CN114466353A - App user ID information protection device and method, electronic equipment and storage medium - Google Patents

App user ID information protection device and method, electronic equipment and storage medium Download PDF

Info

Publication number
CN114466353A
CN114466353A CN202210120831.7A CN202210120831A CN114466353A CN 114466353 A CN114466353 A CN 114466353A CN 202210120831 A CN202210120831 A CN 202210120831A CN 114466353 A CN114466353 A CN 114466353A
Authority
CN
China
Prior art keywords
app
user
information
protection
operator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210120831.7A
Other languages
Chinese (zh)
Inventor
严俊杰
吴鸿斌
徐静
张恺
韩宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Best Tone Information Service Corp Ltd
Original Assignee
Best Tone Information Service Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Best Tone Information Service Corp Ltd filed Critical Best Tone Information Service Corp Ltd
Priority to CN202210120831.7A priority Critical patent/CN114466353A/en
Publication of CN114466353A publication Critical patent/CN114466353A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/37Managing security policies for mobile devices or for controlling mobile applications

Abstract

The invention relates to a device and a method for protecting mobile App user ID information, electronic equipment and a storage medium, wherein the device for protecting the mobile App user ID information comprises: the method comprises the steps that an operator account protection SKD is embedded into an App of a user terminal, the operator account protection SKD has gateway number taking capacity and ID protection capacity, and user ID information and App side verification information are generated after the operator account protection SKD is encrypted and are sent to an operator account registration server; the operator account registration server is located on an operator side, receives user ID information and App side verification information which are transmitted by an operator account protection SKD of a user terminal through a network, has verification capability and algorithm encryption capability, generates App side user ID information and verification information after verification and encryption and transmits the App side user ID information and the verification information to an App side node of an App server. According to the invention, safe App registration and account privacy protection can be provided for the user.

Description

App user ID information protection device and method, electronic equipment and storage medium
Technical Field
The invention relates to the field of mobile communication, in particular to a device and a method for protecting ID information of a mobile App user, electronic equipment and a storage medium.
Background
In the process of using a mobile App (application program) and browsing mobile internet, a mobile terminal user often needs a client to input a mobile phone number and a certificate number for registration. When the registration is carried out, firstly, the user information is stored in a plaintext by a third party App, so that the safety problem of personal information is caused; secondly, personal information of the client is possibly illegally resold by an App operator, so that losses in reputation and property are brought to the mobile user; further, some malicious phishing apps are similar to normal App interfaces, and when a client does not know to log in on the phishing App, serious safety problems can be caused.
Currently, user information protection schemes exist, but the following common weaknesses exist:
1. the client is required to enter information himself and the plaintext of the entry may still be intercepted.
2. The method is not based on the network side capability of an operator, but based on the capability of an App manufacturer, main information is exchanged and transmitted in a non-blockchain Internet environment, and the App manufacturer has centralized domination and has the possibility of deciphering and illegally using user information.
3. Due to the non-uniqueness of the ID (account number), confusion is caused to the user management of the App manufacturer.
4. The safety problem caused by the fact that fishing apps and counterfeit apps attract clients to log in cannot be prevented.
5. Some identity authentication system schemes based on block chains can only solve information storage and tamper resistance of a decentralized account book, and original identity information cannot be authenticated and protected by combining with an authoritative data source (such as an operator).
Disclosure of Invention
The technical problem to be solved by the invention is to provide a safe App registration and privacy protection mode for a user by utilizing the network capacity of gateway number fetching of a mobile phone network operator (the mobile phone network operator, such as China telecom, China Mobile, China Unicom, and the like) and combining the computing capacity of a user terminal as a block chain node, and the invention can prevent the user account from being stolen.
In order to solve the technical problem, according to an aspect of the present invention, there is provided an apparatus for protecting App user ID information, including: an operator account protection SKD (Software Development Kit), wherein the operator account protection SKD is embedded into an App of a user terminal, the operator account protection SKD has gateway number taking capability and ID protection capability, the ID protection capability is realized by encrypting a user operator ID obtained by gateway number taking through a user data encryption method, the operator account protection SKD generates user ID encryption information and App side verification information after being encrypted, and the operator account protection SKD can send the user ID information, the encryption information and the App side verification information to an operator account registration server; the operator account registration server is positioned at an operator side and used for managing an App and an App account node server, the operator account registration server receives user ID information, encrypted information and App side check information which are transmitted by an operator account protection SKD of a user terminal through a network, the operator account registration server has a checking capability and an algorithm encryption capability, the checking capability is used for checking whether the App of the user terminal and the operator account protection SKD are authenticated and are not forged, the algorithm encryption capability is realized by encrypting the received user ID information through a user data encryption method, the operator account registration server generates user ID encryption information and App side check information at the App service side after checking and encryption and transmits the user ID encryption information and the App side check information to the App side node of the APP service provider, the user ID information, the encryption information and the verification information are recorded and synchronized at three end nodes of an operator side, a user terminal side and an App server side in a mode of protecting a block chain account book formed by an SKD and an operator account registration server through an operator account, so that tampering is prevented, and an alliance block chain protection mechanism is formed.
According to the embodiment of the invention, the user data encryption method can be used for encrypting a national cryptogram (the national cryptogram is an algorithm of a standard defined by the national cryptogram authority) or an Elliptic curve algorithm (ECC). The specific encryption algorithm is not so limited.
According to the embodiment of the invention, the operator account protection SKD can also be provided with an information confirmation interface, and the information confirmation interface is used for popping up information such as a local ID number to be confirmed by a user and whether the registration of the local ID number is authorized to be used in the App registration or use link. For alerting and for confirmation by the user.
According to a second aspect of the invention, a method for protecting App user ID information is provided, which is implemented based on that a user terminal App is preloaded with an operator account protection SDK and an operator terminal has an operator account registration server, wherein the operator account protection SKD has gateway number fetching capability and ID protection capability, the operator account registration server is located on the operator side and is used for managing an App and a node server of the App account, and the operator account registration server has verification capability and algorithm encryption capability. The method comprises the following steps: the ID protection capability of the operator account protection SKD encrypts a user operator ID obtained by gateway number taking through a user data encryption method to generate user ID information, encryption information and App side verification information, and the operator account protection SKD sends the user ID information, the encryption information and the App side verification information to an operator account registration server; the operator account registration server receives user ID information, encrypted information and App side check information which are transmitted by an operator account protection SKD of a user terminal through a network, checks whether the App of the user terminal and the operator account protection SKD are authenticated and not forged through checking capability, encrypts the received user ID information through a user data encryption method through algorithm encryption capability, generates user ID encrypted information and App side check information of an App service provider side after the operator account registration server checks and encrypts, and transmits the user ID encrypted information and the App side check information to an App side node of the App service provider, wherein the user ID information, the encrypted information and the check information are recorded and synchronized at a three-terminal node of an operator side, the user terminal side and the App service provider side through a block chain account book mode formed by the operator account protection SKD and the operator account registration server, and the block chain protection mechanism is formed by preventing tampering.
According to an embodiment of the present invention, the user data encryption method is a national encryption algorithm or an elliptic curve algorithm. The specific encryption algorithm is not so limited.
According to the embodiment of the invention, the method for protecting the ID information of the App user can comprise the following steps of registering the App user: s11, the user initiates registration through the App embedded with the operator account protection SDK in the user terminal; s12, the App at the user terminal side acquires the registration request, and the App software side invokes an operator account protection SDK; s13, popping up a user information confirmation interface by a user operator ID obtained by the operator account protection SDK through gateway number fetching, wherein the user does not need to manually input a mobile phone number, the interface can confirm information, after the user confirms, the operator account protection SDK encrypts the user operator ID obtained by the gateway number fetching through a user data encryption method to generate user ID encryption information and App side verification information, and an operator account protection SKD sends the user ID information, the encryption information and the App side verification information to an operator account registration server; s14, the operator account registration server receives user ID information, encrypted information and App side check information which are transmitted by an operator account protection SKD of a user terminal through a network, checks whether the App of the user terminal and the operator account protection SKD are authenticated and are not forged through a check capacity, encrypts the received user ID information through a user data encryption method through an algorithm encryption capacity, generates user ID encrypted information and App side check information of an App service provider side after the check and encryption of the operator account registration server, and transmits the user ID encrypted information and the App side check information to an App side node of the App service provider; s15, the App side node of the App service provider receives the user ID encryption information and the App side verification information for subsequent login and verification.
According to the embodiment of the invention, the method for protecting the ID information of the App user can comprise the steps of logging in by the APP user, wherein the logging-in steps are as follows: s21, the user initiates login through the App embedded with the operator account protection SDK in the user terminal; s22, the App at the user terminal side acquires the login request, and the App software side invokes an operator account number protection SDK; s23, the operator account protection SDK obtains the user operator ID through gateway number fetching, compares whether the login ID of the current user is consistent with the previous time or not and whether the login ID is abnormal or not through verification information, and sends the user ID information, the App side verification information and the login verification request to the operator account registration server; s24, the operator account registration server receives user ID information and App side check information which are transmitted by an operator account protection SKD of the user terminal through a network, checks whether the App of the user terminal and the operator account protection SKD are authenticated and are not forged through the check capacity, and transmits the App side user ID and the check information to an App side node of an APP server; s25, after receiving the user ID and the verification information of the App side by the App side node of the App service provider, comparing the verification information with the verification information provided by the operator account protection SKD of the user terminal through an algorithm to verify that no problem exists, and then performing login passing, wherein the App user of the user terminal performs subsequent operation in a login state.
According to a third aspect of the present invention, there is provided an electronic apparatus comprising: the device comprises a memory, a processor and an App user ID information protection program which is stored on the memory and can run on the processor, wherein the steps of the App user ID information protection method are realized when the App user ID information protection program is executed by the processor.
According to a fourth aspect of the present invention, a computer storage medium is provided, wherein an App user ID information protection program is stored on the computer storage medium, and when being executed by a processor, the App user ID information protection program implements the steps of the App user ID information protection method described above.
Compared with the prior art, the technical scheme provided by the embodiment of the invention can at least realize the following beneficial effects:
according to the scheme, the network number taking capability of an operator is utilized, a client does not need to input a plaintext, and sensitive IDs such as a mobile phone number of the user cannot be seen by the App. The method provides safe App registration and account privacy protection for the user, and also provides a user ID registration and use interactive interface with good compliance for an App operator.
This scheme can prevent to angle fish the imitative login interface of App: the phishing App cannot obtain the official gateway number-taking capability, cannot pop up a one-key login and account protection interface, and is easy to identify by a terminal user.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings of the embodiments will be briefly described below, and it is apparent that the drawings in the following description only relate to some embodiments of the present invention and are not limiting on the present invention.
Fig. 1 is a three-terminal diagram showing an App user ID information protection device according to an embodiment of the present invention.
Fig. 2 is a signaling flowchart illustrating an App user ID information protection method according to an embodiment of the present invention.
Fig. 3 is a registration flowchart illustrating an App user ID information protection method according to an embodiment of the present invention.
Fig. 4 is a login flowchart illustrating an App user ID information protection method according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the drawings of the embodiments of the present invention. It is to be understood that the embodiments described are only a few embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the described embodiments of the invention without any inventive step, are within the scope of protection of the invention.
Unless defined otherwise, technical or scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The use of "first," "second," and similar terms in the description and claims of the present application do not denote any order, quantity, or importance, but rather the terms are used to distinguish one element from another. Also, the use of the terms "a" or "an" and the like do not denote a limitation of quantity, but rather denote the presence of at least one.
Fig. 1 is a three-terminal diagram showing an App user ID information protection device according to an embodiment of the present invention.
As shown in fig. 1, the device for protecting App user ID information includes: and protecting the SKD by the operator account and registering the server by the operator account.
The operator account protection SKD is embedded into an App of a user terminal, the operator account protection SKD has gateway number taking capacity and ID protection capacity, the ID protection capacity is realized by encrypting a user operator ID obtained by gateway number taking through a user data encryption method, user ID encryption information and App side verification information are generated after the operator account protection SKD is encrypted, and the operator account protection SKD can send the user ID information, the encryption information and the App side verification information to an operator account registration server.
The operator account registration server is positioned on an operator side and used for managing an App and an App account node server, the operator account registration server receives user ID information, encrypted information and App side check information which are transmitted by an operator account protection SKD of a user terminal through a network, the operator account registration server has a checking capacity and an algorithm encryption capacity, the checking capacity is used for checking whether the App of the user terminal and the operator account protection SKD are authenticated and not forged, the algorithm encryption capacity is realized by encrypting the received user ID information through a user data encryption method, the operator account registration server generates user ID encryption information and App side check information of the App service provider side after checking and encrypting, and transmits the user ID encryption information and the App side check information to an App side node of the App service provider.
The user ID information, the encryption information and the verification information are recorded and synchronized at three end nodes of an operator side, a user terminal side and an App server side in a mode of protecting a block chain account book formed by an SKD and an operator account registration server through an operator account, so that tampering is prevented, and an alliance block chain protection mechanism is formed.
Alliance block chains (Consortium blocks), also known as common block chains, are called alliance chains for short.
A federation chain refers to a chain of blocks that are subject to a preselected node in the course of a consensus process.
The block chain technology of the alliance chain refers to a block chain which can be controlled by a preselected node in a consensus process; in the development of the alliance chain, there may be no way in business for all the parties involved in the transaction to be able to see the transaction data of all the parties, but in some respects the protection of data and privacy is undoubted.
Physical isolation is now commonly employed in conventional schemes to allow transaction records to be stored only in the physical space of each transactant. The block chain technology has the advantage that an account book of a consensus mechanism is formed in the transaction process, but under the background of the same account book, the alliance chain can protect transaction data and privacy.
The three-terminal ID and block chain account book storage mechanism is as follows: a schematic diagram of generation of a user client ID check information node, an App side user ID check information section, an operator side user ID check information section and a block chain protection mechanism of an alliance type.
The storage of user ID check information (check information, non-original ID information) on each node is performed by checking, encrypting, and writing in storage using a block chain ledger block encryption method, which is shown in fig. 1 in a general manner. And a multi-node alliance chain mode is adopted, so that the read-write efficiency is high.
According to one or some embodiments of the invention, the user data encryption method may be a national encryption algorithm or an elliptic curve algorithm encryption. The specific encryption algorithm is not so limited.
According to one or some embodiments of the invention, the operator account protection SKD may further have an information confirmation interface, and the information confirmation interface is used for popping up information such as a local ID number to be confirmed by a user and whether the registration is authorized to use the local ID number in the App registration or use link. For alerting and for confirmation by the user.
The invention provides a method, software and a background service end system for protecting user personal information while providing user registration ID for a mobile App based on the capability of an operator mobile gateway and combining the computing capability of a user mobile terminal and an SDK developed by an operator.
Fig. 2 is a signaling flowchart illustrating an App user ID information protection method according to an embodiment of the present invention.
As shown in fig. 2, the method for protecting App user ID information. The method is realized based on the fact that a user terminal App is preloaded with an operator account protection SDK and an operator terminal is provided with an operator account registration server. The operator account protection SKD has gateway number taking capability and ID protection capability, the operator account registration server is located on the operator side and used for managing the App and a node server of the App account, and the operator account registration server has verification capability and algorithm encryption capability.
The method for protecting the ID information of the App user comprises the following steps:
the ID protection capability of the operator account protection SKD encrypts a user operator ID obtained by gateway number fetching through a user data encryption method to generate user ID information, encryption information and App side verification information, and the operator account protection SKD sends the user ID information, the encryption information and the App side verification information to an operator account registration server.
The method comprises the steps that an operator account registration server receives user ID information, encrypted information and App side check information which are transmitted by an operator account protection SKD of a user terminal through a network, whether an App of the user terminal and the operator account protection SKD are authenticated and are not forged is checked through checking capacity, received user ID information is encrypted through a user data encryption method through algorithm encryption capacity, user ID encrypted information and App side check information of an App service provider side are generated after the operator account registration server checks and encrypts, and the user ID encrypted information and the App side check information are transmitted to an App side node of the App service provider.
The user ID information, the encryption information and the verification information are recorded and synchronized at three end nodes of an operator side, a user terminal side and an App server side in a mode of protecting a block chain account book formed by an SKD and an operator account registration server through an operator account, so that tampering is prevented, and an alliance block chain protection mechanism is formed.
The scheme utilizes the network number taking capability of an operator, a client does not need to input a plaintext, and sensitive IDs such as a mobile phone number of the user and the like are invisible to the App. The method provides safe App registration and account privacy protection for the user, and also provides a user ID registration and use interactive interface with good compliance for an App operator.
According to one or some embodiments of the invention, the user data encryption method is a national encryption algorithm or an elliptic curve algorithm. The specific encryption algorithm is not so limited.
Fig. 3 is a registration flowchart illustrating an App user ID information protection method according to an embodiment of the present invention.
As shown in fig. 3, the method for protecting App user ID information includes App user registration, which includes the following steps:
s11, the user initiates registration through the App embedded with the operator account protection SDK in the user terminal;
s12, the App at the user terminal side acquires the registration request, and the App software side invokes an operator account protection SDK;
s13, popping up a user information confirmation interface by an operator account protection SDK through IDs (identity) such as a mobile phone number of a user operator obtained by gateway number taking, wherein the user does not need to manually input the mobile phone number, the interface can carry out information confirmation, after the user confirmation, the operator account protection SDK encrypts the user operator ID obtained by gateway number taking through a user data encryption method, can carry out operation encryption by combining the operator ID and some mobile phone terminal characteristics obtained by the SDK, and then generates user ID encryption information and App side verification information, and the operator account protection SKD sends the user ID information, the encryption information and the App side verification information to an operator account registration server of a node server used for managing App and App accounts by the operator;
s14, the operator account registration server receives user ID information, encrypted information and APP side check information which are transmitted by an operator account protection SKD of a user terminal through a network, verifies whether an App of the user terminal and the operator account protection SKD are authenticated and are not forged through a verification capability, encrypts the received user ID information through a user data encryption method through an algorithm encryption capability, generates user ID encrypted information and App side check information of an App service provider side after verification and encryption of the operator account registration server, and transmits the user ID encrypted information and the App side check information to an App side node of the APP service provider;
s15, the App side node of the App service provider receives the user ID encryption information and the App side verification information for subsequent login and verification.
When the App needs to register a mobile user with a mobile phone number, the user does not need to directly input the mobile phone number any more, but the user ID protection SDK of the operator is called, the App end takes a string of encrypted ciphertext IDs (hereinafter referred to as App side IDs) which are encrypted and stored on a block chain and can not be reversely decrypted, namely when the user registers, the operator provides the registration encryption SDK, directly obtains the terminal characteristic ID of the user, the mapping ID which is obtained by combining and encrypting the registration information of the mobile App on the operator side and the mobile ID, and stores the mapping ID in a distributed node mode at the user terminal, the mobile App and the operator side. In a subsequent user using link, the SDK of the operator provides a user ID of an App side for the mobile App as a registration ID in the system of the mobile App, so that the original ID is effectively hidden, when the App and a user need to execute transaction confirmation, retrieve a password and other mobile phone number interaction, the App and the user need to interact with the operator through the SDK, and the original number is invisible.
Fig. 4 is a login flowchart illustrating an App user ID information protection method according to an embodiment of the present invention.
As shown in fig. 4, the method for protecting App user ID information includes App user login, which includes the following steps:
s21, the user initiates login through the App embedded with the operator account protection SDK in the user terminal;
s22, the App at the user terminal side acquires the login request, and the App software side invokes an operator account number protection SDK;
s23, the operator account protection SDK obtains the ID such as the mobile phone number of the user in the operator through the gateway number taking, compares whether the login ID of the current user is consistent with the login ID of the previous time or not and whether the login ID is abnormal or not through verification information, and sends the user ID information, the App side verification information and the login verification request to the operator account registration server;
s24, the operator account registration server receives user ID information and App side check information which are transmitted by an operator account protection SKD of the user terminal through a network, checks whether App of the user terminal and the operator account protection SKD are authenticated and are not forged through check capacity, and transmits the App side user ID and the check information to an App side node of an App service provider;
s25, after receiving the user ID and the verification information of the App side by the App side node of the App service provider, comparing the verification information with the verification information provided by the operator account protection SKD of the user terminal through an algorithm to verify that no problem exists, and then performing login passing, wherein the App user of the user terminal performs subsequent operation in a login state.
This scheme can prevent to angle fish the imitative login interface of App: the phishing App cannot obtain the official gateway number-taking capability, cannot pop up a one-key login and account protection interface, and is easy to identify by a terminal user.
According to another aspect of the invention, an apparatus for protecting App user ID information is provided, which includes: the device comprises a memory, a processor and an App user ID information protection program which is stored on the memory and can run on the processor, wherein the steps of the App user ID information protection method are realized when the App user ID information protection program is executed by the processor.
There is also provided a computer storage medium according to the present invention.
The computer storage medium stores an App user ID information protection program, and the steps of the App user ID information protection method are realized when the App user ID information protection program is executed by a processor.
The method implemented when the App user ID information protection program running on the processor is executed may refer to each embodiment of the App user ID information protection method of the present invention, and details thereof are not repeated here.
The invention also provides a computer program product.
The computer program product comprises an App user ID information protection program, and the steps of the App user ID information protection method are realized when the App user ID information protection program is executed by a processor.
The method implemented when the App user ID information protection program running on the processor is executed may refer to each embodiment of the App user ID information protection method of the present invention, and details thereof are not repeated here.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is intended to be illustrative of the present invention and not to limit the scope of the invention, which is defined by the claims appended hereto.

Claims (9)

1. An apparatus for protecting App user ID information, comprising:
the system comprises an operator account number protection SKD, wherein the operator account number protection SKD is embedded into an App of a user terminal, the operator account number protection SKD has gateway number taking capacity and ID protection capacity, the ID protection capacity is realized by encrypting a user operator ID obtained by gateway number taking through a user data encryption method, the operator account number protection SKD generates user ID encryption information and App side verification information after being encrypted, and the operator account number protection SKD sends the user ID information, the encryption information and the App side verification information to an operator account number registration server;
the system comprises an operator account registration server, a node server and a node server, wherein the operator account registration server is positioned at an operator side and used for managing an App and an App account, the operator account registration server receives user ID information, encrypted information and App side check information which are transmitted by an operator account protection SKD of a user terminal through a network, the operator account registration server has a check capability and an algorithm encryption capability, the check capability is used for checking whether the App of the user terminal and the operator account protection SKD are authenticated and are not forged, the algorithm encryption capability is realized by encrypting the received user ID information through a user data encryption method, the operator account registration server generates user ID encryption information and App side check information of the App service provider side after checking and encryption and transmits the user ID encryption information and the App side check information to an App side node of an App service provider,
and recording and synchronizing the user ID information, the encryption information and the verification information at three end nodes of an operator side, a user terminal side and an App server side in a mode of block chain accounts formed by the operator account protection SKD and the operator account registration server, so as to prevent tampering and form a block chain protection mechanism of the alliance.
2. The apparatus of claim 1, wherein the user data encryption method is a national cipher algorithm or an elliptic curve algorithm.
3. The apparatus of claim 1, wherein the carrier account protection SKD further has an information confirmation interface for popping up a local ID number to be confirmed by a user and whether to authorize use of local number registration information at App registration or use.
4. A method for protecting App user ID information is realized based on that a user terminal App is pre-loaded with an operator account protection SDK and an operator terminal is provided with an operator account registration server, wherein the operator account protection SKD has gateway number taking capability and ID protection capability, the operator account registration server is positioned at an operator side and is used for managing the App and a node server of the App account, the operator account registration server has verification capability and algorithm encryption capability,
the method comprises the following steps:
the ID protection capability of the operator account protection SKD encrypts a user operator ID obtained by gateway number fetching through a user data encryption method to generate user ID encryption information and App side verification information, and the operator account protection SKD sends the user ID information, the encryption information and the App side verification information to an operator account registration server;
the operator account registration server receives user ID information, encrypted information and App side check information which are transmitted by an operator account protection SKD of the user terminal through a network, verifies whether the App of the user terminal and the operator account protection SKD are authenticated and are not forged through the verification capability, encrypts the received user ID information through a user data encryption method through the algorithm encryption capability, generates user ID encrypted information and App side check information of an App service provider side after verification and encryption by the operator account registration server, and transmits the user ID encrypted information and the App side check information to an App side node of the App service provider,
and recording and synchronizing the user ID information, the encryption information and the verification information at three end nodes of an operator side, a user terminal side and an App server side in a mode of block chain accounts formed by the operator account protection SKD and the operator account registration server, so as to prevent tampering and form a block chain protection mechanism of the alliance.
5. The method of claim 4, wherein the user data encryption method is a national encryption algorithm or an elliptic curve algorithm.
6. The method of claim 4, comprising the App user registration step of:
s11, the user initiates registration through the App embedded with the operator account protection SDK in the user terminal;
s12, the App at the user terminal side acquires the registration request, and the App software side invokes an operator account protection SDK;
s13, popping up a user information confirmation interface by a user operator ID obtained by the operator account protection SDK through gateway number fetching, wherein the interface can confirm information without manually inputting a mobile phone number by a user, after the user confirms, the operator account protection SDK encrypts the user operator ID obtained by the gateway number fetching through a user data encryption method to generate user ID encryption information and App side verification information, and the operator account protection SKD sends the user ID information, the encryption information and the App side verification information to an operator account registration server;
s14, the operator account registration server receives user ID information, encrypted information and APP side check information which are transmitted by an operator account protection SKD of the user terminal through a network, checks whether an App and the operator account protection SKD of the user terminal are authenticated and are not forged through the check capacity, encrypts the received user ID information through a user data encryption method through the algorithm encryption capacity, generates user ID encrypted information and App side check information of an App service provider side after the operator account registration server checks and encrypts, and transmits the user ID encrypted information and the App side check information to an App side node of an App service provider;
and S15, the App side node of the App service provider receives the user ID encryption information and the App side verification information for subsequent login and verification.
7. The method of claim 4, comprising the App user login step of:
s21, the user initiates login through the App embedded with the operator account protection SDK in the user terminal;
s22, the App at the user terminal side acquires the login request, and the App software side invokes an operator account number protection SDK;
s23, the operator account protection SDK obtains a user operator ID through gateway number taking, whether the login ID of the current user is consistent with the login ID of the previous time or not and whether the login ID is abnormal or not are compared through verification information, and user ID information, App side verification information and a login verification request are sent to an operator account registration server;
s24, the operator account registration server receives user ID information and APP side check information which are transmitted by an operator account protection SKD of the user terminal through a network, whether an App of the user terminal and the operator account protection SKD are authenticated and are not forged is checked through the check capacity, and the operator account registration server transmits the App side user ID and the check information to an App side node of an App service provider;
s25, after the App side user ID and the verification information are received by the App side node of the App service provider and are compared with the verification information provided by the operator account protection SKD of the user terminal through an algorithm to verify that no problem exists, login releasing is carried out, and the App user of the user terminal carries out subsequent operation in a login state.
8. An electronic device, comprising: memory, a processor and an App user ID information protection program stored on the memory and executable on the processor, the App user ID information protection program when executed by the processor implementing the steps of the App user ID information protection method as claimed in any one of claims 4 to 7.
9. A computer storage medium having stored thereon an App user ID information protection program which, when executed by a processor, implements the steps of an App user ID information protection method as claimed in any one of claims 4 to 7.
CN202210120831.7A 2022-02-09 2022-02-09 App user ID information protection device and method, electronic equipment and storage medium Pending CN114466353A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210120831.7A CN114466353A (en) 2022-02-09 2022-02-09 App user ID information protection device and method, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210120831.7A CN114466353A (en) 2022-02-09 2022-02-09 App user ID information protection device and method, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114466353A true CN114466353A (en) 2022-05-10

Family

ID=81413218

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210120831.7A Pending CN114466353A (en) 2022-02-09 2022-02-09 App user ID information protection device and method, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114466353A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115866585A (en) * 2023-02-16 2023-03-28 天津租赁资产交易中心股份有限公司 Mobile phone APP information protection method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115866585A (en) * 2023-02-16 2023-03-28 天津租赁资产交易中心股份有限公司 Mobile phone APP information protection method

Similar Documents

Publication Publication Date Title
US11165757B2 (en) Method and apparatus for securing communications using multiple encryption keys
US8059818B2 (en) Accessing protected data on network storage from multiple devices
US7231526B2 (en) System and method for validating a network session
US8904178B2 (en) System and method for secure remote access
CN109361668A (en) A kind of data trusted transmission method
US10263782B2 (en) Soft-token authentication system
US10594479B2 (en) Method for managing smart home environment, method for joining smart home environment and method for connecting communication session with smart device
US20040103325A1 (en) Authenticated remote PIN unblock
CN106453361B (en) A kind of security protection method and system of the network information
CN108418691A (en) Dynamic network identity identifying method based on SGX
PT1364508E (en) Data certification method and apparatus
CN107888560A (en) A kind of mobile intelligent terminal mail security Transmission system and method
CN110933078B (en) H5 unregistered user session tracking method
CN108769029B (en) Authentication device, method and system for application system
CN110505055B (en) External network access identity authentication method and system based on asymmetric key pool pair and key fob
CN113472793A (en) Personal data protection system based on hardware password equipment
CN113473458B (en) Device access method, data transmission method and computer readable storage medium
CN104243452B (en) A kind of cloud computing access control method and system
CN112671735B (en) Data encryption sharing system and method based on block chain and re-encryption
KR101281099B1 (en) An Authentication method for preventing damages from lost and stolen smart phones
CN109347626A (en) A kind of safety identification authentication method with antitracking characteristic
US9160739B2 (en) Secure data transmission system
JP4698751B2 (en) Access control system, authentication server system, and access control program
CN112968910B (en) Replay attack prevention method and device
CN113904767A (en) System for establishing communication based on SSL

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination