CN114090989A - Identity authentication method, system and device - Google Patents
Identity authentication method, system and device Download PDFInfo
- Publication number
- CN114090989A CN114090989A CN202111309773.4A CN202111309773A CN114090989A CN 114090989 A CN114090989 A CN 114090989A CN 202111309773 A CN202111309773 A CN 202111309773A CN 114090989 A CN114090989 A CN 114090989A
- Authority
- CN
- China
- Prior art keywords
- face
- video
- person
- determining
- authenticated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Collating Specific Patterns (AREA)
Abstract
The embodiment of the specification provides an identity authentication method, an identity authentication system and an identity authentication device, wherein the identity authentication method comprises the following steps: the method comprises the steps that a server receives a target certificate image of a person to be authenticated sent by a terminal device and obtains a face signing video recorded in a video face signing process aiming at the person to be authenticated; detecting whether the face in the target certificate image is modified; under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face-signed video with the human face in the target certificate image respectively, and determining a human face comparison result; and determining the identity authentication result of the person to be authenticated at least based on the face comparison result.
Description
Technical Field
The present disclosure relates to the field of identity authentication technologies, and in particular, to an identity authentication method, system and device.
Background
Currently, there is a clear personal identity verification rule for the development of online financial services. The identity verification method of the user comprises four-element verification of an initial bank card, face photographing identification and face multi-angle dynamic identification. With the continuous rise of the broken-through risk of the technology and the rise of the necessity of confirming the will of the user, the mode of confirming the identity and the will by video surface sign, namely online video call, becomes a new trend of identity verification and the confirmation of the will of the user in the current internet industry.
The video face sign is that a background attendant (remote face sign post) performs identity verification, service item verification, data signing, scene witness and the like on a user in a video call mode, so that the identity of the user is verified.
In the process, manual video surface signing is needed, the labor cost is high, and if the user requests too much on line, the problems of waiting time of the on-line process and too long authentication verification time are easily caused due to limited manpower.
Disclosure of Invention
One or more embodiments of the present disclosure provide an identity authentication method, system, and apparatus, so as to implement convenient, fast, and more accurate authentication of a user identity.
According to a first aspect, an identity authentication method is provided, which is applied to a server, wherein the method includes:
receiving a target certificate image of a person to be authenticated sent by terminal equipment and acquiring a face signing video recorded in a video face signing process aiming at the person to be authenticated;
detecting whether the face in the target certificate image is modified;
under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face signing video with the human face in the target certificate image respectively, and determining a human face comparison result;
and determining the identity authentication result of the person to be authenticated at least based on the face comparison result.
In one implementation, the determining the identity authentication result of the person to be authenticated includes:
and if the face comparison result shows that the proportion of the face in the multi-frame video frame to the face in the target certificate image is consistent is less than a preset proportion threshold value, determining that the identity authentication result is failed.
In one implementation manner, before the determining the identity authentication result of the person to be authenticated, the method further includes:
determining an emotion analysis result based on the face label video;
the determining of the identity authentication result of the person to be authenticated includes:
and determining the identity authentication result based on the face comparison result and the emotion analysis result.
In one implementation, the label video includes label audio and video frames;
the determining of the emotion analysis result comprises:
and determining the emotion analysis result based on the face label audio, the video frame and a preset emotion analysis algorithm.
In one implementation manner, before the determining the identity authentication result of the person to be authenticated, the method further includes:
detecting whether the picture jumping condition exists in the surface label video or not to obtain a first detection result;
the determining of the identity authentication result of the person to be authenticated includes:
and determining the identity authentication result based on the face comparison result and the first detection result.
In one implementation manner, before the determining the identity authentication result of the person to be authenticated, the method further includes:
obtaining the current equipment characteristics of the terminal equipment;
determining whether the terminal equipment has a preset equipment abnormal condition or not based on the current equipment characteristics to obtain an equipment detection result;
the determining of the identity authentication result of the person to be authenticated includes:
and determining the identity authentication result based on the face comparison result and the equipment detection result.
In one implementation, the determining whether the terminal device has a preset device abnormal condition includes:
judging whether the terminal equipment records the video of the surface label aiming at the video surface label process of a plurality of people to obtain a first judgment result; and/or
Judging whether the current equipment characteristic is modified or not based on the corresponding relation between the pre-stored equipment platform identification and the equipment characteristic to obtain a second judgment result, wherein the equipment platform identification is determined by the server based on the equipment characteristic of the terminal equipment during the first login;
and if at least one of the first judgment result and the second judgment result is yes, determining that the terminal equipment has a preset equipment abnormal condition.
In one implementation, the video countersignature video includes an environment surround sub-video, and the environment surround sub-video is recorded for an environment surround presentation sub-process in the video countersignature process;
before the identity authentication result of the person to be authenticated is determined, the method further comprises the following steps:
determining whether the environment meets a preset environment condition or not based on the environment surrounding sub-video to obtain a first determination result;
the determining of the identity authentication result of the person to be authenticated comprises:
and determining the identity authentication result based on the face comparison result and the first determination result.
In one implementation, the method further comprises:
determining target risk release operation to be executed by the person to be authenticated under the condition that the identity authentication result is failed;
sending indication information of the target risk release operation to the terminal equipment to prompt the person to be authenticated to execute corresponding operation based on the indication information;
and if the operation content information corresponding to the target risk release operation is obtained within the preset effective time, determining a secondary authentication result based on the operation content information.
In one implementation, the determining a target risk release operation corresponding to the person to be authenticated includes:
receiving an operation selected by the person to be authenticated from a preset risk release operation set from the terminal equipment, and taking the operation as the target risk release operation; or;
and determining the target risk releasing operation from a preset risk releasing operation set based on the face comparison result.
In one implementation, where the targeted risk release operation comprises an operation that provides a specified type of identity verification material; the determining of the secondary authentication result comprises:
determining the secondary authentication result based on the specified type of identity authentication material uploaded by the terminal equipment;
in a case where the target risk releasing operation includes an interactive question-answering operation, the determining a secondary authentication result includes:
determining the secondary authentication result based on a question answer sent by the terminal equipment, wherein the question answer is input by the person to be authenticated for a question provided for the terminal equipment;
in a case where the target risk releasing operation is a manual authentication operation, the determining a secondary authentication result includes:
determining the secondary authentication result based on a manual authentication result of the manual authentication operation;
in a case that the target risk releasing operation includes another person identity guaranteeing operation, the determining a secondary authentication result includes:
and determining a secondary authentication result based on the identity guarantee information corresponding to the identity guarantee operation of the other person.
In one implementation, the method further comprises:
and if the operation content information is not obtained within the preset effective time, determining that the secondary authentication result of the person to be authenticated is failed.
According to a second aspect, there is provided an identity authentication system comprising a server and a terminal device,
the terminal equipment is configured to record a face signing video aiming at the video face signing process of a person to be authenticated by using a started camera after receiving a video face signing trigger instruction of the person to be authenticated, and send the face signing video and a target certificate image of the person to be authenticated to the server;
the server is configured to receive the target certificate image and the face label video; detecting whether the face in the target certificate image is modified; under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face signing video with the human face in the target certificate image respectively, and determining a human face comparison result; and determining the identity authentication result of the person to be authenticated based on the face comparison result.
In one implementation manner, the terminal device is further configured to output face-to-face authentication operation information based on a preset face-to-face process, where the face-to-face authentication operation information is used to: and prompting the person to be authenticated to execute corresponding face signing authentication operation in the video face signing process.
In one implementation, the label video includes at least: the method comprises the steps of appointing content information reading sub-video and environment surrounding sub-video, wherein the environment surrounding sub-video is recorded aiming at an environment surrounding display sub-process in the video surface signing process, and the appointed content information reading sub-video is recorded aiming at a process of reading appointed content information by the person to be authenticated in the video surface signing process.
In an implementation manner, the server is further configured to issue the preset facebook flow to the terminal device after obtaining the preset facebook flow request sent by the terminal device.
According to a third aspect, there is provided an identity authentication apparatus applied to a server, wherein the apparatus includes:
the receiving module is configured to receive a target certificate image of a person to be authenticated sent by the terminal equipment and acquire a face-signing video recorded in a video face-signing process aiming at the person to be authenticated;
the detection module is configured to detect whether the face in the target certificate image is modified;
the comparison determination module is configured to compare the human faces in the multiple frames of video frames in the face signing video with the human faces in the target certificate image respectively under the condition that the human faces in the target certificate image are determined to be unmodified, and determine a human face comparison result;
and the first determining module is configured to determine the identity authentication result of the person to be authenticated at least based on the face comparison result.
According to a fourth aspect, there is provided a computer readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of the first aspect.
According to a fifth aspect, there is provided a computing device comprising a memory and a processor, wherein the memory has stored therein executable code, and the processor, when executing the executable code, implements the method of the first aspect.
According to the method and the device provided by the embodiment of the specification, after the server obtains the face signing video of the person to be authenticated and the target certificate image, under the condition that the face in the target certificate image is not modified, the face in the multi-frame video frame in the face signing video is respectively compared with the face in the target certificate image, the face comparison result is determined, and the identity authentication result of the person to be authenticated is further determined at least based on the face comparison result, so that the automatic face signing of the person to be authenticated is realized, the manpower is saved, the condition that the authentication result has errors due to human errors is avoided, and the accuracy and the efficiency of the authentication result are improved to a certain extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below. It is obvious that the drawings in the following description are only some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive effort.
FIG. 1 is a schematic diagram of a framework for implementing one embodiment disclosed herein;
fig. 2 is a schematic flowchart of an identity authentication method according to an embodiment;
fig. 3 is a schematic diagram of an identity authentication process according to an embodiment;
FIG. 4 is a schematic block diagram of an identity authentication system provided by an embodiment;
fig. 5 is a schematic block diagram of an identity authentication apparatus provided in the embodiment.
Detailed Description
The technical solutions of the embodiments of the present disclosure will be described in detail below with reference to the accompanying drawings.
The embodiment of the specification discloses an identity authentication method, an identity authentication system and an identity authentication device, and introduces an application scenario and a technical concept of the identity authentication method, which are as follows:
at present, the process of authenticating a user by adopting an artificial video surface signing mode needs the artificial video surface signing, the labor cost is high, and if the user requests too much on line, the problems of waiting time of the on-line flow and overlong authentication time are easily caused due to limited manpower.
In view of this, the inventor proposes an identity authentication method, according to which, after obtaining a video surface signing instruction triggered by a person to be authenticated, a terminal device performs video surface signing on the person to be authenticated, and records a surface signing video; and subsequently, the face-to-face signing video and the target certificate image of the person to be authenticated are sent to the corresponding server. And after receiving the face signing video and the target certificate image, the server performs identity verification and authentication on the person to be authenticated based on the face signing video and the target certificate image.
FIG. 1 shows a schematic implementation framework according to one embodiment disclosed herein. As shown in fig. 1, a server receives a target certificate image of a person to be authenticated sent by a terminal device and acquires a face-signing video recorded in a video face-signing process for the person to be authenticated; detecting whether the face in the target certificate image is modified; under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face-signed video with the human face in the target certificate image respectively, and determining a human face comparison result; and determining the identity authentication result of the person to be authenticated at least based on the face comparison result.
Through the process, the automatic video surface signing of the person to be authenticated is realized, the labor is saved, the condition that the error occurs in the authentication result due to human error is avoided, and the accuracy and the efficiency of the authentication result are improved to a certain extent.
The identity authentication method provided in this specification is described in detail below with reference to specific embodiments.
Fig. 2 shows a flow chart of an identity authentication method in one embodiment of the present description. The method may be implemented by a server, wherein the server may be implemented by any device, apparatus, platform, cluster of devices, etc. having computing, processing capabilities. The method comprises the following steps S210-S240:
s210: and receiving a target certificate image of the person to be authenticated sent by the terminal equipment and acquiring a face-signing video recorded in a video face-signing process aiming at the person to be authenticated.
In one implementation, the terminal device may be installed with a target application, and the user needs to perform identity authentication when transacting a specific service or a specific operation supported by the user based on the target application. The target application may include, but is not limited to, electronic payment applications, electronic banking applications, and other applications that provide financial-related services. Wherein, the electronic payment application can be a Paibao application. The specific service or specific operation may include, but is not limited to: apply for health code, open debit and open fund account.
When detecting that a user executes a specific service or a specific operation based on a target application, the terminal device outputs an authentication selection interface prompting the user to perform identity authentication, wherein the authentication selection interface may include a face sign mark indicating that the user performs video face sign and other selection marks corresponding to authentication modes. And when the terminal equipment detects that the user triggers the surface signing mark, determining that the user triggers a video surface signing process. Correspondingly, the terminal equipment records a video as a surface signing video in a video surface signing process aiming at the user, namely the person to be authenticated, by using the started camera; and obtaining a target certificate image of the person to be authenticated, and sending the face signing video and the target certificate image to a server. It is understood that the server may be a server corresponding to the target application. The target certificate image is an image collected by aiming at the identity certificate of the person to be authenticated, at least comprises the face of the person to be authenticated, and also can comprise identity information of the person to be authenticated.
In the video surface signing process, the terminal device can output surface signing authentication operation information based on a preset video flow, so that a person to be authenticated executes corresponding surface signing authentication operation based on the preset video flow. And the terminal equipment executes a corresponding process of surface signing authentication operation aiming at the person to be authenticated, namely the surface signing video is acquired in the video surface signing process.
The surface label authentication operation may include: and uploading the certificate image. The person to be authenticated uploads the certificate image, namely the target certificate image, through the terminal device according to the instruction of the operation of uploading the certificate image, and correspondingly, the face-signing video can comprise a sub-video of the process of uploading the certificate image by the person to be authenticated, namely, the target certificate image is the certificate image uploaded in the process of video face-signing. In another case, the target certificate image can be uploaded by the person to be authenticated according to the certificate image uploading instruction before the video is carried out.
In the video surface signing process, a person to be authenticated needs to declare his will and clarify the risk to be borne when the person performs a specific service or a specific operation, and accordingly, the surface signing authentication operation may further include: willingness declaration operations, and risk liability operations. Specifically, in the video surface signing process, the terminal device may sequentially output information for prompting the person to be authenticated to perform the operation of the willingness declaration and information for prompting the person to be authenticated to perform the operation of the risk liability based on the preset video flow.
In one implementation, the terminal device may output the corresponding content information and instruct the person to be authenticated to read the content information by speaking. And the terminal equipment records a video in the process of reading the content information aiming at the person to be authenticated. Correspondingly, the surface label video comprises a video of the process of reading corresponding content information by the person to be authenticated. The content information corresponding to the willingness declaration operation is preset willingness declaration content information, and the content information corresponding to the risk liability assignment operation is preset risk liability assignment content information. In the implementation, if the person to be authenticated reads the content information, that is, the person to be authenticated considers that the will is declared and the risk to be borne by the person to be authenticated is determined, the video surface sign is continued; and if the person to be authenticated chooses not to read the content information (for example, clicking a cancel button), the person to be authenticated is considered to cancel the video surface label.
In another implementation, the terminal device can output corresponding content information, and simultaneously output a confirmation key and a cancel key for the selection of the person to be authenticated; if the person to be authenticated clicks the confirmation key, continuing to carry out video surface signing; if the person to be authenticated clicks the cancel button, the person to be authenticated can be considered to cancel the video surface label.
The person to be authenticated may be a person of any nationality.
In another case, if the server already stores the certificate image of the person to be authenticated, the terminal device may not send the target certificate image of the person to be authenticated to the server any more, that is, after the person to be authenticated triggers the face-signing video flow, the terminal device may only send the face-signing video to the server.
And the server receives the target certificate image and the face label video sent by the terminal equipment and executes a subsequent identity authentication process.
S220: and detecting whether the human face in the target certificate image is modified. In this step, the server may detect whether the target document image is modified by using a preset image modification recognition algorithm, where detecting whether the target document image is modified may include: and detecting whether the face and identity information in the target certificate image is modified. The preset image modification identification algorithm may be any algorithm that can detect whether an image is modified in the related art, for example: applying certificate anti-counterfeiting algorithm and image modification algorithm.
If it is determined that the face of the target document image is not modified, step S130 is continuously performed, and if it is determined that the face of the target document image is modified, the identity authentication process may be ended.
S230: and under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face-signed video with the human face in the target certificate image respectively, and determining a human face comparison result.
Under the condition that the face in the target certificate image is not modified, the server extracts a plurality of frames of video frames from the face label video based on a preset frame selection rule, compares the face in the plurality of frames of video frames with the face in the target certificate image respectively, judges whether the face in the video frames is consistent with the face in the target certificate image or not, and determines a face comparison result. In one case, the number of the multi-frame video frames is N, and correspondingly, the number of the face comparison results is N.
The preset frame selection rules may include, but are not limited to: and randomly screening rules and screening out the rules of the images which comprise the front faces of the persons to be authenticated and have the definition higher than a preset definition threshold value.
In one case, the video frame is screened from the face label video in an irregular time, the irregular time comparison of the dynamic certificate portrait (the comparison of the face in the video frame and the face in the target certificate image) can be realized, the face counterfeiting difficulty can be improved to a certain extent, and the accuracy of identity authentication is improved.
S240: and determining the identity authentication result of the person to be authenticated at least based on the face comparison result. In one implementation, the S240 may include: and if the face comparison result shows that the consistent proportion of the face in the multi-frame video frame and the face in the target certificate image is less than a preset proportion threshold value, determining that the identity authentication result is failed. If the face comparison result shows that the consistent proportion of the face in the multi-frame video frame and the face in the target certificate image is not lower than the preset proportion threshold value, the identity authentication result is passed, and correspondingly, the real-name authentication of the person to be authenticated can be determined to be passed.
In the implementation, in order to make up the limitation of a single-angle authentication mode, the situation that misjudgment occurs in authentication of a single angle is avoided, the secondary identity authentication can be performed on the personnel to be authenticated under the situation that the identity authentication result is determined to be not passed at least based on a face comparison result, so that the authentication of more angles of the identity of the personnel is realized through the secondary identity authentication mode, the accuracy of the identity authentication result is increased to a certain extent, and the limitation of authentication of all angles is made up to a certain extent.
In the embodiment, after the server obtains the face signing video of the person to be authenticated and the target certificate image, the server compares the faces in the multiple frames of video frames in the face signing video with the faces in the target certificate image respectively under the condition that the faces in the target certificate image are not modified, determines the face comparison result, and further determines the identity authentication result of the person to be authenticated based on at least the face comparison result, so that automatic face signing of the person to be authenticated is realized, manpower is saved, the condition that errors occur in the authentication result due to human errors is avoided, and the accuracy and the efficiency of the authentication result are improved to a certain extent.
In order to further enhance the reliability and accuracy of the identity authentication result, the embodiments of the present specification further provide a scheme for performing identity authentication on a person to be authenticated through multiple authentication angles, so as to weaken the influence of each authentication angle on the identity authentication result to a certain extent, and improve the reliability and accuracy of the identity authentication result to a certain extent through multi-angle authentication.
In another embodiment of the present specification, the emotional condition of the person to be authenticated in the video surface signing process is used as an authentication angle of identity authentication. Correspondingly, before the step S240, the following step 01 may be further included:
step 01: determining an emotion analysis result based on the face label video;
the S240 includes: and determining an identity authentication result based on the face comparison result and the emotion analysis result.
In the implementation mode, the emotion analysis result of the person to be authenticated can be determined based on the face label video through a preset emotion analysis algorithm, and then the identity authentication result is determined based on the face comparison result and the emotion analysis result. The emotion analysis result may include determining whether a person to be authenticated has a preset abnormal emotion, where the preset abnormal emotion may include, but is not limited to: stress, anxiety, and panic. The preset emotion analysis algorithm may be: based on a sample image or video and a corresponding emotion label thereof, the trained neural network model, wherein the sample image or video comprises a human face, the emotion label comprises the preset abnormal emotion and a normal emotion, and the normal emotion can comprise the emotion such as calmness, peace, happiness and the like.
In one implementation, the process of determining the identity authentication result may be: and if the face comparison result shows that the consistent proportion of the face in the multi-frame video frame and the face in the target certificate image is not lower than a preset proportion threshold value, and the emotion analysis result shows that the preset abnormal emotion does not appear in the person to be authenticated, the identity authentication result can be determined to be passed, and the real-name authentication is determined to be passed. Subsequently, the identity authentication result representing that the real-name authentication passes can be sent to the terminal device.
The process of determining the identity authentication result may also be: and if the face comparison result shows that the consistent proportion of the face in the multi-frame video frame and the face in the target certificate image is less than a preset proportion threshold value, and/or the emotion analysis result shows that the preset abnormal emotion occurs to the person to be authenticated, determining that the identity authentication result is failed. Subsequently, in one case, the secondary identity authentication can be continuously performed on the person to be authenticated to obtain a secondary authentication result, and the secondary authentication result is sent to the terminal device. In another case, the identity authentication result indicating that the identity authentication is not passed is directly sent to the terminal device to inform the person to be authenticated that the identity authentication is not passed.
In this embodiment, the identity authentication result may be determined jointly by combining the face comparison result and the emotion analysis result, and the accuracy of the identity authentication result is enhanced with the emotion analysis result as an aid.
The emotion analysis method and the emotion analysis device can be used for analyzing emotion information of a person to be authenticated, and can be used for analyzing emotion information of the person to be authenticated. In one implementation, the label video includes label audio and video frames; the face sign audio is the audio collected by the person to be authenticated and the environment where the person is located in the process of video face sign;
the step 01 may include: and determining an emotion analysis result based on the face label audio frequency, the video frame and a preset emotion analysis algorithm.
In one implementation, the preset emotion analysis algorithm may include an analysis algorithm for video frames and an analysis algorithm for audio. Correspondingly, determining a first emotion analysis result by utilizing an analysis algorithm aiming at the video frame and the video frame; determining a second emotion analysis result by using an analysis algorithm for the audio and the face-tag audio; and determining a final emotion analysis result based on the first emotion analysis result and the second emotion analysis result. In one case, at least one result in the first emotion analysis result and the second emotion analysis result represents that a preset abnormal emotion occurs, and the final emotion analysis result is determined to be the preset abnormal emotion. The emotion analysis result is determined by combining the label audio and the video frame, so that the accuracy of the emotion analysis result can be improved to a certain extent, and the accuracy of the identity authentication result is further improved.
In another embodiment of the present specification, the detection result of the quality of the video tag itself may be used as an authentication angle for identity authentication. Before S240, the following step 02 may be further included:
step 02: detecting whether the picture jumping condition exists in the surface label video or not to obtain a first detection result;
the S240 includes: and determining an identity authentication result based on the face comparison result and the first detection result.
In the implementation mode, the server can detect whether the frame jumping exists in the face label video, namely, the continuity of the face label video is detected to obtain a first detection result, and then the identity authentication result is determined by combining the face comparison result and the first detection result. And the identity authentication result is determined jointly by combining the face comparison result and the first detection result.
In one implementation, the process of detecting whether there is a picture jump in the label video may be: calculating a similarity value between every two adjacent video frames in the tag video aiming at every two adjacent video frames; if the similarity value between two adjacent video frames is smaller than a preset similarity value, the two adjacent video frames are considered to be dissimilar; otherwise, if the similarity value between two adjacent video frames is not less than the preset similarity value, the two adjacent video frames are considered to be similar. And subsequently, if the dissimilar proportion of two adjacent frames of video frames in the surface label video exceeds a certain threshold value, determining that the surface label video has the condition of picture jump and discontinuity.
If the first detection result shows that the surface label video jumps, the quality of the surface label video can be considered to be in a problem, and the credibility of the surface label video is considered to be not high enough. If the first detection result shows that the facebook video does not jump and is smooth, the quality of the facebook video can be considered to be not problematic, and the credibility of the facebook video is considered to be relatively high.
Accordingly, in one implementation, the process of determining the identity authentication result may be: and if the first detection result shows that the face signature video does not jump and the face comparison result shows that the consistent proportion of the face in the multi-frame video frame and the face in the target certificate image is not lower than a preset proportion threshold value, and determining that the identity authentication result is passed. And if the first detection result shows that the face label video jumps and/or the face comparison result shows that the proportion of the face in the multi-frame video frame and the face in the target certificate image is consistent is less than a preset proportion threshold value, and determining that the identity authentication result is failed.
In another embodiment of the present specification, the detection result of the terminal device may be used as an authentication angle of the identity authentication. Correspondingly, before the step S240, the following steps 03-04 may be further included:
step 03: obtaining the current equipment characteristics of the terminal equipment;
step 04: determining whether the terminal equipment has a preset equipment abnormal condition or not based on the current equipment characteristics to obtain an equipment detection result;
the S240 includes: and determining an identity authentication result based on the face comparison result and the equipment detection result.
In the implementation mode, the server obtains the current equipment characteristics of the terminal equipment, determines whether the terminal equipment has the abnormal condition of the preset equipment or not based on the current equipment characteristics, and obtains the equipment detection result. The preset device abnormal condition may include, but is not limited to, the terminal device being used by multiple persons for identity authentication, and the terminal device being forged into another device. If the terminal equipment has the preset equipment abnormal condition, the possibility of carrying out malicious authentication can be determined.
Accordingly, in one implementation, the process of determining the identity authentication result may be: and if the equipment detection result shows that the terminal equipment does not have the abnormal condition of the preset equipment, and the face comparison result shows that the proportion of the face in the multi-frame video frame and the face in the target certificate image is not lower than the preset proportion threshold value, determining that the identity authentication result is passed. Otherwise, if the equipment detection result shows that the terminal equipment has a preset equipment abnormal condition, and/or the face comparison result shows that the proportion of the face in the multi-frame video frame and the face in the target certificate image is consistent is less than a preset proportion threshold value, determining that the identity authentication result is failed.
Among other things, current device characteristics may include, but are not limited to: the model, date of delivery, version number, serial number, mac (media Access control) address, International Mobile Equipment Identity IMEI (International Mobile Equipment Identity), MEID (Mobile Equipment Identity), and the like of the terminal device may identify the terminal device.
According to the embodiment, the identity authentication result can be determined together by combining the face comparison result and the equipment detection result, and the accuracy of the identity authentication result is enhanced by taking the equipment detection result as an assistant.
In an implementation manner, the present specification provides a manner of determining whether a preset device abnormal condition occurs in the terminal device, and correspondingly, the step 04 may include the following step 041-:
step 041: judging whether the terminal equipment records the video of the surface label aiming at the video surface label process of a plurality of people to obtain a first judgment result; and/or judging whether the current equipment characteristics are modified or not based on the corresponding relation between the pre-stored equipment platform identification and the equipment characteristics to obtain a second judgment result, wherein the equipment platform identification is determined by the server based on the equipment characteristics of the terminal equipment during the first login.
Step 042: and if at least one of the first judgment result and the second judgment result is yes, determining that the terminal equipment has a preset equipment abnormal condition.
After obtaining the current device characteristics of the terminal device, the server determines whether the terminal device records the video of the bookmark aiming at the video bookmark process of multiple persons, that is, compares the current device characteristics with the stored device characteristics, and determines whether the stored device characteristics have the same device characteristics as the current device characteristics. If the judgment result is yes and the number of times of occurrence of the current device feature exceeds a preset number threshold, a first judgment result shows that the terminal device records the video of the user in the video process of the plurality of users (namely, the first judgment result is yes); if the judgment result is that the video signature video exists, the number of times of the current device feature does not exceed the preset number threshold, or the judgment result is that the video signature video does not exist, the first judgment result shows that the terminal device does not record the video signature video for the video signature process of multiple people (namely the first judgment result is no).
The stored device characteristics comprise device characteristics of terminal devices which send the tag video to the server within a preset time period.
In another implementation manner, the server prestores a correspondence, i.e., a first correspondence, between the device platform identifier and the device feature, where the device platform identifier is determined by the server based on the device feature of the terminal device at the time of first login. The device characteristics in the first corresponding relationship are the device characteristics of the terminal device when logging in for the first time. And the server judges whether the current equipment characteristics are modified or not based on the first corresponding relation to obtain a second judgment result.
The process of obtaining the second determination result may specifically be: the server determines a current equipment platform identifier corresponding to the terminal equipment based on a specific platform identifier algorithm and the current equipment characteristics; and judging whether the first corresponding relation has the equipment platform identification which is the same as the current equipment platform identification. If the first corresponding relation has the equipment platform identification which is the same as the current equipment platform identification, continuously judging whether the equipment characteristics which are corresponding to the equipment platform identification which is the same as the current equipment platform identification are the same as the current equipment characteristics; if the judgment is different, determining that the second judgment result is that the current equipment characteristic is modified (namely the second judgment result is yes), and correspondingly determining that the terminal equipment has the preset equipment abnormal condition. Otherwise, if the device characteristic corresponding to the device platform identifier identical to the current device platform identifier is judged to be identical to the current device characteristic, it is determined that the current device characteristic is not modified (i.e., the second judgment result is no).
Considering that the user generally selects a relatively quiet environment for identity authentication, the environment of the video surface signing process can be used as an authentication angle of the identity authentication. In another embodiment of the present description, the video bookmark comprises an environment surround sub-video recorded for an environment surround presentation sub-process in a video bookmark process;
before S240, the following step 05 may be further included: determining whether the environment meets a preset environment condition or not based on the environment surrounding sub-video to obtain a first determination result;
accordingly, the S240 may include: and determining an identity authentication result based on the face comparison result and the first determination result.
In the implementation mode, in the video surface signing process of the person to be authenticated, the terminal equipment can indicate the person to be authenticated to display the environment where the person to be authenticated is located in a surrounding mode, so that the terminal equipment records the process of displaying the environment where the person to be authenticated is located in a surrounding mode to obtain the environment surrounding sub-video, and the environment surrounding sub-video forms a part of the surface signing video.
Subsequently, the server may determine whether the environment meets a preset environment condition based on the environment surrounding sub-video, so as to obtain a first determination result. And further determining an identity authentication result by combining the face comparison result and the first determination result. Among them, the preset environmental conditions may include, but are not limited to: the noise does not exceed a preset noise value, the number of the existing personnel does not exceed the preset number of the personnel, and the indoor environment is formed.
In one implementation, the process of determining the identity authentication result may include: and if the first determination result shows that the environment meets the preset environment condition and the face comparison result shows that the proportion of the face in the multi-frame video frame and the face in the target certificate image is not lower than a preset proportion threshold value, determining that the identity authentication result is passed. Otherwise, if the first determination result shows that the environment does not accord with the preset environment condition and/or the face comparison result shows that the proportion of the face in the multi-frame video frame consistent with the face in the target certificate image is less than the preset proportion threshold value, the identity authentication result is determined to be failed.
In this embodiment, the environment where the video surface signing process is located is used as an authentication angle for identity authentication, the identity authentication result can be determined jointly by combining the face comparison result and the first determination result, and the accuracy of the identity authentication result is enhanced by taking the first determination result as an aid.
In another embodiment of the present specification, the face comparison result may be used as a main component, and at least two of the emotion analysis result, the first detection result, the device detection result, and the first determination result may be used as an auxiliary component to determine the identity authentication result by combining the at least 3 detection results.
Accordingly, the authentication pass threshold may be set in advance. Taking the 5 detection results to jointly determine the identity authentication result as an example for explanation, if the detection results of which the number is not less than the authentication passing threshold value represent that no abnormality occurs in the 5 detection results, determining that the identity authentication result is passed; otherwise, if the 5 detection results are lower than the authentication passing threshold value and represent that no abnormity occurs, determining that the identity authentication result is failed.
For example, if the authentication passing threshold is 4, it is determined that the identity authentication result passes, it is first required that the face comparison result is represented without abnormality, and at least 3 detection results are represented without abnormality in the emotion analysis result, the first detection result, the device detection result, the first determination result, and the face comparison result. For example, the face comparison result, the emotion analysis result, the first detection result and the device detection result all represent that no abnormality occurs; for another example, the 4 detection results all represent that no abnormality occurs; for another example, the face comparison result, the emotion analysis result, the first detection result, the device detection result, and the first determination result, and none of the 5 detection results indicates that no abnormality occurs, and so on.
If the emotion analysis result shows that the preset abnormal emotion does not occur to the person to be authenticated, the emotion analysis result shows that the preset abnormal emotion does not occur to the person to be authenticated; if the first detection result shows that the picture jump does not exist in the surface label video, the surface label video is characterized in that no abnormity occurs; if the equipment detection result shows that the preset equipment abnormal condition does not occur in the terminal equipment, the equipment detection result shows that the preset equipment abnormal condition does not occur in the terminal equipment; if the first determination result shows that the environment meets the preset environment condition, the first determination result indicates that no abnormity occurs; and if the face comparison result shows that the proportion of the face in the multi-frame video frame and the face in the target certificate image is not lower than a preset proportion threshold, the representation is not abnormal.
By carrying out identity authentication on the personnel to be authenticated through the multiple authentication angles, the reliability of the identity authentication result can be enhanced. For example: under the condition that the person to be authenticated is a overseas person, due to the diversity of official certificates of overseas countries and the uncertainty of anti-counterfeiting modes, the problem that the authenticity of certificate images provided by overseas persons cannot be distinguished may occur, so that the credibility of authentication results obtained only based on target certificate images and face comparison results is limited. Aiming at the problem, the multiple authentication angles are utilized to carry out identity authentication on the person to be authenticated together, the identity authentication result is determined, the influence of the certificate image on the identity authentication result can be weakened to a certain extent, and the problem that the identity of overseas persons cannot be authenticated is avoided.
In addition, in consideration of user experience and convenience in the identity authentication process (subsequent operation of the person to be authenticated is not delayed), in the identity authentication process, after the identity authentication of the person to be authenticated is determined not to pass for the first time, secondary identity authentication can be continuously performed on the person to be authenticated, for example, secondary identity authentication is performed on the person to be authenticated in an interactive verification mode. Accordingly, in another embodiment of the present description, the method further comprises the following steps 11-13:
step 11: and under the condition that the identity authentication result is not passed, determining target risk release operation to be executed by the person to be authenticated.
Step 12: and sending indication information of the target risk release operation to the terminal equipment to prompt the person to be authenticated to execute corresponding operation based on the indication information.
Step 13: and if the operation content information corresponding to the target risk release operation is obtained within the preset effective time, determining a secondary authentication result based on the operation content information.
In one case, the identity authentication result is failed, it can be considered that the person to be authenticated has an identity authentication risk, and accordingly, the secondary identity authentication process can also be referred to as a risk release process. And under the condition that the identity authentication result is determined to be not passed, the server determines the target risk release operation to be executed by the personnel to be authenticated aiming at the personnel to be authenticated, and sends the indication information of the target risk release operation to the terminal equipment. The terminal equipment outputs the indication information to prompt the person to be authenticated to execute corresponding operation based on the indication information. And subsequently, if the server obtains the operation content information corresponding to the target risk release operation within the preset effective time, determining a secondary authentication result based on the operation content information. The method and the device limit the providing time of the operation content information by setting the preset effective time so as to ensure the efficiency of the identity authentication process.
In one case, the preset effective time may be set according to actual conditions, for example, 24 hours. The starting moment of the preset effective time is the moment when the person to be authenticated determines to execute the target risk release operation, or the moment when the terminal device outputs the indication information of the target risk release operation.
Wherein, the target risk releasing operation may include, but is not limited to: providing the operation of the specified type of identity verification material, the interactive question and answer operation, the manual authentication operation and the identity guarantee operation of other people. The questions corresponding to the interactive question-answering operation may include, but are not limited to: the identification portrait related problem corresponding to the person to be authenticated and the region and culture related to the person to be authenticated. The guarantor corresponding to the other-person identity guaranty operation is as follows: and the server determines the person as the person passing the identity authentication.
In an implementation manner of this specification, a determination manner of a target risk release operation to be performed by a person to be authenticated may be determined based on a manner autonomously selected by the person to be authenticated, or may be automatically determined based on a face comparison result. Accordingly, in one implementation, the step 11 may include the following step 111: and receiving the operation selected by the person to be authenticated from the preset risk release operation set from the terminal equipment, and taking the operation as the target risk release operation. In another implementation, the step 11 may include the following step 112: and determining target risk releasing operation from a preset risk releasing operation set based on the face comparison result.
In another implementation manner, if the emotion analysis result, the first detection result, the device detection result, the first determination result, and the face comparison result are combined, the identity authentication result is determined. A target risk release operation may be determined from a preset risk release operation set based on the emotion analysis result, the first detection result, the device detection result, the first determination result, and the face comparison result.
For convenience of description, the detection result may be referred to as an emotion analysis result, a first detection result, a device detection result, a first determination result, and a face comparison result. In one case, the server may be previously provided with an operation selection correspondence relationship including: the corresponding relation between a certain detection result and the risk release operation and the corresponding relation between a certain detection result set and the risk release operation. Wherein the selection correspondence may characterize: when a certain detection result is characterized to be abnormal, determining the risk release operation corresponding to the certain detection result as a target risk release operation; when all detection results in a certain detection result set are characterized to be abnormal, determining the risk release operation corresponding to the detection results as a target risk release operation. For example: if the operation selection corresponding relation comprises a corresponding relation between the detection result set 1 (emotion analysis result, first detection result, equipment detection result, first determination result and face comparison result) and the manual authentication operation, representing that all detection results in the detection result set 1 are abnormal, determining the manual authentication operation, and performing target risk release operation.
Wherein each risk release operation belongs to a set of risk release operations. Any two or more of the test results may form a test result set.
In another case, the server may set, as the second correspondence, a correspondence between the number of detection results representing the occurrence of the abnormality and the risk releasing operation. For example: and the second corresponding relation comprises a corresponding relation between 5 and the manual authentication operation, and the manual authentication operation is determined to be the target risk release operation under the condition that 5 detection result representations are abnormal.
In one implementation of the present description, where the target risk release operation comprises an operation that provides a specified type of identity verification material; the determining the secondary authentication result may include: and determining a secondary authentication result based on the specified type of identity authentication material uploaded by the terminal equipment. If the server detects that the specified type of identity verification material uploaded by the terminal equipment has no problem, the secondary authentication result can be determined to be passed; on the contrary, if the server detects that the specified type of identity verification material uploaded by the terminal equipment has a problem, the secondary authentication result can be determined to be failed.
In consideration of the problem that the types of the identification materials of the persons to be authenticated of different nationalities may be different, the server may store in advance the correspondence between the nationality and the type of the identification material, that is, the third correspondence. Accordingly, the specific type of the specified type of identity verification material may be determined based on the nationality of the person to be authenticated and the third correspondence. The nationality of the person to be authenticated can be determined from the target document image.
In another implementation manner of this specification, in a case that the target risk releasing operation includes an interactive question-answering operation, the determining a secondary authentication result may include:
and determining a secondary authentication result based on the question answer sent by the terminal equipment, wherein the question answer is input by the person to be authenticated aiming at the question provided for the terminal equipment.
And under the condition that the target risk release operation comprises interactive question-answering operation, the server sends the determined question to the terminal equipment, and the terminal equipment displays the question in sequence and prompts the person to be authenticated to input a corresponding question answer. And after detecting the question answers input by the personnel to be authenticated, the terminal equipment sends the question answers to the server. And the server determines a secondary authentication result based on the question answer sent by the terminal equipment. And if the answer to the question sent by the terminal equipment is detected to be correct, determining that the secondary authentication result is passed. And if the wrong answer is detected to exist in the question answer sent by the terminal equipment, determining that the secondary authentication result is not passed.
In another implementation manner of this specification, in a case where the target risk releasing operation is a manual authentication operation, the determining a secondary authentication result may include:
and determining a secondary authentication result based on the manual authentication result of the manual authentication operation. And under the condition that the target risk releasing operation is a manual authentication operation, establishing a manual authentication channel connection between the server and the terminal equipment so as to perform manual authentication on the person to be authenticated through the terminal equipment. Subsequently, the server obtains a manual authentication result of the manual authentication operation, and determines a secondary authentication result based on the manual authentication result. If the manual authentication result is passed, determining that the secondary authentication result is passed; otherwise, if the manual authentication result is failed, determining that the secondary authentication result is failed.
In one case, the server may record a video for the process of manual authentication of the person to be authenticated and store the video for subsequent query and inspection of the authentication result.
In another implementation manner of this specification, in a case where the target risk releasing operation includes another person identity guaranteeing operation, the determining a secondary authentication result may include:
and determining a secondary authentication result based on the identity guarantee information corresponding to the identity guarantee operation of the other people.
In a case where the target risk releasing operation includes another person identity guaranteeing operation, the server may send, to the terminal device, information for instructing the person to be authenticated to perform another person identity guaranteeing operation, where the information may include: the method and the system have the advantages that the limiting conditions of the guarantee personnel for identity guarantee of the personnel to be authenticated and the required specific guarantee information are provided, so that the personnel to be authenticated can seek the guarantee personnel meeting the limiting conditions for identity guarantee, the guarantee personnel can provide accurate guarantee information for the guarantee personnel, and time waste of the guarantee personnel is avoided.
Subsequently, the server obtains identity guarantee information corresponding to the identity guarantee operation of the other person, and detects validity of the identity guarantee information, for example: whether a guarantee person corresponding to the identity guarantee information meets a limited condition or not is detected, and whether the specific guarantee information is accurate or not and is not tampered. And if the identity guarantee information is valid, namely the guarantee personnel corresponding to the identity guarantee information meets the limiting condition, and the identity guarantee information is accurate and is not tampered, determining that the secondary authentication result is passed. And if the identity guarantee information is invalid, if any guarantee personnel corresponding to the identity guarantee information does not meet the limit condition, the identity guarantee information is tampered and/or the identity guarantee information is inaccurate, determining that the secondary authentication result is not passed.
In another embodiment of the present specification, the method further includes: and if the operation content information is not obtained within the preset effective time, determining that the secondary authentication result of the person to be authenticated is failed. If the server does not obtain the operation content information within the preset effective time, the server considers that the person to be authenticated gives up the chance of secondary identity authentication, and directly determines that the secondary authentication result of the person to be authenticated is failed. And subsequently, sending a secondary authentication result to the terminal equipment to prompt the person to be authenticated that the secondary authentication result is failed.
The following describes the above identity authentication process by a specific embodiment:
when detecting that the user executes a specific service or a specific operation based on the target application, the terminal device outputs an authentication selection interface prompting the user to perform identity authentication, where the authentication selection interface may include a face label mark indicating that the user performs video face labeling, and when detecting that the user triggers the face label mark, the terminal device determines that the user triggers a video face labeling process, that is, "the user selects video face labeling" as shown in fig. 3.
The terminal equipment records the surface signing video aiming at the surface signing process of the person to be authenticated by using the started camera to obtain the surface signing video, and sends the surface signing video and the target certificate image of the person to be authenticated to the server. In the video surface signing process, the terminal equipment outputs surface signing authentication operation information based on a preset surface signing process so as to prompt a person to be authenticated to execute corresponding surface signing authentication operation in the video surface signing process. As shown in fig. 3, the face-to-face authentication operation may include, but is not limited to: uploading certificate images, willingness declaration, risk liability assignment, environment surrounding and the like. Correspondingly, the label facing video at least comprises a video of the operation process of the label facing authentication operation of the person to be authenticated.
And the terminal equipment sends the recorded face-tag video and the obtained target certificate image to a server. And after receiving the face signing video and the target certificate image, the server determines the identity authentication result of the person to be authenticated based on the face signing video, the target certificate image and the current equipment characteristics of the terminal equipment. The concrete steps are respectively as follows: first, detecting whether the face in the target document image is modified, i.e., "document anomaly detection" shown in fig. 3; secondly, comparing the face in the target certificate image with the face in the multi-frame video frame in the face-to-face video under the condition that the face in the target certificate image is not modified, namely 'face comparison detection' shown in fig. 3; thirdly, determining an emotion analysis result, namely 'emotion detection' shown in fig. 3, based on the surface label audio and video frames in the surface label video and a preset emotion analysis algorithm; fourthly, detecting whether the frame jump exists in the label video, namely 'frame comparison detection' shown in fig. 3; fifthly, based on the current device characteristics, detecting whether the terminal device has a preset device abnormal condition, that is, "device detection" shown in fig. 3; sixthly, detecting whether the video surface label environment meets a preset environment condition or not based on the environment surrounding sub-video in the surface label video, namely 'environment surrounding detection' shown in fig. 3; and determining an identity authentication result based on the detection results obtained by the various detections. The current device characteristics can be that the terminal device sends the face label video and the target certificate image to the server at the same time.
In one implementation, when the face of a person in a target certificate image is detected to be modified, the person to be authenticated is directly determined not to pass authentication, and the authentication process is ended.
Subsequently, in one case, as shown in fig. 3, if the server determines that the identity authentication result is passed based on the detection result, that is, the person to be authenticated is deemed to pass the real-name authentication, the server directly sends the identity authentication result representing that the person to be authenticated passes the real-name authentication to the terminal device. In another case, as shown in fig. 3, if the server determines that the identity authentication result is not passed based on the detection result, it needs to perform secondary identity authentication on the person to be authenticated to determine the secondary authentication result, that is, as shown in fig. 3, performing interactive identity verification on the person to be authenticated, which may also be called performing risk release in the identity authentication process of the person to be authenticated. As shown in fig. 3, the server presets a risk release operation set for performing secondary identity authentication, where the risk release operation set includes risk release operations that may include, but are not limited to: providing the operation of the specified type of identity verification material, the interactive question and answer operation, the manual authentication operation and the identity guarantee operation of other people. The interactive question-answering operation can also comprise the question-answering operation of the relevant questions of the identity portrait and the question-answering operation of the relevant questions of regions, culture and the like.
In the process of secondary identity authentication, the server can automatically determine target risk release operation required to be executed by a person to be authenticated from a preset risk release operation set; or the person to be authenticated can autonomously select the target risk release operation which the person wants to execute from the risk release operation set.
Subsequently, if the server determines that the secondary authentication result is passed, the server confirms that the real-name authentication of the person to be authenticated is passed, and sends the secondary authentication result representing that the real-name authentication of the person to be authenticated is passed to the terminal equipment; and if the server determines that the secondary authentication result is not passed, the server determines that the real-name authentication of the person to be authenticated is not passed, and sends the secondary authentication result representing that the real-name authentication of the person to be authenticated is not passed to the terminal equipment.
The foregoing describes certain embodiments of the present specification, and other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily have to be in the particular order shown or in sequential order to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
In the embodiment of the specification, a video countersigning service is provided for a user (such as a foreign user) mainly through machine intelligence capability, and in the process of the video countersigning service, a user identity authentication result is determined by utilizing multi-dimensional characteristics, namely multi-authentication angles (such as dynamic human face comparison, emotion recognition and real-time abnormity judgment, wherein the real-time abnormity judgment comprises judgment of whether a video picture jumps or not and judgment of whether a terminal device has a preset device abnormity condition or not), so that the potential identity misuse risk of the user is identified. And, corresponding risk release operations (e.g., an operation of providing a specified type of identity verification material, an interactive question and answer operation, a manual authentication operation, and another person identity vouching operation) are provided to assist the user in completing the identity authentication. The user can adopt innovative self-service authentication service, and the authentication experience of the user, particularly a foreign user, is comprehensively improved.
Corresponding to the above method embodiment, the present specification further provides an identity authentication system, and as shown in fig. 4, the identity authentication system based on video surface signing includes a server 410 and a terminal device 420.
The terminal device 420 is configured to record a face-signing video for a video face-signing process of a person to be authenticated by using a started camera after receiving a video face-signing trigger instruction of the person to be authenticated, and send the face-signing video and a target certificate image of the person to be authenticated to the server 410;
the server 410 configured to receive the target credential image and the face-tag video; detecting whether the face in the target certificate image is modified; under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face signing video with the human face in the target certificate image respectively, and determining a human face comparison result; and determining the identity authentication result of the person to be authenticated based on the face comparison result.
In one implementation, the terminal device 420 can be one or more. Correspondingly, the server can receive the certificate image and the face-signing video sent by different terminal devices at the same time or at the same time, and the identity authentication process is executed by using the corresponding certificate image and the face-signing video aiming at the different terminal devices.
In another embodiment of the present specification, the terminal device 420 is further configured to output face-to-face authentication operation information based on a preset face-to-face process, where the face-to-face authentication operation information is used to: and prompting the person to be authenticated to execute corresponding face signing authentication operation in the video face signing process.
In another embodiment of the present specification, the label video at least includes: the method comprises the steps of appointing content information reading sub-video and environment surrounding sub-video, wherein the environment surrounding sub-video is recorded aiming at an environment surrounding display sub-process in the video surface signing process, and the appointed content information reading sub-video is recorded aiming at a process of reading appointed content information by the person to be authenticated in the video surface signing process. The specified content information may include preset will declaration content information and preset risk liability content information.
In another embodiment of this specification, the server 410 is further configured to, after obtaining the preset facebook flow request sent by the terminal device 420, send the preset facebook flow to the terminal device 420.
In another embodiment of the present specification, the server 410 is further configured to send the identity authentication result to the terminal device 420;
correspondingly, the terminal device 420 is further configured to output the identity authentication result for the person to be authenticated to view.
In another embodiment of the present specification, in the process of determining the identity authentication result of the person to be authenticated, the server 410 is specifically configured to determine that the identity authentication result is failed if the face comparison result shows that the ratio of the face in the multiple frames of video frames to the face in the target document image is not less than a preset ratio threshold.
In another embodiment of the present specification, the server 410 is further configured to determine an emotion analysis result based on the face-to-face video before the determining the identity authentication result of the person to be authenticated;
the server 410 is specifically configured to determine the identity authentication result based on the face comparison result and the emotion analysis result in the process of determining the identity authentication result of the person to be authenticated.
In another embodiment of the present description, the label video comprises label audio and video frames; the server 410, in the process of determining the emotion analysis result, is specifically configured to determine the emotion analysis result based on the face-to-face audio, the video frame, and a preset emotion analysis algorithm.
In another embodiment of the present specification, the server 410 is further configured to, before determining an identity authentication result of a person to be authenticated, detect whether a picture jump exists in the face-to-face label video, so as to obtain a first detection result;
the server 410 is specifically configured to determine the identity authentication result based on the face comparison result and the first detection result in the process of determining the identity authentication result of the person to be authenticated.
In another embodiment of the present specification, the server 410 is further configured to obtain a current device characteristic of the terminal device before the determining the identity authentication result of the person to be authenticated; determining whether the terminal equipment has a preset equipment abnormal condition or not based on the current equipment characteristics to obtain an equipment detection result;
the server 410 is specifically configured to determine the identity authentication result based on the face comparison result and the device detection result in the process of determining the identity authentication result of the person to be authenticated.
In another embodiment of the present specification, in the process of determining whether the terminal device has a preset device abnormal condition, the server 410 is specifically configured to determine whether the terminal device records a bookmark video for a video bookmark process of multiple persons, so as to obtain a first determination result; and/or judging whether the current equipment characteristic is modified or not based on the corresponding relation between the pre-stored equipment platform identification and the equipment characteristic to obtain a second judgment result, wherein the equipment platform identification is determined by the server based on the equipment characteristic when the terminal equipment logs in for the first time; and if at least one of the first judgment result and the second judgment result is yes, determining that the terminal equipment has a preset equipment abnormal condition.
In another embodiment of the present specification, the video countersignature comprises an environment surround sub-video, which is recorded for an environment surround presentation sub-process in the video countersignature process;
the server 410 is further configured to determine whether the environment meets a preset environment condition based on the environment surrounding sub-video before the identity authentication result of the person to be authenticated is determined, so as to obtain a first determination result;
the server 410 is specifically configured to determine the identity authentication result based on the face comparison result and the first determination result in the process of determining the identity authentication result of the person to be authenticated.
In another embodiment of the present specification, the server 410 is further configured to determine a target risk releasing operation to be performed by the person to be authenticated, if the identity authentication result is not passed;
sending indication information of the target risk release operation to the terminal equipment to prompt the person to be authenticated to execute corresponding operation based on the indication information;
and if the operation content information corresponding to the target risk release operation is obtained within the preset effective time, determining a secondary authentication result based on the operation content information.
In another embodiment of the present specification, the server 410 is specifically configured to receive, from the terminal device, an operation selected by the to-be-authenticated person from a preset risk release operation set as the target risk release operation in the process of determining the target risk release operation corresponding to the to-be-authenticated person; or; and determining the target risk releasing operation from a preset risk releasing operation set based on the face comparison result.
In another embodiment of the present specification, in a case that the target risk releasing operation includes an operation of providing a specified type of identity verification material, the server 410 is specifically configured to determine the secondary authentication result based on the specified type of identity verification material uploaded by the terminal device in the process of determining the secondary authentication result;
in a case that the target risk releasing operation includes an interactive question-answering operation, the server 410 is specifically configured to determine the secondary authentication result based on a question answer sent by the terminal device in the process of determining the secondary authentication result, where the question answer is input by the person to be authenticated for a question provided to the terminal device;
in a case where the target risk releasing operation is a manual authentication operation, the server 410 is specifically configured to determine the secondary authentication result based on a manual authentication result of the manual authentication operation in the process of determining the secondary authentication result;
in a case that the target risk releasing operation includes another person identity guaranteeing operation, the server 410 is specifically configured to determine a secondary authentication result based on identity guaranteeing information corresponding to the another person identity guaranteeing operation in the process of determining the secondary authentication result.
In another embodiment of the present specification, the server 410 is further configured to determine that the result of the secondary authentication of the person to be authenticated is failed if the operation content information is not obtained within the preset valid time.
Corresponding to the above method embodiment, the present specification provides an identity authentication apparatus 500, a schematic block diagram of which is shown in fig. 5, and includes:
the receiving module 510 is configured to receive a target certificate image of a person to be authenticated sent by a terminal device and acquire a face-signing video recorded in a video face-signing process for the person to be authenticated;
a first detection module 520 configured to detect whether a face in the target document image is modified;
a comparison determining module 530, configured to, in a case that it is determined that the face in the target certificate image is not modified, compare the face in the multiple frames of video frames in the face-signing video with the face in the target certificate image, respectively, and determine a face comparison result;
a first determining module 540, configured to determine an identity authentication result of the person to be authenticated based on at least the face comparison result.
In an implementation manner, the first determining module 540 is specifically configured to determine that the identity authentication result is failed if the face comparison result shows that the ratio of the face in the multiple frames of video frames to the face in the target document image is not less than a preset ratio threshold.
In one implementation, the method further comprises: a second determination module (not shown in the figure) configured to determine an emotion analysis result based on the face-signing video before determining an identity authentication result of the person to be authenticated;
the first determining module 540 is specifically configured to determine the identity authentication result based on the face comparison result and the emotion analysis result.
In one implementation, the label video includes label audio and video frames;
the second determining module is specifically configured to determine the emotion analysis result based on the face-tag audio, the video frame and a preset emotion analysis algorithm.
In one implementation, the method further comprises: a second detection module (not shown in the figure), configured to detect whether the face-to-face signature video has a picture jump or not before determining the identity authentication result of the person to be authenticated, so as to obtain a first detection result;
the first determining module 540 is specifically configured to determine the identity authentication result based on the face comparison result and the first detection result.
In one implementation, the method further comprises: a first obtaining module (not shown in the figure) configured to obtain a current device characteristic of the terminal device before the identity authentication result of the person to be authenticated is determined;
a third determining module (not shown in the figure), configured to determine whether a preset device abnormal condition occurs in the terminal device based on the current device characteristic, so as to obtain a device detection result;
the first determining module 540 is specifically configured to determine the identity authentication result based on the face comparison result and the device detection result.
In an implementation manner, the third determining module is specifically configured to determine whether the terminal device records a video of a plurality of persons in a video tagging process, so as to obtain a first determination result; and/or judging whether the current equipment characteristic is modified or not based on the corresponding relation between the pre-stored equipment platform identification and the equipment characteristic to obtain a second judgment result, wherein the equipment platform identification is determined by the server based on the equipment characteristic when the terminal equipment logs in for the first time;
and if at least one of the first judgment result and the second judgment result is yes, determining that the terminal equipment has a preset equipment abnormal condition.
In one implementation, the video countersignature video includes an environment surround sub-video, and the environment surround sub-video is recorded for an environment surround presentation sub-process in the video countersignature process;
the device further comprises: a fourth determining module (not shown in the figure), configured to determine, before the determination of the identity authentication result of the person to be authenticated, whether the environment meets a preset environment condition based on the environment surrounding sub-video, so as to obtain a first determination result;
the first determining module 540 is specifically configured to determine the identity authentication result based on the face comparison result and the first determining result.
In one implementation, the apparatus further comprises: a fifth determining module (not shown in the figure), configured to determine a target risk releasing operation that needs to be performed by the person to be authenticated when the identity authentication result is not passed;
a sending module (not shown in the figure) configured to send indication information of the target risk releasing operation to the terminal device to prompt the person to be authenticated to execute a corresponding operation based on the indication information;
a sixth determining module (not shown in the figure), configured to obtain operation content information corresponding to the target risk releasing operation if the operation content information is within a preset valid time, and determine a secondary authentication result based on the operation content information.
In an implementation manner, the fifth determining module is specifically configured to receive, from the terminal device, an operation selected by the person to be authenticated from a preset risk release operation set, and use the operation as the target risk release operation; or;
and determining the target risk releasing operation from a preset risk releasing operation set based on the face comparison result.
In one implementation, where the targeted risk release operation comprises an operation that provides a specified type of identity verification material; the sixth determining module is specifically configured to determine the secondary authentication result based on the specified type of identity verification material uploaded by the terminal device;
in a case where the target risk releasing operation includes an interactive question-answering operation, the sixth determining module is specifically configured to
Determining the secondary authentication result based on a question answer sent by the terminal equipment, wherein the question answer is input by the person to be authenticated for a question provided for the terminal equipment;
in a case where the target risk releasing operation is a manual authentication operation, the obtaining determining module is specifically configured to determine the secondary authentication result based on a manual authentication result of the manual authentication operation;
and when the target risk releasing operation comprises another person identity guaranteeing operation, the sixth determining module is specifically configured to determine a secondary authentication result based on identity guaranteeing information corresponding to the another person identity guaranteeing operation.
In one implementation, the apparatus further comprises: a seventh determining module (not shown in the figure), configured to determine that the secondary authentication result of the person to be authenticated is failed if the operation content information is not obtained within the preset valid time.
The system and apparatus embodiments correspond to the method embodiments, and specific descriptions may refer to descriptions of the method embodiments, which are not repeated herein. The system and apparatus embodiments are obtained based on corresponding method embodiments, and have the same technical effects as the corresponding method embodiments, and specific descriptions can be found in the corresponding method embodiments.
Embodiments of the present specification also provide a computer-readable storage medium on which a computer program is stored, which, when executed in a computer, causes the computer to execute the identity authentication method provided in the present specification.
The embodiment of the present specification further provides a computing device, which includes a memory and a processor, where the memory stores executable codes, and the processor executes the executable codes to implement the identity authentication method provided in the present specification.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the storage medium and the computing device embodiments, since they are substantially similar to the method embodiments, they are described relatively simply, and reference may be made to some descriptions of the method embodiments for relevant points.
Those skilled in the art will recognize that, in one or more of the examples described above, the functions described in connection with the embodiments of the invention may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium.
The above-mentioned embodiments further describe the objects, technical solutions and advantages of the embodiments of the present invention in detail. It should be understood that the above description is only exemplary of the embodiments of the present invention, and is not intended to limit the scope of the present invention, and any modification, equivalent replacement, or improvement made on the basis of the technical solutions of the present invention should be included in the scope of the present invention.
Claims (18)
1. An identity authentication method is applied to a server, wherein the method comprises the following steps:
receiving a target certificate image of a person to be authenticated sent by terminal equipment and acquiring a face signing video recorded in a video face signing process aiming at the person to be authenticated;
detecting whether the face in the target certificate image is modified;
under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face signing video with the human face in the target certificate image respectively, and determining a human face comparison result;
and determining the identity authentication result of the person to be authenticated at least based on the face comparison result.
2. The method of claim 1, wherein the determining the identity authentication result of the person to be authenticated comprises:
and if the face comparison result shows that the proportion of the face in the multi-frame video frame to the face in the target certificate image is consistent is less than a preset proportion threshold value, determining that the identity authentication result is failed.
3. The method of claim 1, further comprising, prior to the determining the authentication result of the person to be authenticated:
determining an emotion analysis result based on the face label video;
the determining of the identity authentication result of the person to be authenticated includes:
and determining the identity authentication result based on the face comparison result and the emotion analysis result.
4. The method of claim 3, wherein the label video comprises label audio and video frames;
the determining of the emotion analysis result comprises:
and determining the emotion analysis result based on the face label audio, the video frame and a preset emotion analysis algorithm.
5. The method of claim 1, further comprising, prior to the determining the authentication result of the person to be authenticated:
detecting whether the picture jumping condition exists in the surface label video or not to obtain a first detection result;
the determining of the identity authentication result of the person to be authenticated includes:
and determining the identity authentication result based on the face comparison result and the first detection result.
6. The method of claim 1, further comprising, prior to the determining the authentication result of the person to be authenticated:
obtaining the current equipment characteristics of the terminal equipment;
determining whether the terminal equipment has a preset equipment abnormal condition or not based on the current equipment characteristics to obtain an equipment detection result;
the determining of the identity authentication result of the person to be authenticated includes:
and determining the identity authentication result based on the face comparison result and the equipment detection result.
