CN115118501B - Identity verification method, identity verification device, computer equipment and computer readable storage medium - Google Patents

Identity verification method, identity verification device, computer equipment and computer readable storage medium Download PDF

Info

Publication number
CN115118501B
CN115118501B CN202210743327.2A CN202210743327A CN115118501B CN 115118501 B CN115118501 B CN 115118501B CN 202210743327 A CN202210743327 A CN 202210743327A CN 115118501 B CN115118501 B CN 115118501B
Authority
CN
China
Prior art keywords
verification
combined
score
information
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210743327.2A
Other languages
Chinese (zh)
Other versions
CN115118501A (en
Inventor
崔伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Bank Co Ltd
Original Assignee
Ping An Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Bank Co Ltd filed Critical Ping An Bank Co Ltd
Priority to CN202210743327.2A priority Critical patent/CN115118501B/en
Publication of CN115118501A publication Critical patent/CN115118501A/en
Application granted granted Critical
Publication of CN115118501B publication Critical patent/CN115118501B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/028Capturing of monitoring data by filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The embodiment of the application discloses an identity verification method, an identity verification device, computer equipment and a computer readable storage medium, wherein the identity verification method comprises the following steps: responding to the received identity verification request of the service, acquiring personal information, environment information and service scene information of a user requesting verification, and configuring a first number of combined verification processes according to the personal information and the environment information; calculating a security score for the combined verification process based on the verification score for each verification process; if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to carry out identity verification through the combined verification process. The user identity verification is performed through the combined verification process, so that the safety of the identity verification process is improved, the fact that the user identity verification information is broken through and stolen is effectively avoided, and further the fact that the user asset is damaged and private information is leaked is avoided. Meanwhile, personalized and differentiated authentication flow is provided for the user.

Description

Identity verification method, identity verification device, computer equipment and computer readable storage medium
Technical Field
The present application relates to the field of information security, and in particular, to an identity authentication method, apparatus, computer device, and computer readable storage medium.
Background
With the rapid development of internet technology, the types of services that users can transact through the online internet are increasing. When the user performs online business handling, the mobile terminal receives the dynamic verification code, the deposit card/credit card secret verification, the payment password verification, the face recognition and other identification modes to perform the identity verification flow.
In the user identity verification process, verification processes adopted by each user habit are different, for example, higher-age users are inconvenient to carry out fingerprint verification, and usually do not adopt fingerprint verification identities, but adopt passwords to verify identities. However, each business scenario only provides a fixed verification process, and cannot provide a personalized and differentiated verification process for the user. In addition, when the security of the fixed authentication process is lower in the risk business scenario of loan handling, transfer, transaction, sensitive information operation and the like, the authentication process of the user can be broken through and stolen, and further the user property is damaged and private information is leaked.
Disclosure of Invention
In view of the above, the present application aims to overcome the shortcomings in the prior art, and provide an authentication method, an apparatus, a computer device and a computer readable storage medium for solving the problem of low security of the authentication process.
In a first aspect, the present application provides an authentication method, the method comprising:
responding to a received identity verification request of a service, and acquiring personal information, environment information and service scene information of a user requesting verification, wherein the service scene information comprises verification risk scores of the service;
configuring a first number of combined verification processes according to the personal information and the environment information, wherein each combined verification process comprises at least two verification processes;
calculating a security score for the combined verification process based on the verification score for each of the verification processes;
if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to verify the identity through the combined verification process.
With reference to the first aspect, in a first possible implementation manner, the service scenario information further includes a service-supported verification procedure and a service-defined verification procedure, and configuring, according to the personal information and the environment information, a first number of combined verification procedures includes:
and configuring a first number of combined verification processes according to the personal information, the environment information, the verification process supported by the service and the verification process limited by the service.
With reference to the first aspect, in a second possible implementation manner, the generating, if there is a combined verification process with a security score greater than or equal to the verification risk score, first prompt information for prompting a user to perform identity verification through the combined verification process includes:
if a combined verification process with the security score being greater than or equal to the verification risk score exists, filtering the combined verification process with the security score being smaller than the verification risk score to obtain a second number of combined verification processes, and generating first prompt information for prompting a user to perform identity verification through the combined verification process, wherein the second number is smaller than or equal to the first number.
With reference to the first aspect, in a third possible implementation manner, after calculating the security score of the combined verification process based on the verification score of each verification process, the method further includes:
and if the combined verification process with the security score being greater than or equal to the verification risk score does not exist, generating second prompt information for prompting that identity verification cannot be performed.
With reference to the first aspect, in a fourth possible implementation manner, after the configuring a first number of combined verification processes according to the personal information and the environment information, the method further includes:
and if the environment information comprises the verification process passing the verification in the preset time, filtering the verification process passing the verification in the preset time in the combined verification process.
With reference to the fourth possible implementation manner of the first aspect, in a fifth possible implementation manner, the calculating a security score of the combined verification process based on the verification score of each verification process includes:
and calculating the security score of the combined verification process based on the verification score of each verification process included in the combined verification process and the verification score of the verification process passing verification in the preset time.
With reference to the first aspect, in a sixth possible implementation manner, the generating, if there is a combined verification process with a security score greater than or equal to the verification risk score, first prompt information for prompting a user to perform identity verification through the combined verification process includes:
if the first number is greater than or equal to two, receiving a verification process selection request, wherein the process use request comprises the combined verification process requested to be selected;
and configuring the combined verification process selected by the request as the identity verification process of the service.
In a second aspect, the present application provides an authentication apparatus, the apparatus comprising:
the information acquisition module is used for responding to the received identity verification request of the service and acquiring personal information, environment information and service scene information of a user requesting verification, wherein the service scene information comprises verification risk scores of the service;
a flow configuration module, configured to configure a first number of combined verification flows according to the personal information and the environment information, where each combined verification flow includes at least two verification flows;
a score calculation module, configured to calculate a security score of the combined verification process based on the verification score of each verification process;
and the first prompting module is used for generating first prompting information for prompting the user to carry out identity verification through the combined verification process if the combined verification process with the security score being greater than or equal to the verification risk score exists.
In a third aspect, the present application provides a computer device comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, implements the authentication method according to the first aspect.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the authentication method according to the first aspect.
The application provides an identity verification method, which comprises the following steps: configuring a first number of combined verification processes according to the personal information and the environment information, wherein each combined verification process comprises at least two verification processes; calculating a security score for the combined verification process based on the verification score for each of the verification processes; if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to verify the identity through the combined verification process. The authentication of the user is performed through the combined authentication process comprising at least two authentication processes, so that the safety of the authentication process is improved, the fact that the authentication information of the user is broken through and stolen is effectively avoided, and further the fact that the user asset is damaged and private information is leaked is avoided. Meanwhile, the combined verification flow is configured according to the environment information and the personal information of the user, and a personalized and differentiated identity verification flow is provided for the user.
Drawings
In order to more clearly illustrate the technical solutions of the present application, the drawings that are required for the embodiments will be briefly described, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope of the present application. Like elements are numbered alike in the various figures.
Fig. 1 shows a flowchart of a first authentication method according to an embodiment of the present application;
FIG. 2 is a flow chart of a second authentication method according to an embodiment of the present application;
fig. 3 shows a flowchart of a third authentication method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an authentication device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments.
The components of the embodiments of the present application generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the application, as presented in the figures, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by a person skilled in the art without making any inventive effort, are intended to be within the scope of the present application.
The terms "comprises," "comprising," "including," or any other variation thereof, are intended to cover a specific feature, number, step, operation, element, component, or combination of the foregoing, which may be used in various embodiments of the present application, and are not intended to first exclude the presence of or increase the likelihood of one or more other features, numbers, steps, operations, elements, components, or combinations of the foregoing.
Furthermore, the terms "first," "second," "third," and the like are used merely to distinguish between descriptions and should not be construed as indicating or implying relative importance.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which various embodiments of the application belong. The terms (such as those defined in commonly used dictionaries) will be interpreted as having a meaning that is the same as the context of the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein in connection with the various embodiments of the application.
Example 1
Referring to fig. 1, fig. 1 is a flowchart illustrating a first authentication method according to an embodiment of the present application. The authentication method in fig. 1 includes the steps of:
step 110, in response to the received authentication request of the service, personal information, environment information and service scene information of the user requesting authentication are obtained.
The identity verification method is applied to computer equipment, and particularly, when a user transacts business, the identity verification request of the business is sent through man-machine interaction equipment, wherein the computer equipment and the man-machine interaction equipment are selected according to actual requirements, and the method is not limited. The computer equipment responds to the received authentication request of the service and acquires personal information, environment information and service scene information of a user requesting authentication.
It should be understood that the personal information may be any information used for associating with the identity of the user, such as facial image, age, nationality, certificate number, and historically used authentication procedure, which is not limited herein. The environment information includes current network geographic information, information such as operations performed by the user, and information such as verification procedures that can be adopted by the current environment, where the network geographic information includes, but is not limited to, GPS (Global Positioning System ) information, IP (Internet Protocol, internet protocol) address, and the like, and is not limited herein.
The business scenario information includes a verification risk score for the business. The verification risk score of the business is set according to the actual requirement, and is not limited herein. In order to facilitate understanding of the present application, in this embodiment, high risk services such as loan handling, transfer, transaction, and sensitive information handling are configured as high-scoring verification risk scores. And matching low-risk services such as information inquiry and the like into low-scoring verification risk scores. And the high-scoring verification risk scoring business requires the corresponding verification process of the high-security scoring of the user, so that the damage of the user asset and the leakage of private information are avoided. And if the high-scoring business for verifying the risk score is high, the user is allowed to perform a verification process with low security score, so that the operation of the user is simplified, and the experience of the user is improved.
Step 120, configuring a first number of combined verification processes according to the personal information and the environment information.
And acquiring a verification process supported by the personal information, specifically, if the personal information of the user does not comprise the certificate number of the user, determining that the personal information does not support the process of verifying the identity of the user through the certificate number. If the personal information of the user comprises fingerprint information of the user, confirming that the personal information supports a process of verifying the identity of the user through the fingerprint information. And acquiring a verification process supported by the environment information, and specifically, if fingerprint acquisition equipment is arranged in the environment where the user is located, determining that the environment information supports a process of verifying the identity of the user through the fingerprint information. If no image acquisition equipment is arranged in the environment where the user is located, determining that the environment information does not support the process of verifying the identity of the user through the facial image.
And acquiring verification processes supported by the personal information and the environment information at the same time, and optionally combining the verification processes to obtain a first number of combined verification processes including at least two verification processes. The user identity authentication is performed through the continuous authentication flow, so that the user identity authentication flow is effectively prevented from being broken through and stolen.
It is to be appreciated that the personal information may also include a historical authentication record of the user. And obtaining the identity verification of the user by adopting fingerprint verification through the historical identity verification record, wherein a combined verification flow comprising fingerprint verification can be configured. And (3) obtaining that the user does not pass the identity verification after carrying out face recognition verification for a plurality of times in a time period through the historical identity verification record, and configuring a combined verification flow which does not comprise the face recognition verification. The personal information and the environment information are used for configuring the combined verification process, so that a personalized and differentiated identity verification process is provided for the user.
As an example, the service scenario information further includes a service-supported verification procedure and a service-defined verification procedure, and the configuring a first number of combined verification procedures according to the personal information and the environment information includes:
and configuring a first number of combined verification processes according to the personal information, the environment information, the verification process supported by the service and the verification process limited by the service.
It should be understood that the verification process supported by the service is a verification process that can be selectively used in the service scenario, and the verification process defined by the service is a verification process that must be used in the service scenario. The verification process of each service is configured according to the actual requirement, and is not limited herein. For example, in the account transfer service scenario, payment password verification, certificate number verification, login password verification, face recognition verification, fingerprint verification are verification processes of service support, and the user cannot perform account transfer service processing through voiceprint verification. The payment password verification is a verification process defined by a service, and the user can process the transfer service after passing the payment password verification.
And (3) optionally combining the payment password verification with the certificate number verification, the login password verification, the face recognition verification and the fingerprint verification to obtain a first number of combined verification processes. Specifically, the combined verification process may be a combination of payment password verification and face recognition verification, or a combination of payment password verification and fingerprint verification, or a combination of payment password verification, certificate number verification, and login password verification, which will not be described herein. And configuring a first number of combined verification processes through the verification processes supported by the service and the verification processes limited by the service, and ensuring that the combined verification processes are matched with the service scene.
Step 130, calculating a security score of the combined verification process based on the verification score of each verification process.
And obtaining the verification scores of the verification processes included in each combined verification process, and summing the verification scores of each verification process in the combined processes to obtain the security scores of the combined verification processes.
It should be understood that the verification score of each verification process is set according to the actual requirement, which is not limited herein. Specifically, the face recognition authentication may be set to a high-scoring authentication score, and the login password authentication may be set to a low-scoring authentication score.
It should also be appreciated that the verification score for each verification process may also be modified based on the context information. For example, when a user handles a transfer service, and when authentication is requested by a man-machine interaction device, environment information including an IP address is obtained, and the location of the user is obtained by the IP address. If the obtained user position is in the bank, the verification score of each verification process can be improved. If the obtained user position is not in the bank, the verification score of each verification process can be reduced.
Referring to fig. 2 together, fig. 2 is a flowchart illustrating a second authentication method according to an embodiment of the present application. As an example, after configuring the first number of combined verification processes according to the personal information and the environment information, the step 120 further includes:
step 121, if the environmental information includes a verification process that passes the verification within a preset time, filtering the verification process that passes the verification within the preset time in the combined verification process.
The authentication process exemption passing authentication can be configured, so that the operation process of the user in authentication is simplified, and the authentication efficiency is improved. For example, the combined verification process includes payment password verification and face recognition verification. If the user does not pass the face recognition verification and the face recognition verification within the preset time, and the user passes the combined verification process to perform the user authentication, the user needs to perform the payment password verification and the face recognition verification at the same time. If the user passes the face recognition verification within the preset time, filtering the verification process which passes the verification within the preset time in the combined verification process. When user identity verification is performed through the combined verification flow, the user only needs to perform payment password verification. On the basis of avoiding breakthrough and leakage of user authentication information, the user does not need to carry out repeated authentication flow, so that the operation of the user in the authentication process is reduced, and the authentication efficiency is improved.
In an alternative example, the step 130 calculates the security score of the combined verification process based on the verification score of each verification process, including:
step 131, calculating a security score of the combined verification process based on the verification score of each verification process included in the combined verification process and the verification score of the verification process passing verification within the preset time.
If the environment information comprises verification processes passing verification in a preset time, reserving verification scores of the verification processes passing verification, namely, counting the verification scores of the verification processes passing verification in the preset time into security scores of the combined verification processes. And filtering the verification process passing verification within the preset time in the combined verification process, and not changing the security score of the combined verification process. The user does not need to carry out repeated verification flow, so that the operation flow of the user is simplified, the security score of the verification flow is prevented from being reduced, and the effectiveness of the security score is ensured.
And 140, if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to verify the identity through the combined verification process.
If a combined verification process with the security score being greater than or equal to the verification risk score exists, determining that the obtained combined verification process can effectively avoid breakthrough leakage of verification information of the user in the user identity verification process, and generating first prompt information for prompting the user to perform identity verification through the combined verification process, so that the user is guided to perform identity verification through the combined verification process. By combining a plurality of verification processes, the security of the authentication process is improved, the user authentication information is effectively prevented from being broken through and stolen, and further the damage of the user assets and the leakage of private information are avoided.
As an example, the generating the first prompting information for prompting the user to perform identity verification through the combined verification process if the combined verification process with the security score being greater than or equal to the verification risk score includes:
if a combined verification process with the security score being greater than or equal to the verification risk score exists, filtering the combined verification process with the security score being smaller than the verification risk score to obtain a second number of combined verification processes, and generating first prompt information for prompting a user to perform identity verification through the combined verification process, wherein the second number is smaller than or equal to the first number.
In the process of actually configuring the combined verification process, the combined verification process with the security score smaller than the verification risk score is also configured, and the combined verification process with the security score larger than or equal to the verification risk score is also configured. And filtering out combined verification processes with the security scores smaller than the verification risk scores, and reserving a second number of combined verification processes with the security scores larger than or equal to the verification risk scores.
It is to be appreciated that when the security score of each combined verification process is greater than or equal to the verification risk score, the second number is equal to the first number. When there is a combined verification process with a security score less than the verification risk score, the second number is less than the first number. The second number is based on the security score, the verification risk score of the combined verification process, and is not limited herein.
As an example, the generating the first prompting information for prompting the user to perform identity verification through the combined verification process if the combined verification process with the security score being greater than or equal to the verification risk score includes:
if the first number is greater than or equal to two, receiving a verification process selection request, wherein the process use request comprises the combined verification process requested to be selected;
and configuring the combined verification process selected by the request as the identity verification process of the service.
If the first number is greater than or equal to two, the user can select any one of the combined verification processes to perform identity verification. Specifically, the user sends a verification process selection request to the computer equipment for identity verification through the man-machine interaction equipment. The computer receives the verification process selection request and determines a combined verification process selected by the user request. The combined verification process of the request selection is configured as the identity verification process of the service, and personalized and differentiated identity verification processes are provided for the user. If each verification process in the combined verification process passes verification, determining that the user passes identity authentication, and processing a service corresponding to the identity authentication request for the user.
It should be understood that if the first number is greater than or equal to two, and the verification process selection request is not received. Any one of the combined verification processes may be configured as an authentication process of the service, which is not described herein. In the multiple identity verification process of the same service, each combined verification process can be configured as the identity verification process of the service in sequence, the security of the identity verification process is improved through the change verification process, the fact that the identity verification information of a user is broken through and stolen is effectively avoided, and further damage to the user asset and leakage of private information are avoided.
Referring to fig. 3 together, fig. 3 is a flowchart illustrating a second authentication method according to an embodiment of the present application. As an example, the step 130, after calculating the security score of the combined verification process based on the verification score of each verification process, further includes:
and step 150, if no combined verification process with the security score greater than or equal to the verification risk score exists, generating second prompt information for prompting that identity verification cannot be performed.
If a combined verification process with the security score being greater than or equal to the verification risk score does not exist, determining that the risk that verification information of the user breaks through and leaks exists in the obtained combined verification process in the current user identity verification process, and generating second prompt information for prompting that identity verification cannot be performed. It is to be understood that the user can be prompted to process the service manually through the second prompt information, so that the service can be effectively processed.
The application provides an identity verification method, which comprises the following steps: configuring a first number of combined verification processes according to the personal information and the environment information, wherein each combined verification process comprises at least two verification processes; calculating a security score for the combined verification process based on the verification score for each of the verification processes; if a combined verification process with the security score being greater than or equal to the verification risk score exists, generating first prompt information for prompting the user to verify the identity through the combined verification process. The authentication of the user is performed through the combined authentication process comprising at least two authentication processes, so that the safety of the authentication process is improved, the fact that the authentication information of the user is broken through and stolen is effectively avoided, and further the fact that the user asset is damaged and private information is leaked is avoided. Meanwhile, the combined verification flow is configured according to the environment information and the personal information of the user, and a personalized and differentiated identity verification flow is provided for the user.
Example 2
Referring to fig. 4, fig. 4 is a schematic structural diagram of an authentication device according to an embodiment of the present application. The authentication apparatus 200 in fig. 4 includes:
the information obtaining module 210 is configured to obtain personal information, environment information and service scenario information of a user requesting verification in response to a received service authentication request, where the service scenario information includes a verification risk score of a service;
a flow configuration module 220, configured to configure a first number of combined verification flows according to the personal information and the environment information, where each combined verification flow includes at least two verification flows;
a score calculation module 230, configured to calculate a security score of the combined verification process based on the verification score of each verification process;
the first prompting module 240 is configured to generate first prompting information for prompting the user to perform identity verification through the combined verification process if there is a combined verification process with a security score greater than or equal to the verification risk score.
As an example, the service scenario information further includes a service-supported verification procedure and a service-defined verification procedure, and the procedure configuration module 220 is further configured to configure a first number of combined verification procedures according to the personal information, the environment information, the service-supported verification procedure, and the service-defined verification procedure.
As an example, the first prompting module 240 is further configured to filter out the combined verification processes with the security score being smaller than the verification risk score to obtain a second number of combined verification processes if there is a combined verification process with the security score being greater than or equal to the verification risk score, and generate first prompting information for prompting the user to perform identity verification through the combined verification processes, where the second number is smaller than or equal to the first number.
As an example, the authentication device 200 further includes:
and the second prompting module is used for generating second prompting information for prompting that the identity verification cannot be performed if no combined verification process with the security score being greater than or equal to the verification risk score exists.
As an example, the authentication device 200 further includes:
and the flow filtering module is used for filtering the verification flow passing the verification in the preset time in the combined verification flow if the verification flow passing the verification in the preset time exists.
In an optional example, the score calculating module 230 is further configured to calculate the security score of the combined verification process based on the verification score of each verification process included in the combined verification process and the verification score of the verification process that passes verification within the preset time.
As an example, the authentication device 200 further includes:
a selection request receiving module, configured to receive a verification process selection request if the first number is greater than or equal to two, where the process usage request includes the combined verification process requested to be selected;
and the verification process configuration module is used for configuring the combined verification process selected by the request as the identity verification process of the service.
The authentication device 200 is configured to perform the corresponding steps in the authentication method described above, and the implementation of each function is not described herein. Furthermore, the alternative example in embodiment 1 is also applicable to the authentication apparatus 200 of embodiment 2.
The embodiment of the application also provides a computer device, which comprises a memory and a processor, wherein the memory stores a computer program, and the computer program realizes the identity verification method in the embodiment 1 when the computer program is executed by the processor.
The embodiment of the present application also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the authentication method described in embodiment 1.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The apparatus embodiments described above are merely illustrative, for example, of the flow diagrams and block diagrams in the figures, which illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules or units in various embodiments of the application may be integrated together to form a single part, or the modules may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a smart phone, a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application.

Claims (9)

1. A method of identity verification, the method comprising:
responding to a received identity verification request of a service, and acquiring personal information, environment information and service scene information of a user requesting verification, wherein the service scene information comprises verification risk scores of the service;
configuring a first number of combined verification processes according to the personal information and the environment information, wherein each combined verification process comprises at least two verification processes;
calculating a security score for the combined verification process based on the verification score for each of the verification processes;
if a combined verification process with the security score being greater than or equal to the verification risk score exists, filtering the combined verification process with the security score being smaller than the verification risk score to obtain a second number of combined verification processes, and generating first prompt information for prompting a user to perform identity verification through the combined verification process, wherein the second number is smaller than or equal to the first number.
2. The authentication method according to claim 1, wherein the service scenario information further includes a service-supported authentication procedure and a service-defined authentication procedure, and the configuring a first number of combined authentication procedures according to the personal information and the environment information includes:
and configuring a first number of combined verification processes according to the personal information, the environment information, the verification process supported by the service and the verification process limited by the service.
3. The authentication method according to claim 1, wherein after calculating the security score of the combined authentication flow based on the authentication score of each of the authentication flows, further comprising:
and if the combined verification process with the security score being greater than or equal to the verification risk score does not exist, generating second prompt information for prompting that identity verification cannot be performed.
4. The authentication method according to claim 1, wherein after the configuring of the first number of combined authentication flows according to the personal information and the environment information, further comprises:
and if the environment information comprises the verification process passing the verification in the preset time, filtering the verification process passing the verification in the preset time in the combined verification process.
5. The authentication method of claim 4, wherein the calculating a security score for the combined authentication flow based on the authentication score for each of the authentication flows comprises:
and calculating the security score of the combined verification process based on the verification score of each verification process included in the combined verification process and the verification score of the verification process passing verification in the preset time.
6. The authentication method according to claim 1, wherein the generating the first prompt message for prompting the user to perform authentication through the combined authentication procedure if the combined authentication procedure with the security score being greater than or equal to the authentication risk score exists includes:
if the first number is greater than or equal to two, receiving a verification process selection request, wherein the process use request comprises the combined verification process requested to be selected;
and configuring the combined verification process selected by the request as the identity verification process of the service.
7. An authentication device, the device comprising:
the information acquisition module is used for responding to the received identity verification request of the service and acquiring personal information, environment information and service scene information of a user requesting verification, wherein the service scene information comprises verification risk scores of the service;
a flow configuration module, configured to configure a first number of combined verification flows according to the personal information and the environment information, where each combined verification flow includes at least two verification flows;
a score calculation module, configured to calculate a security score of the combined verification process based on the verification score of each verification process;
the first prompting module is used for filtering out the combined verification processes with the security score smaller than the verification risk score if the combined verification processes with the security score larger than or equal to the verification risk score exist, obtaining a second number of combined verification processes, and generating first prompting information for prompting a user to perform identity verification through the combined verification processes, wherein the second number is smaller than or equal to the first number.
8. A computer device, characterized in that it comprises a memory and a processor, the memory storing a computer program which, when executed by the processor, implements the authentication method according to any one of claims 1 to 6.
9. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the authentication method according to any of claims 1 to 6.
CN202210743327.2A 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium Active CN115118501B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210743327.2A CN115118501B (en) 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210743327.2A CN115118501B (en) 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN115118501A CN115118501A (en) 2022-09-27
CN115118501B true CN115118501B (en) 2023-09-19

Family

ID=83330099

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210743327.2A Active CN115118501B (en) 2022-06-27 2022-06-27 Identity verification method, identity verification device, computer equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN115118501B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10432605B1 (en) * 2012-03-20 2019-10-01 United Services Automobile Association (Usaa) Scalable risk-based authentication methods and systems
CN111400685A (en) * 2020-02-25 2020-07-10 西华大学 Security identity authentication method adopting competition matching

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10432615B2 (en) * 2015-02-24 2019-10-01 Avatier Corporation Aggregator technology without usernames and passwords implemented in unified risk scoring
CN109120605A (en) * 2018-07-27 2019-01-01 阿里巴巴集团控股有限公司 Authentication and account information variation and device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10432605B1 (en) * 2012-03-20 2019-10-01 United Services Automobile Association (Usaa) Scalable risk-based authentication methods and systems
CN111400685A (en) * 2020-02-25 2020-07-10 西华大学 Security identity authentication method adopting competition matching

Also Published As

Publication number Publication date
CN115118501A (en) 2022-09-27

Similar Documents

Publication Publication Date Title
US11263691B2 (en) System and method for secure transactions at a mobile device
US10433128B2 (en) Methods and systems for provisioning multiple devices
US9485253B2 (en) Familiar dynamic human challenge response test content
CN107851254B (en) Seamless transactions with minimized user input
US20180158055A1 (en) System and method for automated analysis comparing a wireless device location with another geographic location
US8510797B2 (en) Online user authentication
US9613377B2 (en) Account provisioning authentication
US10671988B2 (en) Methods and systems for processing an electronic payment
US20150294313A1 (en) Systems, apparatus and methods for improved authentication
US20170109752A1 (en) Utilizing enhanced cardholder authentication token
CN109257366B (en) Method and device for authenticating user
WO2019153461A1 (en) Identity information changing method and apparatus, terminal device, and storage medium
CN102197407A (en) System and method of secure payment transactions
WO2017093801A2 (en) Systems and methods for electronic fraud detection and prevention
CN113015992B (en) Cloud token provisioning of multiple tokens
US20180316687A1 (en) System and method for generating access credentials
US20210049568A1 (en) Method and System for Large Transfer Authentication
CN115118501B (en) Identity verification method, identity verification device, computer equipment and computer readable storage medium
CA2886548A1 (en) Methods and systems relating to real world and virtual world identities
US20160125410A1 (en) System and Method for Detecting and Preventing Social Engineering-Type Attacks Against Users
EP3217593A1 (en) Two-factor authentication method for increasing the security of transactions between a user and a transaction point or system
WO2016083987A1 (en) Method of and system for obtaining proof of authorisation of a transaction
WO2017112174A1 (en) Method and device for facilitating supply of a requested service
CN107292628B (en) Service implementation method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant