CN115118501A - Identity verification method and device, computer equipment and computer readable storage medium - Google Patents

Identity verification method and device, computer equipment and computer readable storage medium Download PDF

Info

Publication number
CN115118501A
CN115118501A CN202210743327.2A CN202210743327A CN115118501A CN 115118501 A CN115118501 A CN 115118501A CN 202210743327 A CN202210743327 A CN 202210743327A CN 115118501 A CN115118501 A CN 115118501A
Authority
CN
China
Prior art keywords
verification
authentication
combined
score
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210743327.2A
Other languages
Chinese (zh)
Other versions
CN115118501B (en
Inventor
崔伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Bank Co Ltd
Original Assignee
Ping An Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Bank Co Ltd filed Critical Ping An Bank Co Ltd
Priority to CN202210743327.2A priority Critical patent/CN115118501B/en
Publication of CN115118501A publication Critical patent/CN115118501A/en
Application granted granted Critical
Publication of CN115118501B publication Critical patent/CN115118501B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/028Capturing of monitoring data by filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters

Abstract

The embodiment of the application discloses an identity authentication method, an identity authentication device, computer equipment and a computer readable storage medium, wherein the identity authentication method comprises the following steps: responding to a received service identity authentication request, acquiring personal information, environmental information and service scene information of a user requesting authentication, and configuring a first number of combined authentication processes according to the personal information and the environmental information; calculating a safety score of the combined verification process based on the verification score of each verification process; and if the combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to perform identity verification through the combined verification process. The user identity authentication is carried out through the combined authentication process, so that the safety of the identity authentication process is improved, the identity authentication information of the user is effectively prevented from being broken and stolen, and further the damage of user assets and the leakage of private information are avoided. Meanwhile, a personalized and differentiated identity authentication process is provided for the user.

Description

Identity verification method and device, computer equipment and computer readable storage medium
Technical Field
The present invention relates to the field of information security, and in particular, to an identity authentication method and apparatus, a computer device, and a computer-readable storage medium.
Background
With the rapid development of internet technology, more and more services can be transacted by users through the online internet. When a user transacts online business, the mobile terminal receives the dynamic verification code, the deposit card/credit card password verification, the payment password verification, the face recognition and other identification modes to carry out the authentication process.
In the user identity authentication process, the authentication processes used by each user are different, and if the user with a high age is not convenient to perform fingerprint authentication, the user does not usually adopt fingerprint authentication but adopts a password to authenticate the user. However, each service scenario only provides a fixed verification process, and cannot provide a personalized and differentiated verification process for the user. In addition, when risk business scenes such as loan transaction, account transfer, transaction, sensitive information operation and the like are involved, the safety of a fixed verification process is low, so that the identity verification process of a user is broken through and stolen, and further, the property of the user is damaged and private information is leaked.
Disclosure of Invention
In view of the above, an object of the present invention is to overcome the deficiencies in the prior art, and provide an authentication method, an apparatus, a computer device and a computer readable storage medium, so as to solve the problem of low security of an authentication process.
In a first aspect, the present application provides an identity verification method, including:
responding to a received service identity authentication request, and acquiring personal information, environmental information and service scene information of a user requesting authentication, wherein the service scene information comprises a service authentication risk score;
configuring a first number of combined authentication processes according to the personal information and the environment information, wherein each combined authentication process comprises at least two authentication processes;
calculating the safety score of the combined verification process based on the verification score of each verification process;
and if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to perform identity verification through the combined verification process.
With reference to the first aspect, in a first possible implementation manner, the service scenario information further includes a service-supported verification process and a service-defined verification process, and configuring a first number of combined verification processes according to the personal information and the environment information includes:
and configuring a first number of combined verification processes according to the personal information, the environment information, the verification processes supported by the service and the verification processes limited by the service.
With reference to the first aspect, in a second possible implementation manner, if there is a combined authentication process with a security score greater than or equal to the authentication risk score, generating first prompt information for prompting a user to perform identity authentication through the combined authentication process, includes:
and if the combined verification process with the security score larger than or equal to the verification risk score exists, filtering out the combined verification process with the security score smaller than the verification risk score to obtain a second number of combined verification processes, and generating first prompt information for prompting a user to perform identity verification through the combined verification processes, wherein the second number is smaller than or equal to the first number.
With reference to the first aspect, in a third possible implementation manner, after the calculating a security score of the combined authentication procedure based on the authentication score of each authentication procedure, the method further includes:
and if the combined verification process with the security score being greater than or equal to the verification risk score does not exist, generating second prompt information for prompting that identity verification cannot be carried out.
With reference to the first aspect, in a fourth possible implementation manner, after configuring a first number of combined verification processes according to the personal information and the environment information, the method further includes:
and if the environment information comprises a verification process which passes the verification within the preset time, filtering the verification process which passes the verification within the preset time in the combined verification process.
With reference to the fourth possible implementation manner of the first aspect, in a fifth possible implementation manner, the calculating a security score of the combined authentication procedure based on the authentication score of each authentication procedure includes:
and calculating the safety score of the combined verification process based on the verification score of each verification process included in the combined verification process and the verification score of the verification process passing the verification in the preset time.
With reference to the first aspect, in a sixth possible implementation manner, if there is a combined authentication process with a security score greater than or equal to the authentication risk score, generating first prompt information for prompting a user to perform identity authentication through the combined authentication process, includes:
if the first number is greater than or equal to two, receiving a verification process selection request, wherein the process use request comprises the combined verification process requested to be selected;
and configuring the combined verification process selected by the request as an identity verification process of the service.
In a second aspect, the present application provides an authentication device, the device comprising:
the information acquisition module is used for responding to a received service identity authentication request and acquiring personal information, environmental information and service scene information of a user requesting authentication, wherein the service scene information comprises a service authentication risk score;
a flow configuration module, configured to configure a first number of combined authentication flows according to the personal information and the environment information, where each combined authentication flow includes at least two authentication flows;
the score calculating module is used for calculating the safety score of the combined verification process based on the verification score of each verification process;
and the first prompt module is used for generating first prompt information for prompting a user to carry out identity verification through the combined verification process if the combined verification process with the security score being greater than or equal to the verification risk score exists.
In a third aspect, the present application provides a computer device comprising a memory and a processor, the memory storing a computer program, the computer program implementing the identity verification method according to the first aspect when the processor executes the computer program.
In a fourth aspect, the present application provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the authentication method according to the first aspect.
The application provides an identity authentication method, which comprises the following steps: configuring a first number of combined verification processes according to the personal information and the environment information, wherein each combined verification process comprises at least two verification processes; calculating a security score of the combined authentication process based on the authentication score of each authentication process; and if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to perform identity verification through the combined verification process. The user identity authentication is carried out through the combined authentication process comprising at least two authentication processes, so that the safety of the identity authentication process is improved, the identity authentication information of the user is effectively prevented from being broken and stolen, and further the damage of user assets and the leakage of private information are avoided. Meanwhile, the combined authentication process is configured according to the environment information and the personal information of the user, and an individualized and differentiated identity authentication process is provided for the user.
Drawings
In order to more clearly illustrate the technical solution of the present invention, the drawings required to be used in the embodiments will be briefly described below, and it should be understood that the following drawings only illustrate some embodiments of the present invention, and therefore should not be considered as limiting the scope of the present invention. Like components are numbered similarly in the various figures.
Fig. 1 shows a flowchart of a first authentication method provided by an embodiment of the present invention;
fig. 2 is a flowchart illustrating a second authentication method according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a third authentication method according to an embodiment of the present invention;
fig. 4 shows a schematic structural diagram of an authentication apparatus provided in an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Hereinafter, the terms "including", "having", and their derivatives, which may be used in various embodiments of the present invention, are only intended to indicate specific features, numbers, steps, operations, elements, components, or combinations of the foregoing, and should not be construed as first excluding the existence of, or adding to, one or more other features, numbers, steps, operations, elements, components, or combinations of the foregoing.
Furthermore, the terms "first," "second," "third," and the like are used solely to distinguish one from another and are not to be construed as indicating or implying relative importance.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which various embodiments of the present invention belong. The terms (such as those defined in commonly used dictionaries) should be interpreted as having a meaning that is consistent with their contextual meaning in the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein in various embodiments of the present invention.
Example 1
Referring to fig. 1, fig. 1 is a flowchart illustrating a first authentication method according to an embodiment of the present invention. The authentication method in fig. 1 comprises the following steps:
step 110, responding to the received service authentication request, obtaining the personal information, the environmental information and the service scene information of the user requesting authentication.
The identity authentication method is applied to computer equipment, and specifically, when a user transacts a service, an identity authentication request of the service is sent through the human-computer interaction equipment, wherein the computer equipment and the human-computer interaction equipment are selected according to actual requirements and are not limited herein. The computer equipment responds to the received identity authentication request of the service and acquires the personal information, the environmental information and the service scene information of the user requesting identity authentication.
It should be understood that the personal information may be any information used to associate with the identity of the user, such as facial image, age, nationality, certificate number, and authentication procedure used historically, and is not limited herein. The environment information includes information such as current network geographic information, information such as an operation that a user has performed, and information such as a verification procedure that the current environment can adopt, where the network geographic information includes, but is not limited to, information such as GPS (Global Positioning System) information and an IP (Internet Protocol) address, and is not limited herein.
The business scenario information includes a verification risk score for the business. The verification risk score of the business is set according to actual requirements, and is not limited herein. In order to facilitate understanding of the application, in the embodiment, high-risk services such as loan transaction, account transfer, transaction, sensitive information operation and the like are matched as high-grade verification risk grades. And matching low-risk services such as information inquiry and the like as low-grade verification risk grades. The high-grade service for verifying the risk grade requires the corresponding high-safety grade verification process of the user, so that the damage of the user assets and the leakage of private information are avoided. And if the high-grade service for verifying the risk grade allows the user to perform a low-safety grade verification process, the operation of the user is simplified, and the user experience is improved.
Step 120, configuring a first number of combined verification processes according to the personal information and the environment information.
And acquiring a verification process supported by the personal information, specifically, if the personal information of the user does not include the certificate number of the user, determining that the personal information does not support the process of verifying the identity of the user through the certificate number. And if the personal information of the user comprises the fingerprint information of the user, confirming that the personal information supports a process of verifying the identity of the user through the fingerprint information. And acquiring a verification process supported by the environment information, specifically, if a fingerprint acquisition device is arranged in the environment where the user is located, determining that the environment information supports a process of verifying the identity of the user through the fingerprint information. And if the image acquisition equipment is not arranged in the environment where the user is located, determining that the environment information does not support the process of verifying the identity of the user through the face image.
The verification processes supported by the personal information and the environmental information are acquired simultaneously, and the verification processes are combined randomly to obtain a first number of combined verification processes comprising at least two verification processes. The user identity authentication is carried out through a continuous authentication process, so that the user identity authentication process is effectively prevented from being broken through and stolen.
It is to be understood that the personal information may also include historical authentication records of the user. And obtaining the identity authentication of the user by frequently adopting fingerprint authentication through the historical identity authentication records, and configuring a combined authentication process comprising the fingerprint authentication. And obtaining that the face recognition verification of the user for multiple times in a time period is failed through the historical identity verification record, and configuring a combined verification process which does not include the face recognition verification. The combined authentication process is configured through the personal information and the environmental information, and an individualized and differentiated identity authentication process is provided for the user.
As an example, the service scenario information further includes a service-supported verification process and a service-defined verification process, and configuring a first number of combined verification processes according to the personal information and the environment information includes:
and configuring a first number of combined verification processes according to the personal information, the environment information, the verification processes supported by the service and the verification processes limited by the service.
It should be understood that the verification process supported by the service is a verification process that can be selectively used in the service scenario, and the verification process defined by the service is a verification process that must be used in the service scenario. The verification process of each service is configured according to actual requirements, and is not limited herein. For example, in a transfer service scene, payment password authentication, certificate number authentication, login password authentication, face recognition authentication and fingerprint authentication are authentication processes supported by services, and a user cannot perform transfer service processing through voiceprint authentication. The payment password authentication is an authentication process limited by the service, and the user can only process the transfer service after the payment password authentication.
And randomly combining the payment password verification with certificate number verification, login password verification, face identification verification and fingerprint verification to obtain a first number of combined verification processes. Specifically, the combined verification process may be a combination of payment password verification and face recognition verification, a combination of payment password verification and fingerprint verification, or a combination of payment password verification, certificate number verification, and login password verification, which is not described herein again. And configuring a first number of combined verification processes through the verification processes supported by the service and the verification processes limited by the service, and ensuring that the obtained combined verification processes are matched with the service scene.
Step 130, calculating a security score of the combined authentication process based on the authentication score of each authentication process.
And acquiring the verification scores of the verification processes included in each combined verification process, and summing the verification scores of each verification process in the combined verification processes to obtain the safety score of each combined verification process.
It should be understood that the verification score of each verification process is set according to actual requirements, and is not limited herein. Specifically, the face recognition authentication may be set to a high-score authentication score, and the login password authentication may be set to a low-score authentication score.
It is also to be understood that the verification score for each verification process may also be altered based on the environmental information. For example, when a user transacts a transfer service, and requests to perform identity authentication through the human-computer interaction device, the environment information including the IP address is acquired, and the position of the user is acquired through the IP address. If the acquired user position is in the bank, the verification score of each verification process can be improved. If the obtained user position is not in the bank, the verification score of each verification flow can be reduced.
Referring to fig. 2, fig. 2 is a flowchart illustrating a second authentication method according to an embodiment of the present invention. As an example, after configuring a first number of combined authentication processes according to the personal information and the environmental information, the step 120 further includes:
and step 121, if the environment information includes a verification process which passes the verification within a preset time, filtering out the verification process which passes the verification within the preset time in the combined verification process.
The verification process exemption passing verification can be configured, so that the operation process of the user during identity verification is simplified, and the efficiency of identity verification is improved. For example, the combined authentication process includes payment password authentication and face recognition authentication. If the user fails to pass the face recognition verification and the face recognition authentication within the preset time, the user needs to perform the payment password verification and the face recognition authentication simultaneously when the user identity verification is performed through the combined verification process. And if the user passes the face recognition verification within the preset time, filtering out verification processes which pass the verification within the preset time in the combined verification process. When the user identity authentication is performed through the combined authentication process, the user only needs to perform payment password authentication. On the basis of avoiding the breakthrough and leakage of user authentication information, the user does not need to perform repeated authentication processes, so that the operation of the user in the authentication process is reduced, and the authentication efficiency is improved.
In an optional example, the step 130 of calculating the security score of the combined authentication procedure based on the authentication score of each of the authentication procedures comprises:
step 131, calculating a security score of the combined verification process based on the verification score of each verification process included in the combined verification process and the verification score of the verification process passing the verification within the preset time.
If the environment information comprises the verification process which passes the verification within the preset time, the verification score of the verification process which passes the verification is reserved, namely the verification score of the verification process which passes the verification within the preset time is added into the safety score of the combined verification process. And filtering the verification process which passes the verification within the preset time in the combined verification process, and not changing the safety score of the combined verification process. The user does not need to carry out repeated verification processes, the operation process of the user is simplified, the reduction of the safety score of the verification process is avoided, and the effectiveness of the safety score is ensured.
And 140, if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to perform identity verification through the combined verification process.
If the combined verification process with the security score being greater than or equal to the verification risk score exists, the obtained combined verification process can effectively avoid the verification information of the user from being leaked by breakthrough in the user identity verification process, first prompt information used for prompting the user to perform identity verification through the combined verification process is generated, and the user is guided to perform identity verification through the combined verification process. By combining a plurality of verification processes, the safety of the authentication process is improved, the identity verification information of the user is effectively prevented from being broken and stolen, and further the damage of user assets and the leakage of private information are avoided.
As an example, if there is a combined authentication process with a security score greater than or equal to the authentication risk score, generating first prompt information for prompting a user to perform identity authentication through the combined authentication process, includes:
and if the combined verification process with the security score larger than or equal to the verification risk score exists, filtering out the combined verification process with the security score smaller than the verification risk score to obtain a second number of combined verification processes, and generating first prompt information for prompting a user to perform identity verification through the combined verification processes, wherein the second number is smaller than or equal to the first number.
In the actual process of configuring the combined verification process, a combined verification process with a security score smaller than the verification risk score is also configured, and a combined verification process with a security score greater than or equal to the verification risk score is also configured. And filtering out the combined verification processes with the security scores smaller than the verification risk scores, and reserving the combined verification processes with the second number of security scores larger than or equal to the verification risk scores.
It is to be understood that when the security score of each combined authentication procedure is greater than or equal to the authentication risk score, the second number is equal to the first number. The second number is less than the first number when there is a combined authentication flow with a security score less than the authentication risk score. The second number is based on the security score and the verification risk score of the combined verification process, and is not limited herein.
As an example, if there is a combined authentication process with a security score greater than or equal to the authentication risk score, generating first prompt information for prompting a user to perform identity authentication through the combined authentication process, includes:
if the first number is greater than or equal to two, receiving a verification process selection request, wherein the process use request comprises the combined verification process requested to be selected;
and configuring the combined verification process selected by the request as an identity verification process of the service.
If the first number is greater than or equal to two, the user can select any one combined authentication process for identity authentication. Specifically, the user sends a verification process selection request to the computer device for identity verification through the human-computer interaction device. The computer receives the verification process selection request and determines the combined verification process selected by the user request. And configuring the combined authentication flow requested to be selected as the identity authentication flow of the service, thereby providing an individualized and differentiated identity authentication flow for the user. And if each verification flow in the combined verification flow passes the verification, determining that the user passes the identity authentication, and processing the service corresponding to the identity verification request for the user.
It is to be understood that if the first number is greater than or equal to two, and no authentication flow selection request is received. Any one of the combined authentication processes may be configured as a service authentication process, which is not described herein. In the multiple identity verification processes of the same service, each combined verification process can be configured into the identity verification process of the service in sequence, the safety of the identity verification process is improved by changing the verification process, the identity verification information of a user is effectively prevented from being broken and stolen, and further the damage of user assets and the leakage of private information are avoided.
Referring to fig. 3, fig. 3 is a flowchart illustrating a second authentication method according to an embodiment of the invention. As an example, after calculating the security score of the combined authentication procedure based on the authentication score of each authentication procedure, the step 130 further includes:
and 150, if the combined verification process with the security score being greater than or equal to the verification risk score does not exist, generating second prompt information for prompting that identity verification cannot be carried out.
If the combined verification process with the security score being greater than or equal to the verification risk score does not exist, it is determined that the risk that the verification information of the user is broken through and leaked exists in the obtained combined verification process in the user identity verification process, and second prompt information used for prompting that identity verification cannot be performed is generated. It should be understood that the user may also be prompted by the second prompt message to manually process the service, so as to ensure that the service is effectively processed.
The application provides an identity authentication method, which comprises the following steps: configuring a first number of combined authentication processes according to the personal information and the environment information, wherein each combined authentication process comprises at least two authentication processes; calculating a security score of the combined authentication process based on the authentication score of each authentication process; and if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to perform identity verification through the combined verification process. The user identity authentication is carried out through the combined authentication process comprising at least two authentication processes, so that the safety of the identity authentication process is improved, the identity authentication information of the user is effectively prevented from being broken and stolen, and further the damage of user assets and the leakage of private information are avoided. Meanwhile, the combined authentication process is configured according to the environment information and the personal information of the user, and an individualized and differentiated identity authentication process is provided for the user.
Example 2
Referring to fig. 4, fig. 4 is a schematic structural diagram of an authentication device according to an embodiment of the present invention. The authentication apparatus 200 in fig. 4 includes:
the information obtaining module 210 is configured to respond to a received service authentication request, and obtain personal information, environment information, and service scenario information of a user requesting authentication, where the service scenario information includes a service authentication risk score;
a process configuration module 220, configured to configure a first number of combined authentication processes according to the personal information and the environmental information, where each combined authentication process includes at least two authentication processes;
a score calculating module 230, configured to calculate a security score of the combined authentication process based on the authentication score of each authentication process;
the first prompting module 240 is configured to generate first prompting information for prompting a user to perform identity authentication through a combined authentication process if the combined authentication process with the security score being greater than or equal to the authentication risk score exists.
As an example, the service scenario information further includes a service-supported verification process and a service-limited verification process, and the process configuration module 220 is further configured to configure a first number of combined verification processes according to the personal information, the environment information, the service-supported verification process, and the service-limited verification process.
As an example, the first prompting module 240 is further configured to, if there is a combined verification process with a security score greater than or equal to the verification risk score, filter out the combined verification process with a security score smaller than the verification risk score to obtain a second number of combined verification processes, and generate first prompting information for prompting the user to perform identity verification through the combined verification processes, where the second number is smaller than or equal to the first number.
As an example, the identity authentication apparatus 200 further includes:
and the second prompting module is used for generating second prompting information for prompting that the identity authentication cannot be carried out if the combined authentication process with the security score larger than or equal to the authentication risk score does not exist.
As an example, the identity authentication apparatus 200 further includes:
and the flow filtering module is used for filtering the verification flow which passes the verification within the preset time in the combined verification flow if the verification flow which passes the verification within the preset time exists.
In an optional example, the score calculating module 230 is further configured to calculate a security score of the combined authentication process based on the authentication score of each authentication process included in the combined authentication process and the authentication score of the authentication process that passes the authentication within the preset time.
As an example, the identity authentication apparatus 200 further includes:
a selection request receiving module, configured to receive a verification process selection request if the first number is greater than or equal to two, where the process use request includes the combined verification process requested to be selected;
and the verification process configuration module is used for configuring the combined verification process selected by the request as the identity verification process of the service.
The authentication apparatus 200 is configured to perform corresponding steps in the authentication method, and specific implementations of various functions are not described one by one here. In addition, the alternative example in embodiment 1 is also applicable to the authentication apparatus 200 of embodiment 2.
An embodiment of the present application further provides a computer device, where the computer device includes a memory and a processor, where the memory stores a computer program, and when the processor executes the computer program, the identity authentication method according to embodiment 1 is implemented.
An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements the identity authentication method according to embodiment 1.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative and, for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, each functional module or unit in each embodiment of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention or a part of the technical solution that contributes to the prior art in essence can be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a smart phone, a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention.

Claims (10)

1. An identity verification method, the method comprising:
responding to a received service identity authentication request, and acquiring personal information, environmental information and service scene information of a user requesting authentication, wherein the service scene information comprises a service authentication risk score;
configuring a first number of combined authentication processes according to the personal information and the environment information, wherein each combined authentication process comprises at least two authentication processes;
calculating a security score of the combined authentication process based on the authentication score of each authentication process;
and if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to perform identity verification through the combined verification process.
2. The identity authentication method of claim 1, wherein the service scenario information further includes service-supported authentication procedures and service-defined authentication procedures, and the configuring the first number of combined authentication procedures according to the personal information and the environment information includes:
and configuring a first number of combined verification processes according to the personal information, the environment information, the verification processes supported by the service and the verification processes limited by the service.
3. The identity authentication method according to claim 1, wherein if there is a combined authentication process with a security score greater than or equal to the authentication risk score, generating first prompt information for prompting the user to perform identity authentication through the combined authentication process, includes:
and if the combined verification process with the security score larger than or equal to the verification risk score exists, filtering out the combined verification process with the security score smaller than the verification risk score to obtain a second number of combined verification processes, and generating first prompt information for prompting a user to perform identity verification through the combined verification processes, wherein the second number is smaller than or equal to the first number.
4. The identity authentication method according to claim 1, wherein after calculating the security score of the combined authentication process based on the authentication score of each authentication process, the method further comprises:
and if the combined verification process with the security score being greater than or equal to the verification risk score does not exist, generating second prompt information for prompting that identity verification cannot be carried out.
5. The identity verification method of claim 1, wherein after configuring the first number of combined verification processes according to the personal information and the environmental information, the method further comprises:
and if the environment information comprises a verification process which passes the verification within the preset time, filtering the verification process which passes the verification within the preset time in the combined verification process.
6. The identity authentication method of claim 5, wherein the calculating a security score for the combined authentication process based on the authentication score for each authentication process comprises:
and calculating the safety score of the combined verification process based on the verification score of each verification process included in the combined verification process and the verification score of the verification process passing the verification in the preset time.
7. The identity authentication method according to claim 1, wherein if there is a combined authentication process with a security score greater than or equal to the authentication risk score, generating first prompt information for prompting the user to perform identity authentication through the combined authentication process, includes:
if the first number is greater than or equal to two, receiving a verification process selection request, wherein the process use request comprises the combined verification process requested to be selected;
and configuring the combined verification process selected by the request as an identity verification process of the service.
8. An authentication apparatus, the apparatus comprising:
the information acquisition module is used for responding to a received service identity authentication request and acquiring personal information, environmental information and service scene information of a user requesting authentication, wherein the service scene information comprises a service authentication risk score;
a flow configuration module, configured to configure a first number of combined authentication flows according to the personal information and the environment information, where each combined authentication flow includes at least two authentication flows;
the score calculating module is used for calculating the safety score of the combined verification process based on the verification score of each verification process;
and the first prompt module is used for generating first prompt information for prompting a user to carry out identity verification through the combined verification process if the combined verification process with the security score being greater than or equal to the verification risk score exists.
9. A computer device, characterized in that the computer device comprises a memory and a processor, the memory storing a computer program which, when executed by the processor, implements the identity verification method according to any one of claims 1 to 7.
10. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, implements an authentication method according to any one of claims 1 to 7.
CN202210743327.2A 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium Active CN115118501B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210743327.2A CN115118501B (en) 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210743327.2A CN115118501B (en) 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN115118501A true CN115118501A (en) 2022-09-27
CN115118501B CN115118501B (en) 2023-09-19

Family

ID=83330099

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210743327.2A Active CN115118501B (en) 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN115118501B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180083950A1 (en) * 2015-02-24 2018-03-22 Avatier Corporation Aggregator technology without usernames and passwords implemented in unified risk scoring
US10432605B1 (en) * 2012-03-20 2019-10-01 United Services Automobile Association (Usaa) Scalable risk-based authentication methods and systems
CN111400685A (en) * 2020-02-25 2020-07-10 西华大学 Security identity authentication method adopting competition matching
US20210051168A1 (en) * 2018-07-27 2021-02-18 Advanced New Technologies Co., Ltd. Identity verification and account information updating methods and apparatuses

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10432605B1 (en) * 2012-03-20 2019-10-01 United Services Automobile Association (Usaa) Scalable risk-based authentication methods and systems
US20180083950A1 (en) * 2015-02-24 2018-03-22 Avatier Corporation Aggregator technology without usernames and passwords implemented in unified risk scoring
US20210051168A1 (en) * 2018-07-27 2021-02-18 Advanced New Technologies Co., Ltd. Identity verification and account information updating methods and apparatuses
CN111400685A (en) * 2020-02-25 2020-07-10 西华大学 Security identity authentication method adopting competition matching

Also Published As

Publication number Publication date
CN115118501B (en) 2023-09-19

Similar Documents

Publication Publication Date Title
CN107679861B (en) Resource transfer method, fund payment method, device and electronic equipment
US20200051074A1 (en) Method for approving use of card by using blockchain-based token id and server using method
US9485253B2 (en) Familiar dynamic human challenge response test content
US20180158055A1 (en) System and method for automated analysis comparing a wireless device location with another geographic location
US20150195133A1 (en) Methods and systems for provisioning multiple devices
US10430794B2 (en) System and method including customized linkage rules in payment transactions
US20170295155A1 (en) Tokenization of co-network accounts
US20160239833A1 (en) Methods and systems for processing an electronic payment
US20120084206A1 (en) System and method for secure transactions at a mobile device
CN109257366B (en) Method and device for authenticating user
US11240220B2 (en) Systems and methods for user authentication based on multiple devices
EP3132591A1 (en) Systems, apparatus and methods for improved authentication
WO2019153461A1 (en) Identity information changing method and apparatus, terminal device, and storage medium
CN102197407A (en) System and method of secure payment transactions
US11107082B2 (en) Method and system for authorizing an electronic transaction
EP3616111B1 (en) System and method for generating access credentials
CN113015992B (en) Cloud token provisioning of multiple tokens
WO2017176279A1 (en) Tokenization of co-network accounts
US20210049568A1 (en) Method and System for Large Transfer Authentication
CN115118501B (en) Identity verification method, identity verification device, computer equipment and computer readable storage medium
US20160125410A1 (en) System and Method for Detecting and Preventing Social Engineering-Type Attacks Against Users
EP3217593A1 (en) Two-factor authentication method for increasing the security of transactions between a user and a transaction point or system
WO2016083987A1 (en) Method of and system for obtaining proof of authorisation of a transaction
CN108701304B (en) Authentication method
US11475446B2 (en) System, methods and computer program products for identity authentication for electronic payment transactions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant