that the private data is not applicable to the electronic transaction service, the private data cannot be transmitted to the TEE for use. The timeliness condition of the target user for executing the target service can be, for example, a timeliness condition applied to the target service is set for the private data, if the private data is used in the timeliness, the private data can be uploaded to a TEE for use, otherwise, the private data cannot be uploaded to the TEE, and the like.

It should be noted that the service risk detection rule may also be set based on the above multiple items, and in practical application, the service risk detection rule may also be set in multiple ways besides being set in the above way, and specifically, the service risk detection rule may be flexibly set based on the requirements of the user, the requirements of the service manager or the service provider, and the like.

In implementation, the business risk detection rule of the target business may be stored in a designated storage device or a storage area in advance, for example, in order to prevent the business risk detection rule from being tampered with, the business risk detection rule may be stored in a block chain system, or may be stored in a storage component or a storage area (for example, a storage area pre-defined in advance in a memory of a terminal device) in which a usage right is set in advance, and the like. When the business risk detection is needed, the business risk detection rule of the target business can be acquired from the specified storage device or storage area through the first trusted program, and the business risk detection rule can be transmitted to the TEE through the first trusted program.

In step S412, in the trusted execution environment of the TEE, it is determined whether the obtained private data conforms to a service risk detection rule, so as to perform service risk detection on a target service corresponding to a service processing request initiated by a target user, and obtain a service risk detection result corresponding to the service processing request initiated by the target user.

The specific processing in step S412 may refer to the content related to the service risk detection rule, and may determine, based on the specific content of the service risk detection rule, whether the obtained private data conforms to the service risk detection rule in a trusted execution environment of the TEE in a corresponding manner, so as to obtain a service risk detection result corresponding to a service processing request initiated by a target user.

In step S414, the service risk detection result is transmitted to the target application, and if the service risk detection result indicates that there is a service risk in executing the target service corresponding to the service processing request, a security control policy corresponding to the risk type is obtained according to the risk type corresponding to the service risk, and the security control policy is executed for the target user.

The security control policy may be one or more of a policy for restricting login of a target user, a login notification policy of the target user, and a resource transfer limit policy for restricting resource transfer of the target user, where the policy for restricting login of the target user may be a policy for restricting the number of times of login of the target user, restricting login of the target user within a specified time period, and the like, the login notification policy of the target user may be a policy for sending information related to login to the target user to remind the target user, and the resource transfer limit policy for restricting the target user may be a policy for restricting the amount of resources transferred by the target user for multiple times or for multiple times, for example, a single transfer limit or a daily accumulated transfer limit may be set for the target user. The risk types may include various types, for example, types such as an abnormal login location, a number of transferred resources exceeding a preset threshold, and a number of occurrences violating a specified operation rule, which may be specifically set according to an actual situation, and this is not limited in this specification.

In step S416, an update request for the service risk detection rule in the TEE of the terminal device is received, where the update request includes rule data to be updated, and the rule data to be updated is a ciphertext.

In step S418, the rule data to be updated is transferred to the TEE of the terminal device by the first trusted program.

In step S420, in the trusted execution environment of the TEE, the rule data to be updated is decrypted, and the business risk detection rule is updated based on the decrypted rule data to be updated.

EXAMPLE III

As shown in fig. 5, an Execution subject of the method may be a terminal device, where the terminal device may be provided with a trusted Execution environment tee (trusted Execution environment), the trusted Execution environment may be implemented by a program written in a predetermined programming language (that is, may be implemented in a form of software), or may be implemented in a form of software and hardware, and the terminal device may be a mobile terminal device such as a mobile phone, a tablet computer, or an apparatus such as a personal computer or a notebook computer. The method may specifically comprise the steps of:

in step S502, a service processing request initiated by a target user for a preset target service through a target application in a terminal device is obtained.

In step S504, the private data required for executing the service processing of the target service is acquired by the first trusted program on the terminal device for executing the service processing of the target service.

Wherein the privacy data comprises one or more of biometric data of the target user and device information of the terminal device.

In step S506, the acquired private data is passed to the TEE in a ciphertext manner through the first trusted program.

In step S508, in the TEE, the private data is decrypted to obtain decrypted private data.

In practical applications, the service processing request may further include a verifiable statement corresponding to the service processing request, and based on this, the following processing of step S510 to step S512 may be further performed.

In step S510, the validity of the verifiable assertion is verified in the trusted execution environment of the TEE.

The verifiable declaration can be information for describing normalization of some attributes of an entity such as a person, an organization and the like, the verifiable declaration can realize trust based on evidence, and the information of some attributes of the current entity can be proved to other entities through the verifiable declaration to be credible. The verifiable statement may include a plurality of different fields and corresponding field values, for example, a field being a holder of the above-mentioned private data, a corresponding field value being user a, a field being a generation time of the private data, a corresponding field value being 1 month 1 day 2020, and the like.

In implementation, the first trusted program may, in addition to passing the private data to the TEE of the terminal device, pass a verifiable statement in the service processing request to the TEE of the terminal device. After the TEE of the terminal device includes the private data and the verifiable statement, the verifiable statement can be verified first to judge whether the verifiable statement is valid, and corresponding processing is performed based on the verifiable statement under the condition that the verifiable statement is determined to be valid, so that the security of data processing is further ensured. Specifically, verifying the verifiable declaration may include various ways, for example, calculating a field value included in the verifiable declaration by a predetermined algorithm (for example, calculating a hash value of the field value included in the verifiable declaration by a hash algorithm, etc.) may be obtained, and a corresponding calculation result is obtained. The verifiable statement also comprises a reference value of the calculation result, the obtained calculation result can be compared with the reference value in the verifiable statement, if the calculation result and the reference value are the same, the verification is passed, namely, the verification statement is valid, and if the calculation result and the verification result are different, the verification is failed, namely, the verification statement is invalid.

In addition to the above, various manners may be included, for example, the verifiable statement may include a check value of the verifiable statement, after the verifiable statement is included in the TEE in the terminal device, the check value of the verifiable statement may be determined by a predetermined check algorithm, then, the calculated check value may be compared with the check value in the verifiable statement, if the two are the same, the verification is passed, that is, the verifiable statement is valid, and if the two are not the same, the verification is failed, that is, the verifiable statement is invalid, and the like. In practical applications, the method for verifying the validity of the verifiable statement includes only the above two methods, and may also include other various realizable methods, which may be set according to practical situations, and this is not limited in the embodiments of this specification.

In step S512, if the verification result is valid, in the trusted execution environment of the TEE, performing service risk detection on the target service corresponding to the service processing request initiated by the target user based on the obtained private data, so as to obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In practical applications, the specific processing manner of step S512 may be various, and an alternative processing manner is provided below, which may specifically include the following processing of step a2 and step a 4.

In step a2, if the verification result is valid, the business risk detection rule for the target business corresponding to the holder of the verifiable statement is obtained in the trusted execution environment of the TEE.

In implementation, if the verification result is that the verifiable statement is valid, in order to further verify the four held data of different verifiable statements and ensure the security of the data, a business risk detection rule of a target business can be set for the holder of different verifiable statements, or the business risk detection rule of the target business required by the holder to use the privacy data can be preset by the holder of the verifiable statement so as to prevent other organizations or users from stealing the verifiable statement of the holder of the verifiable statement to use the privacy data. After the verifiable statement is determined to be valid, business risk detection rules for the target business corresponding to the holder of the verifiable statement can be obtained in the trusted execution environment of the TEE.

In step a4, in the trusted execution environment of the TEE, it is determined whether the obtained private data conforms to a service risk detection rule, so as to perform service risk detection on a target service corresponding to a service processing request initiated by a target user, and obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In addition, the service processing request can also include digital identity information of the target user. The digital identity information may refer to information that a user can be identifiably depicted through digital information, that is, the digital identity information is represented in a form of concentrating real identity information into digital codes so as to bind, inquire and verify the personal real-time behavior information of the user. The digital identity information may not only include the birth information, individual description, biological characteristics and other identity encoding information of the user, but also relate to personal behavior information (such as transaction information or entertainment information) with various attributes and the like. The digital Identity information can be presented in various ways, such as DID (Decentralized Identity) and the like. Based on the above, in the trusted execution environment of the TEE, whether the digital identity information of the target user exists in the digital identity information prestored in the trusted execution environment of the TEE is searched; and if so, determining whether the acquired private data accords with a service risk detection rule or not in a trusted execution environment of the TEE so as to perform service risk detection on a target service corresponding to a service processing request initiated by a target user and obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In implementation, digital identity information (such as DID of the user) of different users may be preset, and the digital identity information of the user may be stored in the TEE or encrypted and stored in the terminal device. After the terminal device obtains the service processing request, whether the digital identity information of the target user exists in the prestored digital identity information or not can be searched from the TEE, or the encrypted digital identity information can be transmitted to the TEE, the encrypted digital identity information can be decrypted in a trusted execution environment of the TEE to obtain the digital identity information, and then whether the digital identity information of the target user exists or not can be searched from the digital identity information.

In step S514, the service risk detection result is transmitted to the target application, and if the service risk detection result indicates that there is a service risk in executing the target service corresponding to the service processing request, a security control policy corresponding to the risk type is obtained according to the risk type corresponding to the service risk, and the security control policy is executed for the target user.

The security control policy comprises one or more of a policy for limiting the login of the target user, a login notification policy of the target user and a resource transfer quota policy for limiting the target user.

In step S516, an update request for a service risk detection rule in the TEE of the terminal device is received, where the update request includes rule data to be updated, and the rule data to be updated is a ciphertext.

In step S518, the rule data to be updated is transferred to the TEE of the terminal device through the first trusted program.

In step S520, in the trusted execution environment of the TEE, the rule data to be updated is decrypted, and the business risk detection rule is updated based on the decrypted rule data to be updated.

Example four

Based on the same idea, the privacy protection-based business risk detection method provided in the embodiment of the present specification further provides a privacy protection-based business risk detection apparatus, where a trusted execution environment TEE is provided in the apparatus, as shown in fig. 6.

The service risk detection device based on privacy protection comprises: a service processing request module 601, a privacy data transfer module 602, a risk detection module 603 and a service processing module 604, wherein:

a service processing request module 601, configured to obtain a service processing request initiated by a target user for a preset target service through a target application in the device;

a privacy data transfer module 602, configured to obtain, through a first trusted program on the device, privacy data required to execute service processing of the target service, and transfer the obtained privacy data to the TEE;

a risk detection module 603, configured to perform, in the trusted execution environment of the TEE, service risk detection on a target service corresponding to the service processing request initiated by the target user based on the obtained private data, so as to obtain a service risk detection result corresponding to the service processing request initiated by the target user;

the service processing module 604 transmits the service risk detection result to the target application, and determines whether to execute the target service corresponding to the service processing request based on the service risk detection result through the target application.

In an embodiment of this specification, the apparatus further includes:

the rule transmission module is used for acquiring a business risk detection rule of the target business through the first trusted program and transmitting the business risk detection rule to the TEE;

the risk detection module 603 determines whether the obtained private data conforms to the service risk detection rule in the trusted execution environment of the TEE, so as to perform service risk detection on the target service corresponding to the service processing request initiated by the target user, and obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In this embodiment of this specification, the service processing request includes a verifiable statement corresponding to the service processing request, and the risk detection module 603 includes:

a verification unit that verifies validity of the verifiable statement in a trusted execution environment of the TEE;

and if the verification result is valid, performing service risk detection on the target service corresponding to the service processing request initiated by the target user in the trusted execution environment of the TEE based on the acquired private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In this embodiment of the present specification, if the verification result is valid, the risk detection unit obtains, in a trusted execution environment of the TEE, a service risk detection rule for the target service, which corresponds to the holder of the verifiable statement; and in the trusted execution environment of the TEE, determining whether the acquired private data accords with the service risk detection rule or not so as to perform service risk detection on the target service corresponding to the service processing request initiated by the target user and obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In an embodiment of this specification, the apparatus further includes:

the updating request module is used for receiving an updating request of the business risk detection rule in the TEE of the device, wherein the updating request comprises rule data to be updated, and the rule data to be updated is a ciphertext;

the data transmission module transmits the rule data to be updated to a TEE of the device through the first trusted program;

and the updating module is used for decrypting the rule data to be updated in the trusted execution environment of the TEE and updating the business risk detection rule based on the decrypted rule data to be updated.

In an embodiment of this specification, the business risk detection rule is set based on one or more of the following:

the target user executes the service verification rule of the target service;

the target user executes the timeliness condition of the target service; and the number of the first and second groups,

and the identity of the target user is verified according to the rule.

In this embodiment of the present specification, the private data transfer module 602 transfers, by using the first trusted program, the obtained private data to the TEE in a ciphertext manner;

the device further comprises:

and the decryption module is used for decrypting the private data in the TEE to obtain the decrypted private data.

In an embodiment of the present specification, the privacy data includes one or more of biometric data of the target user, and device information of the apparatus.

In an embodiment of this specification, if the service risk detection result indicates that there is a service risk in executing the target service corresponding to the service processing request, the service processing module obtains a security control policy corresponding to the risk type according to the risk type corresponding to the service risk, and executes the security control policy on the target user.

In this embodiment of the present specification, the security control policy includes one or more of a policy for restricting login of the target user, a login notification policy of the target user, and a resource transfer quota policy for restricting the target user.

The embodiment of the specification provides a service risk detection device based on privacy protection, which is provided with a Trusted Execution Environment (TEE), acquires privacy data required for executing service processing of a target service through a first trusted program used for executing the service processing of the target service on a terminal device when acquiring a service processing request initiated by the target user through a target application in the terminal device for the preset target service, transmits the acquired privacy data to the TEE, then performs service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired privacy data in the trusted execution environment of the TEE to obtain a service risk detection result corresponding to the service processing request initiated by the target user, transmits the service risk detection result to the target application, and determines whether to execute the target service corresponding to the service processing request based on the service risk detection result through the target application, therefore, in the mode, in the process of wind control processing of a service scene, the application program of a third party does not directly acquire and process any privacy data related to the user and the terminal, but processes the privacy data in a credible execution environment and outputs a processing result, so that the risks of huge user data, financial property theft or embezzlement and the like can be avoided, the purpose of protecting the privacy data of the user is achieved, and meanwhile, risk assessment can be carried out on the target service more accurately and in real time.

EXAMPLE five

Based on the same idea, the privacy protection-based business risk detection apparatus provided in the embodiment of the present specification further provides privacy protection-based business risk detection equipment, where a trusted execution environment TEE is provided in the equipment, as shown in fig. 7.

The privacy protection-based business risk detection device may be the terminal device provided in the above embodiment.

The privacy protection based business risk detection device may have a relatively large difference due to different configurations or performances, and may include one or more processors 701 and a memory 702, where the memory 702 may store one or more stored applications or data. Memory 702 may be, among other things, transient storage or persistent storage. The application stored in memory 702 may include one or more modules (not shown), each of which may include a series of computer-executable instructions for a privacy-based business risk detection device. Still further, the processor 701 may be configured to communicate with the memory 702 to execute a series of computer-executable instructions in the memory 702 on the privacy-based business risk detection apparatus. The privacy protection based business risk detection apparatus may also include one or more power supplies 703, one or more wired or wireless network interfaces 704, one or more input-output interfaces 705, and one or more keyboards 706.

In particular, in this embodiment, the privacy-based business risk detection apparatus includes a memory, and one or more programs, where the one or more programs are stored in the memory, and the one or more programs may include one or more modules, and each module may include a series of computer-executable instructions for the privacy-based business risk detection apparatus, and the one or more programs configured to be executed by the one or more processors include computer-executable instructions for:

acquiring a service processing request initiated by a target user for a preset target service through a target application in the terminal equipment;

obtaining privacy data required by executing the service processing of the target service through a first trusted program used for executing the service processing of the target service on the terminal equipment, and transmitting the obtained privacy data to the TEE;

in the trusted execution environment of the TEE, performing service risk detection on a target service corresponding to a service processing request initiated by the target user based on the acquired private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user;

and transmitting the service risk detection result to the target application, and determining whether to execute the target service corresponding to the service processing request or not through the target application based on the service risk detection result.

In the embodiment of this specification, the method further includes:

acquiring a service risk detection rule of the target service through the first trusted program, and transmitting the service risk detection rule to the TEE;

in the trusted execution environment of the TEE, performing service risk detection on a target service corresponding to a service processing request initiated by the target user based on the obtained private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user, including:

and in the trusted execution environment of the TEE, determining whether the acquired private data accords with the service risk detection rule or not so as to perform service risk detection on the target service corresponding to the service processing request initiated by the target user and obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In an embodiment of this specification, the service processing request includes a verifiable statement corresponding to the service processing request, and performing, in a trusted execution environment of the TEE, service risk detection on a target service corresponding to the service processing request initiated by the target user based on the obtained private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user includes:

verifying the validity of the verifiable assertion in a trusted execution environment of the TEE;

and if the verification result is valid, performing service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired private data in the trusted execution environment of the TEE to obtain a service risk detection result corresponding to the service processing request initiated by the target user.

In this embodiment of the present description, if the verification result is valid, performing, in the trusted execution environment of the TEE, service risk detection on the target service corresponding to the service processing request initiated by the target user based on the obtained private data, to obtain a service risk detection result corresponding to the service processing request initiated by the target user, includes:

if the verification result is valid, acquiring a business risk detection rule corresponding to the holder of the verifiable statement and aiming at the target business in a trusted execution environment of the TEE;

In the embodiment of this specification, the method further includes:

receiving an update request of the business risk detection rule in the TEE of the terminal equipment, wherein the update request comprises rule data to be updated, and the rule data to be updated is a cipher text;

transmitting the rule data to be updated to a TEE of the terminal equipment through the first trusted program;

and decrypting the rule data to be updated in the trusted execution environment of the TEE, and updating the business risk detection rule based on the decrypted rule data to be updated.

the target user executes the service verification rule of the target service;

and the identity of the target user is verified according to the rule.

In an embodiment of this specification, the transferring, by a first trusted program, the acquired private data to the TEE includes:

transmitting the acquired private data to the TEE in a ciphertext mode through the first trusted program;

the method further comprises the following steps:

and in the TEE, decrypting the private data to obtain the decrypted private data.

In an embodiment of the present specification, the privacy data includes one or more of biometric data of the target user and device information of the terminal device.

In this embodiment of the present specification, the determining, by the target application, whether to execute the target service corresponding to the service processing request based on the service risk detection result includes:

and if the service risk detection result indicates that the target service corresponding to the service processing request is executed has a service risk, acquiring a security control strategy corresponding to the risk type according to the risk type corresponding to the existing service risk, and executing the security control strategy for the target user.

The embodiment of the specification provides a privacy protection-based service risk detection device, which is provided with a Trusted Execution Environment (TEE), acquires privacy data required for executing service processing of a target service through a first trusted program used for executing the service processing of the target service on a terminal device when acquiring a service processing request initiated by the target user through a target application in the terminal device for the preset target service, and transmits the acquired privacy data to the TEE, then, in the trusted execution environment of the TEE, performs service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired privacy data to obtain a service risk detection result corresponding to the service processing request initiated by the target user, transmits the service risk detection result to the target application, and determines whether to execute the target service corresponding to the service processing request based on the service risk detection result through the target application, therefore, in the mode, in the process of wind control processing of a service scene, the application program of a third party does not directly acquire and process any privacy data related to the user and the terminal, but processes the privacy data in a credible execution environment and outputs a processing result, so that the risks of huge user data, financial property theft or embezzlement and the like can be avoided, the purpose of protecting the privacy data of the user is achieved, and meanwhile, risk assessment can be carried out on the target service more accurately and in real time.

EXAMPLE six

Further, based on the methods shown in fig. 1 and fig. 5, one or more embodiments of the present specification further provide a storage medium for storing computer-executable instruction information, in a specific embodiment, the storage medium may be a usb disk, an optical disk, a hard disk, or the like, and when the storage medium stores the computer-executable instruction information, the storage medium implements the following processes:

In the embodiment of this specification, the method further includes:

the target user executes the service verification rule of the target service;

and the identity of the target user is verified according to the rule.

the method further comprises the following steps:

The embodiment of the present specification provides a storage medium, which, when acquiring a service processing request initiated by a target user for a preset target service through a target application in a terminal device, acquires private data required for executing the service processing of the target service through a first trusted program on the terminal device for executing the service processing of the target service, and transmits the acquired private data to a TEE, then, in a trusted execution environment of the TEE, performs service risk detection on the target service corresponding to the service processing request initiated by the target user based on the acquired private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user, transmits the service risk detection result to the target application, and determines whether to execute the target service corresponding to the service processing request based on the service risk detection result through the target application, so that, through the mode, in the process of wind control processing of a service scene, the application program of a third party does not directly acquire and process any privacy data related to the user and the terminal, but processes the privacy data in a trusted execution environment and outputs a processing result, so that risks such as huge user data, financial property theft or embezzlement and the like can be avoided, the purpose of protecting the privacy data of the user is achieved, and meanwhile, risk assessment can be accurately carried out on target services in real time.

The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.

The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: the ARC625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.

The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the various elements may be implemented in the same one or more software and/or hardware implementations in implementing one or more embodiments of the present description.

As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, one or more embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

Embodiments of the present description are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the description. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable fraud case serial-parallel apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable fraud case serial-parallel apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable fraud case to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable fraud case serial-parallel apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

One or more embodiments of the present description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. One or more embodiments of the specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

The above description is only an example of the present specification, and is not intended to limit the present specification. Various modifications and alterations to this description will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present specification should be included in the scope of the claims of the present specification.

Claims

1. A service risk detection method based on privacy protection is applied to terminal equipment, a Trusted Execution Environment (TEE) is arranged in the terminal equipment, and the method comprises the following steps:

2. The method of claim 1, further comprising:

3. The method according to claim 1, wherein the service processing request includes a verifiable statement corresponding to the service processing request, and the performing, in the trusted execution environment of the TEE, service risk detection on a target service corresponding to the service processing request initiated by the target user based on the obtained private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user includes:

4. The method according to claim 3, wherein if the verification result is valid, performing, in the trusted execution environment of the TEE, service risk detection on the target service corresponding to the service processing request initiated by the target user based on the obtained private data to obtain a service risk detection result corresponding to the service processing request initiated by the target user, includes:

5. The method of claim 2 or 4, further comprising:

6. The method of claim 5, the business risk detection rule being set based on one or more of:

the target user executes the service verification rule of the target service;

and the identity of the target user is verified according to the rule.

7. The method of claim 1, passing the obtained private data into the TEE by a first trusted program, comprising:

the method further comprises the following steps:

8. The method of claim 1, the privacy data comprising one or more of biometric data of the target user, device information of the terminal device.

9. The method of claim 1, wherein the determining, by the target application, whether to execute the target service corresponding to the service processing request based on the service risk detection result comprises:

10. The method of claim 9, the security control policy comprising one or more of a policy to restrict login of the target user, a login notification policy of the target user, and a resource transfer quota policy to restrict the target user.

11. A service risk detection device based on privacy protection is provided with a Trusted Execution Environment (TEE), and comprises:

the service processing request module is used for acquiring a service processing request initiated by a target user aiming at a preset target service through a target application in the device;

the private data transmission module is used for acquiring private data required by executing the service processing of the target service through a first trusted program which is used for executing the service processing of the target service and is arranged on the device, and transmitting the acquired private data to the TEE;

a risk detection module, configured to perform, in a trusted execution environment of the TEE, service risk detection on a target service corresponding to a service processing request initiated by the target user based on the obtained private data, so as to obtain a service risk detection result corresponding to the service processing request initiated by the target user;

and the service processing module is used for transmitting the service risk detection result to the target application and determining whether to execute the target service corresponding to the service processing request or not through the target application based on the service risk detection result.

12. A business risk detection device based on privacy protection is provided with a Trusted Execution Environment (TEE), and comprises:

a processor; and

a memory arranged to store computer executable instructions that, when executed, cause the processor to:

acquiring a service processing request initiated by a target user for a preset target service through a target application in the equipment;

obtaining privacy data required for executing the service processing of the target service through a first trusted program used for executing the service processing of the target service on the equipment, and transmitting the obtained privacy data to the TEE;

13. A storage medium for storing computer-executable instructions, which when executed by a processor implement the following:

acquiring a service processing request initiated by a target user for a preset target service through a target application in terminal equipment;

obtaining privacy data required by executing the service processing of the target service through a first trusted program used for executing the service processing of the target service on the terminal equipment, and transmitting the obtained privacy data to a TEE (trusted external equipment) of the terminal equipment;