7. The method of claim 6, wherein the determining whether the terminal device has a preset device abnormal condition comprises:
judging whether the terminal equipment records the video of the surface label aiming at the video surface label process of a plurality of people to obtain a first judgment result; and/or
Judging whether the current equipment characteristic is modified or not based on the corresponding relation between the pre-stored equipment platform identification and the equipment characteristic to obtain a second judgment result, wherein the equipment platform identification is determined by the server based on the equipment characteristic of the terminal equipment during the first login;
and if at least one of the first judgment result and the second judgment result is yes, determining that the terminal equipment has a preset equipment abnormal condition.
8. The method of claim 1, the video countersignature comprising an environmental surround sub-video recorded for an environmental surround presentation sub-process in the video countersignature process;
before the identity authentication result of the person to be authenticated is determined, the method further comprises the following steps:
determining whether the environment meets a preset environment condition or not based on the environment surrounding sub-video to obtain a first determination result;
the determining of the identity authentication result of the person to be authenticated comprises:
and determining the identity authentication result based on the face comparison result and the first determination result.
9. The method of any of claims 1-8, further comprising:
determining target risk release operation to be executed by the person to be authenticated under the condition that the identity authentication result is failed;
sending indication information of the target risk release operation to the terminal equipment to prompt the person to be authenticated to execute corresponding operation based on the indication information;
and if the operation content information corresponding to the target risk release operation is obtained within the preset effective time, determining a secondary authentication result based on the operation content information.
10. The method of claim 9, wherein the determining a target risk release operation corresponding to the person to be authenticated comprises:
receiving an operation selected by the person to be authenticated from a preset risk release operation set from the terminal equipment, and taking the operation as the target risk release operation; or;
and determining the target risk releasing operation from a preset risk releasing operation set based on the face comparison result.
11. The method of claim 10, wherein in the event that the target risk release operation comprises an operation that provides a specified type of identity-confirming material; the determining of the secondary authentication result comprises:
determining the secondary authentication result based on the specified type of identity authentication material uploaded by the terminal equipment;
in a case where the target risk releasing operation includes an interactive question-answering operation, the determining a secondary authentication result includes:
determining the secondary authentication result based on a question answer sent by the terminal equipment, wherein the question answer is input by the person to be authenticated for a question provided for the terminal equipment;
in a case where the target risk releasing operation is a manual authentication operation, the determining a secondary authentication result includes:
determining the secondary authentication result based on a manual authentication result of the manual authentication operation;
in a case that the target risk releasing operation includes another person identity guaranteeing operation, the determining a secondary authentication result includes:
and determining a secondary authentication result based on the identity guarantee information corresponding to the identity guarantee operation of the other person.
12. The method of claim 9, further comprising:
and if the operation content information is not obtained within the preset effective time, determining that the secondary authentication result of the person to be authenticated is failed.
13. An identity authentication system comprises a server and a terminal device,
the terminal equipment is configured to record a face signing video aiming at the video face signing process of a person to be authenticated by using a started camera after receiving a video face signing trigger instruction of the person to be authenticated, and send the face signing video and a target certificate image of the person to be authenticated to the server;
the server is configured to receive the target certificate image and the face label video; detecting whether the face in the target certificate image is modified; under the condition that the human face in the target certificate image is not modified, comparing the human face in the multi-frame video frame in the face signing video with the human face in the target certificate image respectively, and determining a human face comparison result; and determining the identity authentication result of the person to be authenticated based on the face comparison result.
14. The system of claim 13, wherein the terminal device is further configured to output face-to-face authentication operation information based on a preset face-to-face process, the face-to-face authentication operation information being used for: and prompting the person to be authenticated to execute corresponding face signing authentication operation in the video face signing process.
15. The system of claim 13, wherein the face-up video includes at least: the method comprises the steps of appointing content information reading sub-video and environment surrounding sub-video, wherein the environment surrounding sub-video is recorded aiming at an environment surrounding display sub-process in the video surface signing process, and the appointed content information reading sub-video is recorded aiming at a process of reading appointed content information by the person to be authenticated in the video surface signing process.
16. The system according to claim 14, wherein the server is further configured to issue the preset facebook procedure to the terminal device after obtaining a preset facebook procedure request sent by the terminal device.
17. An identity authentication device applied to a server, wherein the device comprises:
the receiving module is configured to receive a target certificate image of a person to be authenticated sent by the terminal equipment and acquire a face-signing video recorded in a video face-signing process aiming at the person to be authenticated;
the first detection module is configured to detect whether the face in the target certificate image is modified;
the comparison determination module is configured to compare the human faces in the multiple frames of video frames in the face signing video with the human faces in the target certificate image respectively under the condition that the human faces in the target certificate image are determined to be unmodified, and determine a human face comparison result;
and the first determining module is configured to determine the identity authentication result of the person to be authenticated at least based on the face comparison result.
18. A computing device comprising a memory and a processor, wherein the memory has stored therein executable code that when executed by the processor implements the method of any of claims 1-12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111309773.4A CN114090989A (en) | 2021-11-03 | 2021-11-03 | Identity authentication method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111309773.4A CN114090989A (en) | 2021-11-03 | 2021-11-03 | Identity authentication method, system and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114090989A true CN114090989A (en) | 2022-02-25 |
Family
ID=80299120
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111309773.4A Pending CN114090989A (en) | 2021-11-03 | 2021-11-03 | Identity authentication method, system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114090989A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114677634A (en) * | 2022-05-30 | 2022-06-28 | 成都新希望金融信息有限公司 | Surface label identification method and device, electronic equipment and storage medium |
| CN114743254A (en) * | 2022-06-13 | 2022-07-12 | 泽景(西安)汽车电子有限责任公司 | Face authentication method and device, terminal equipment and storage medium |
| CN115189911A (en) * | 2022-05-30 | 2022-10-14 | 平安科技(深圳)有限公司 | Generation method, device and equipment of surface label file and storage medium |
| CN115271766A (en) * | 2022-09-20 | 2022-11-01 | 湖南三湘银行股份有限公司 | Mortgage surface sign on-line processing method and system based on remote video |
-
2021
- 2021-11-03 CN CN202111309773.4A patent/CN114090989A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114677634A (en) * | 2022-05-30 | 2022-06-28 | 成都新希望金融信息有限公司 | Surface label identification method and device, electronic equipment and storage medium |
| CN114677634B (en) * | 2022-05-30 | 2022-09-27 | 成都新希望金融信息有限公司 | Surface label identification method and device, electronic equipment and storage medium |
| CN115189911A (en) * | 2022-05-30 | 2022-10-14 | 平安科技(深圳)有限公司 | Generation method, device and equipment of surface label file and storage medium |
| CN114743254A (en) * | 2022-06-13 | 2022-07-12 | 泽景(西安)汽车电子有限责任公司 | Face authentication method and device, terminal equipment and storage medium |
| CN115271766A (en) * | 2022-09-20 | 2022-11-01 | 湖南三湘银行股份有限公司 | Mortgage surface sign on-line processing method and system based on remote video |
| CN115271766B (en) * | 2022-09-20 | 2023-01-10 | 湖南三湘银行股份有限公司 | Mortgage surface sign on-line processing method and system based on remote video |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114090989A (en) | Identity authentication method, system and device | |
| US20210152550A1 (en) | Machine learning for document authentication | |
| US20200211121A1 (en) | Credit-based claim settlement implementing method and device | |
| US10796136B2 (en) | Secondary source authentication of facial biometric | |
| US20190147155A1 (en) | Method of remotely identifying a physical person in asynchronous mode, aimed at the release of an advanced electronic signature, qualified electronic signature or digital identity | |
| CN112788269B (en) | Video processing method, device, server and storage medium | |
| KR20180050968A (en) | on-line test management method | |
| US11521208B2 (en) | System and method for authenticating transactions from a mobile device | |
| CN111160928A (en) | Identity verification method and device | |
| CN113034110A (en) | Service processing method, system, medium and electronic device based on video audit | |
| CN111008925A (en) | Certificate watermark verification method, device, equipment and storage medium | |
| US11948365B2 (en) | Frictionless authentication and monitoring | |
| CN115906028A (en) | User identity verification method and device and self-service terminal | |
| CN113792279A (en) | Identity authentication method, device, system, equipment and storage medium | |
| CN115373868A (en) | Intelligent data processing system and method | |
| CN108305159A (en) | One kind doing tax system and one kind doing tax method | |
| CN112949363A (en) | Face living body identification method and device | |
| US20230281407A1 (en) | Crowd-sourced fake identification reporting | |
| CN112836732B (en) | Verification method and device for data annotation, electronic equipment and storage medium | |
| CN116664081B (en) | Case data fixed certificate processing method, device and equipment based on quick-handling identification | |
| WO2022219698A1 (en) | Confirmation support device, confirmation support method, and non-transitory computer-readable medium having program stored therein | |
| CN117808299A (en) | Service handling method, device, equipment and medium | |
| CN116167769A (en) | Information verification method, apparatus, device, storage medium, and computer program product | |
| EP2958042A1 (en) | Method for authenticating a user, associated system and computer program | |
| CN112215183A (en) | Bank customer identification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |