CN114548904A - CRM (customer relationship management) business handling method and system under user's knowledge - Google Patents
CRM (customer relationship management) business handling method and system under user's knowledge Download PDFInfo
- Publication number
- CN114548904A CN114548904A CN202210050314.7A CN202210050314A CN114548904A CN 114548904 A CN114548904 A CN 114548904A CN 202210050314 A CN202210050314 A CN 202210050314A CN 114548904 A CN114548904 A CN 114548904A
- Authority
- CN
- China
- Prior art keywords
- service
- user
- crm
- authentication
- identity authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 18
- 238000012795 verification Methods 0.000 claims abstract description 22
- 208000003443 Unconsciousness Diseases 0.000 abstract description 2
- 239000000126 substance Substances 0.000 description 3
- 230000009191 jumping Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/103—Workflow collaboration or project management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G06Q50/60—
Abstract
The invention discloses a CRM service handling method and a CRM service handling system under the knowledge of a user, wherein the CRM service handling method comprises the following steps: calling a service gateway; the service gateway judges whether the service to be called needs identity authentication or not; if the identity authentication is needed, whether the user passes the identity authentication or not is searched in the session according to the service number; and if the identity authentication is passed, the service gateway calls the corresponding CRM service. The invention adds the user authentication verification of the service on the service gateway layer according to the configuration unification, thoroughly solves the problems of core data inquired and telecommunication service transacted by the user under the condition of unconsciousness, and improves the system safety.
Description
Technical Field
The invention relates to the technical field of CRM (customer relationship management) business handling, in particular to a CRM business handling method and system under the condition of user awareness.
Background
In the telecommunication/mobile/Unicom industry, the CRM system (i.e. customer relationship management system) is a relatively complex IT support system in China, so that the CRM system has high management requirements on the authority, especially management requirements on handling business and inquiring core data of users under the condition that the users do not know.
In a CRM system, an operator transacts business for a client, the identity authentication of the client is required to be passed, the general authentication mode is information such as a user password, a random short message verification code, an identity document or a user mobile phone call record, and subsequent business can be continuously transacted only after the identity authentication is passed.
For example, the customer information is queried, assuming that the customer information can be queried only through the customer identity authentication; however, when the hacker has the right to inquire the client data information, the hacker can directly call the client data information inquiry service to illegally obtain the client data information without passing through the user identity authentication. For CRM systems with B/S architecture (i.e. Browser/Server architecture, Browser/Server architecture), there are many tools that can intercept the uplink request and the downlink message, and modify the value returned by the Server to the client, for example: in the client identity authentication, the short message random code is used for verification, but the random code verification fails, the information returned by the server is modified, the failure is modified to be successful, and the client considers that the verification is passed after the information is returned to the client.
Therefore, for the service handling service and the core user data query service, user identity authentication verification is required, and system data leakage and service unwittingly handling caused by the fact that service calling does not pass through user identity authentication are avoided.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a CRM business transaction method and a CRM business transaction system under the knowledge of a user.
The invention discloses a CRM (customer relationship management) business transaction method under the knowledge of a user, which comprises the following steps:
calling a service gateway;
the service gateway judges whether the service to be called needs identity authentication or not;
if the identity authentication is needed, whether the user passes the identity authentication or not is searched in the session according to the service number;
and if the identity authentication is passed, the service gateway calls the corresponding CRM service.
As a further improvement of the invention, the method also comprises the following steps:
and if the identity authentication is not needed, the service gateway calls the corresponding CRM service.
As a further improvement of the invention, the method also comprises the following steps:
and if the identity authentication is not passed, the service gateway is not allowed to call the corresponding CRM service.
As a further improvement of the invention, before identity authentication, service gateway configuration service is required to be carried out in advance;
the service gateway configuring service, comprising:
when the service gateway configures the service, whether the service needs to perform user identity authentication or not is designated, if the service needs to be verified, the authentication identifier of the service is marked as 'Y', and a value taking path of a user number is configured.
As a further improvement of the present invention, during the authentication, if the obtained authentication identifier of the service is "Y", it indicates that the authentication is required; otherwise, it means that authentication is not required.
The invention also discloses a CRM service transaction system under the knowledge of the user, which comprises the following steps: the service gateway comprises an identity verification module and a service calling module;
the identity verification module is used for:
judging whether the service to be called needs to be subjected to identity authentication or not;
if the identity authentication is needed, whether the user passes the identity authentication or not is searched in the session according to the service number;
the service calling module is used for:
and after the identity authentication is passed, calling the corresponding CRM service.
As a further improvement of the present invention, the service invoking module is further configured to:
and when the identity authentication is not needed, calling the corresponding CRM service.
As a further improvement of the present invention, the identity verification module is further configured to:
and if the identity authentication is not passed, the calling service is ended.
As a further improvement of the present invention, the service gateway further comprises: a configuration module;
the configuration module is used for appointing whether the service needs to carry out user identity authentication or not when the service is configured, if the service needs to be verified, the authentication identification mark of the service is marked as 'Y', and the value taking path of the user number is configured.
As a further improvement of the present invention, during the authentication, if the obtained authentication identifier of the service is "Y", it indicates that the authentication is required; otherwise, it means that authentication is not required.
Compared with the prior art, the invention has the beneficial effects that:
the invention adds the user authentication verification of the service on the service gateway layer according to the configuration unification, thoroughly solves the problems of core data inquired and telecommunication service transacted by the user under the condition of unconsciousness, and improves the system safety.
Drawings
FIG. 1 is a flowchart of a CRM service transaction method under the knowledge of a user according to an embodiment of the present invention;
FIG. 2 is a block diagram of a CRM business transaction system with user knowledge according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
The invention is described in further detail below with reference to the attached drawing figures:
the invention provides a CRM business transaction method under the knowledge of a user, which is characterized in that before a service gateway calls a service, a step of checking whether the user passes the authentication is added; the method specifically comprises the following steps:
step 1, a service gateway pre-configures service, specifies whether the service needs user identity authentication, if the service needs verification, an authentication identifier of the service is marked as 'Y', and configures a value taking path of a user number; wherein the content of the first and second substances,
the original service configuration table of the invention is added with the fields of PASS _ FLAG and PASS _ PHONE _ PATH:
"PASS _ FLAG" indicates: and authentication identification Y: if the user number is to be checked for identity authentication, when the identity Y is identified, the path of the user number cannot be null;
"PASS _ PHONE _ PATH" indicates: the service access refers to a path for handling the number of the user, the field is used for a verification mode for taking the number, and the service for handling the number must be configured; wherein, the value taking path of the number is BODY.BUSI _ INFO.PHONE _ NO.
The configuration table formed is:
step 2, calling a service gateway to call a corresponding service through the service gateway;
step 3, the service gateway judges whether the service to be called needs to be authenticated or not; wherein the content of the first and second substances,
the specific identity authentication method comprises the following steps:
if the obtained authentication identifier of the service is Y, the identity verification is required; otherwise, it means that authentication is not required.
Step 4, if identity authentication is not needed, jumping to step 6;
step 5, if the identity authentication is needed, searching whether the user passes the identity authentication in the session according to the service number:
if the identity authentication is passed, jumping to the step 6;
if the identity authentication is not passed, the service gateway is not allowed to call the corresponding CRM service;
and 6, the service gateway calls the corresponding CRM service.
As shown in FIG. 2, the present invention also provides a CRM business transaction system under the knowledge of a user, comprising: the service gateway comprises a configuration module, an identity verification module and a service calling module;
a configuration module to:
pre-configuring service, specifying whether the service needs user identity authentication, if the service needs verification, marking the authentication identification of the service as 'Y', and configuring a value-taking path of a user number; wherein the content of the first and second substances,
the original service configuration table of the invention is added with the fields of PASS _ FLAG and PASS _ PHONE _ PATH:
"PASS _ FLAG" indicates: and authentication identification Y: if the user number is to be checked for identity authentication, when the identity Y is identified, the path of the user number cannot be null;
"PASS _ PHONE _ PATH" indicates: the service access refers to a path for handling the number of the user, the field is used for a verification mode for taking the number, and the service for handling the number must be configured; wherein, the numeric path is BODY.BUSI _ INFO.PHONE _ NO.
The configuration table formed is:
an identity verification module to:
judging whether the service to be called needs to be subjected to identity authentication or not;
if the identity authentication is needed, whether the user passes the identity authentication is searched in the session according to the service number:
if the identity authentication is not passed, the service gateway is not allowed to call the corresponding CRM service;
a service invocation module to:
after the identity authentication is passed, calling the corresponding CRM service;
and when the identity authentication is not needed, calling the corresponding CRM service.
The invention has the advantages that:
the invention increases the user authentication verification of the service on the service gateway layer according to the configuration unification, thoroughly solves the problems that the user is inquired about the core data and transacted with the telecommunication service under the condition of no knowledge, and improves the system safety.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes will occur to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A CRM business transaction method under the knowledge of a user is characterized by comprising the following steps:
calling a service gateway;
the service gateway judges whether the service to be called needs identity authentication or not;
if the identity authentication is needed, whether the user passes the identity authentication or not is searched in the session according to the service number;
and if the identity authentication is passed, the service gateway calls the corresponding CRM service.
2. The CRM transaction method under the knowledge of a user of claim 1, further comprising:
and if the identity authentication is not needed, the service gateway calls the corresponding CRM service.
3. The CRM transaction method under the knowledge of a user of claim 1, further comprising:
and if the identity authentication is not passed, the service gateway is not allowed to call the corresponding CRM service.
4. The CRM business transaction method under the user's knowledge according to any one of claims 1 to 3, wherein a service gateway configuration service is required to be performed in advance before performing the identity verification;
the service gateway configuring service, comprising:
when the service gateway configures the service, whether the service needs to perform user identity authentication or not is designated, if the service needs to be verified, the authentication identifier of the service is marked as 'Y', and a value taking path of a user number is configured.
5. The CRM service transaction method under the knowledge of the user of claim 4, wherein during the authentication, if the obtained authentication identifier of the service is "Y", it indicates that the authentication is required; otherwise, it means that authentication is not required.
6. A CRM transaction system at the knowledge of a user, comprising: the service gateway comprises an identity verification module and a service calling module;
the identity verification module is configured to:
judging whether the service to be called needs to be subjected to identity authentication or not;
if the identity authentication is needed, whether the user passes the identity authentication or not is searched in the session according to the service number;
the service calling module is used for:
and after the identity authentication is passed, calling the corresponding CRM service.
7. The CRM business transaction system under the knowledge of a user of claim 6, wherein the service invocation module is further configured to:
and when the identity authentication is not needed, calling the corresponding CRM service.
8. The CRM business transaction system under the knowledge of a user of claim 6, wherein the identity verification module is further to:
and if the identity authentication is not passed, the calling service is ended.
9. The CRM business transaction system under user knowledge of any of claims 6-8, wherein the service gateway further comprises: a configuration module;
the configuration module is used for appointing whether the service needs to carry out user identity authentication or not when the service is configured, if the service needs to be verified, the authentication identification mark of the service is marked as 'Y', and the value taking path of the user number is configured.
10. The CRM service transaction system under the knowledge of the user of claim 9, wherein in the authentication, if the obtained authentication identifier of the service is "Y", it indicates that the authentication is required; otherwise, it means that authentication is not required.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210050314.7A CN114548904A (en) | 2022-01-17 | 2022-01-17 | CRM (customer relationship management) business handling method and system under user's knowledge |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210050314.7A CN114548904A (en) | 2022-01-17 | 2022-01-17 | CRM (customer relationship management) business handling method and system under user's knowledge |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114548904A true CN114548904A (en) | 2022-05-27 |
Family
ID=81670934
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210050314.7A Pending CN114548904A (en) | 2022-01-17 | 2022-01-17 | CRM (customer relationship management) business handling method and system under user's knowledge |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114548904A (en) |
-
2022
- 2022-01-17 CN CN202210050314.7A patent/CN114548904A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108200050B (en) | Single sign-on server, method and computer readable storage medium | |
CN110348239B (en) | Desensitization rule configuration method, data desensitization method, system and computer equipment | |
CN102710640B (en) | Authorization requesting method, device and system | |
AU2020202168B2 (en) | Method and system related to authentication of users for accessing data networks | |
CN108154047A (en) | A kind of data desensitization method and device | |
CN110795174B (en) | Application program interface calling method, device, equipment and readable storage medium | |
CN106060034A (en) | Account login method and device | |
CN111797418B (en) | Online service control method and device, service terminal, server and storage medium | |
CN111970680B (en) | Profile downloading method and device based on eUICC subscription platform | |
WO2022262397A1 (en) | Interface display method and electronic device | |
CN105791249A (en) | Third-party application processing method, device and system | |
CN107483477B (en) | Account management method and account management system | |
CN114615071A (en) | Method for carrying out unified authentication on RESTful API under micro-service architecture | |
US20170063862A1 (en) | System and method for authentication | |
CN113568542A (en) | Interface display method and electronic equipment | |
CN114548904A (en) | CRM (customer relationship management) business handling method and system under user's knowledge | |
CN107395566A (en) | Authentication method and device | |
CN111526143B (en) | Method and device for realizing anti-unauthorized access of CRM system and storage medium | |
CN110839215B (en) | Cluster communication method, server, terminal equipment and storage medium | |
CN106412904B (en) | Method and system for preventing counterfeit user authentication authority | |
CN111709803B (en) | Method and system for preventing unauthorized business handling | |
CN106878332A (en) | Personal information uses credit system | |
CN113127845A (en) | Method, device, equipment and storage medium for verifying application permission | |
CN113761493A (en) | Method and system for controlling calling authority and calling party identity of intelligent contract interface of block chain platform | |
CN109348053B (en) | Telephone number mark processing method, server, terminal device and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |