CN115204898A - Payment password verification method and device - Google Patents
Payment password verification method and device Download PDFInfo
- Publication number
- CN115204898A CN115204898A CN202210824367.XA CN202210824367A CN115204898A CN 115204898 A CN115204898 A CN 115204898A CN 202210824367 A CN202210824367 A CN 202210824367A CN 115204898 A CN115204898 A CN 115204898A
- Authority
- CN
- China
- Prior art keywords
- password
- information
- verification
- configuration information
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a payment password verification method and device, which can be applied to the financial field or other fields. Obtaining the verification information of a one-digit password input by using a random keyboard; comparing whether the verification information and the configuration information have consistent information or not according to the configuration information of the preset password; if the consistent information exists, the password is recorded correctly; otherwise, recording the password error; and obtaining the verification information of the next password for verification until the last password is verified. In the scheme, the random keyboard is used for acquiring the verification information of the password for verification, the absolute value or the absolute position information in the verification information of the password is compared with the configuration information, if the consistent information exists, the verification is passed, and because the verification mode of each password has two possibilities, namely the verification of the absolute value or the verification of the absolute position information, the value which should be input by each password in the next random keyboard has two possibilities, so that the safety of password verification is greatly improved.
Description
Technical Field
The invention relates to the technical field of security, in particular to a payment password verification method and device.
Background
At present, mobile payment services account for more and more high daily consumption, and the safety of online payment is very important no matter whether car-taking, shopping or diet is always in an online payment mode.
In the prior art, when payment verification is performed, a fixed password is usually input in a fixed keyboard or a random keyboard for verification, so that an eavesdropper can remember the password input by a user to achieve the purpose of stealing the password, and the password verification mode has low security.
Therefore, the existing payment password verification method has low security, which is a problem to be solved urgently.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for verifying a payment password, so as to achieve the purpose of improving security of payment password verification.
In order to achieve the above object, the embodiments of the present invention provide the following technical solutions:
the first aspect of the embodiment of the invention discloses a payment password verification method, which comprises the following steps:
acquiring verification information of a one-bit password input by a user by using a random keyboard, wherein the verification information comprises an absolute value and absolute position information of the password;
according to configuration information of a preset password for verifying the password, comparing whether the verification information and the configuration information have consistent information, wherein the configuration information comprises an absolute value or absolute position information of the preset password;
if the verification information and the configuration information have consistent information, recording that the password is correct;
if the verification information and the configuration information do not have consistent information, recording the password error;
and continuously acquiring the authentication information of the next password input by the user by using the random keyboard for authentication until the last password is authenticated.
Preferably, the verifying, according to configuration information of a preset password used for verifying the password, whether there is information that is consistent between the verification information and the configuration information, where the configuration information includes an absolute value or absolute position information of the preset password, includes:
acquiring configuration information of a preset password for verifying the password, wherein the configuration information comprises an absolute value or absolute position information of the preset password;
judging whether the configuration information comprises absolute position information of the preset password or not;
if the configuration information comprises the absolute position information of the preset password, judging whether the absolute position information of the password is consistent with the absolute position information of the preset password;
if the verification information is consistent with the configuration information, determining that the verification information is consistent with the configuration information;
if the verification information is inconsistent with the configuration information, determining that the consistent information does not exist in the verification information and the configuration information;
if the configuration information does not include the absolute position information of the preset password, judging whether the absolute value of the password is consistent with the absolute value of the preset password;
if the verification information is consistent with the configuration information, determining that the verification information is consistent with the configuration information;
and if not, determining that no consistent information exists in the verification information and the configuration information.
Preferably, the process of pre-configuring the configuration information of the preset password includes:
acquiring absolute values and absolute position information of all preset passwords input by a user;
responding to the configuration operation of a user for each preset password, and configuring the type of the preset password into an absolute value key or an absolute position key;
generating configuration information containing the absolute value of the preset password when the type of the preset password is configured as an absolute value key;
and when the type of the preset password is configured as an absolute position key, generating configuration information containing absolute position information of the preset password.
Preferably, after the last password is authenticated, the method further includes:
inquiring whether an error record exists;
if yes, the output password authentication fails;
if not, the password verification is output successfully.
Preferably, after the last password is authenticated, the method further includes:
judging whether the input password digit is consistent with a preset password digit preset by the user;
if yes, inquiring whether an error record exists;
if yes, the output password authentication fails;
if not, outputting the password to verify successfully;
if not, the output password authentication fails.
The second aspect of the embodiment of the present invention discloses a payment password verification apparatus, including:
the device comprises an acquisition unit, a processing unit and a control unit, wherein the acquisition unit is used for acquiring the verification information of a one-digit password currently input by a user by using a random keyboard, and the verification information comprises the absolute value and the absolute position information of the password; after the password is verified by the verification unit, continuously acquiring verification information of the next password input by the user by using the random keyboard, and verifying by using the verification unit until the last password is verified;
the verification unit is configured to verify whether consistent information exists between the verification information and the configuration information according to configuration information of a preset password used for verifying the password, where the configuration information includes an absolute value or absolute position information of the preset password;
the recording unit is used for recording that the password is correct if the verification information and the configuration information have consistent information; and if the verification information does not have consistent information with the configuration information, recording the password error.
Preferably, the authentication unit includes:
an obtaining subunit, configured to obtain configuration information of a preset password used for verifying the password, where the configuration information includes an absolute value or absolute position information of the preset password;
a judging subunit, configured to judge whether the configuration information includes absolute position information of the preset password; if the configuration information comprises the absolute position information of the preset password, judging whether the absolute position information of the password is consistent with the absolute position information of the preset password; if the verification information is consistent with the configuration information, determining that the verification information is consistent with the configuration information; if the verification information is inconsistent with the configuration information, determining that the consistent information does not exist in the verification information and the configuration information; if the configuration information does not include the absolute position information of the preset password, judging whether the absolute value of the password is consistent with the absolute value of the preset password or not; if the verification information is consistent with the configuration information, determining that the verification information and the configuration information have consistent information; and if not, determining that no consistent information exists in the verification information and the configuration information.
Preferably, the method further comprises the following steps:
the configuration unit is used for acquiring absolute values and absolute position information of all preset passwords input by a user; responding to the configuration operation of a user for each preset password, and configuring the type of the preset password into an absolute value key or an absolute position key; generating configuration information containing the absolute value of the preset password when the type of the preset password is configured as an absolute value key; and when the type of the preset password is configured as an absolute position key, generating configuration information containing absolute position information of the preset password.
Preferably, the method further comprises the following steps:
the first output unit is used for inquiring whether error records exist or not after the last password is verified; if yes, the output password authentication fails; if not, the password verification is output successfully.
Preferably, the method further comprises the following steps:
the second output unit is used for judging whether the input password digit is consistent with the preset password digit pre-configured by the user or not after the last password is verified; if yes, inquiring whether an error record exists; if yes, the output password authentication fails; if not, outputting the password to verify successfully; if not, the output password authentication fails.
Based on the payment password authentication method and device provided by the embodiment of the invention, authentication information of a one-digit password currently input by a user through a random keyboard is obtained, wherein the authentication information comprises an absolute value and absolute position information of the password; according to configuration information of a preset password for verifying the password, comparing whether the verification information and the configuration information have consistent information, wherein the configuration information comprises an absolute value or absolute position information of the preset password; if the verification information and the configuration information have consistent information, recording that the password is correct; if the verification information and the configuration information do not have consistent information, recording the password error; and continuously acquiring the authentication information of the next password input by the user by using the random keyboard for authentication until the last password is authenticated. In the scheme, the random keyboard is used for acquiring the verification information of the password for verification, the absolute value or the absolute position information in the verification information of the password is compared with the configuration information during verification, if the consistent information exists, the verification is passed, and because the verification mode of each password has two possibilities, namely the verification of the absolute value or the verification of the absolute position information, the value which should be input by each password in the next random keyboard has two possibilities, so that the safety of password verification is greatly improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a payment password verification method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a layout of keys of a random keyboard according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a method for configuring preset password configuration information according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a payment password verification apparatus according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of a key layout of a fixed keyboard according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of another random keyboard layout according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In this application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
It should be noted that the method and the apparatus for verifying a payment password provided by the present invention can be used in the financial field or other fields, for example, can be used in a payment verification application scenario in the financial field. The other fields are arbitrary fields other than the financial field, for example, the security field. The above description is only an example, and does not limit the application field of the method and the apparatus for verifying the payment password provided by the present invention.
As known from the background art, the security of the existing payment password authentication mode is low.
The invention discloses a payment password verification method and a payment password verification device, in the scheme, the absolute value and the absolute position information of a password input by a user through a random keyboard are obtained, when the password is verified, each password has two possibilities of verifying the absolute value or the absolute position information, even if a thief memorizes the password input by the user, the thief cannot know whether each password is the verification absolute value or the absolute position information, when the thief tries to input the password through another random keyboard, each password has two possibilities, when the number of password bits is enough, the password can not be cracked by the thief, and the password verification safety is greatly improved. The details are explained in detail by the following examples.
As shown in fig. 1, which is a flowchart of a payment password authentication method disclosed in an embodiment of the present invention, the method mainly includes the following steps:
s101: and acquiring the verification information of the one-bit password currently input by the user by using the random keyboard.
In S101, the random keyboard is a keyboard with a random key layout, which is generated and popped up when a user initiates a payment.
For convenience of understanding, fig. 2 is a schematic diagram of a random keyboard key layout according to an embodiment of the present invention.
It should be noted that, it is assumed that the random keyboard shown in fig. 2 is generated and popped up when the user initiates a payment for a certain time, and when the user completes or cancels the payment for the next time, another random keyboard inconsistent with the key layout of the random keyboard shown in fig. 2 is generated and popped up.
Wherein the authentication information includes an absolute value and absolute position information of the bit password.
The absolute value is a fixed value corresponding to a key clicked by the bit password input by the user, and the absolute position information is coordinate information of the key clicked by the bit password input by the user in the random keyboard, which is described by the following example for convenience of understanding:
assuming that a user inputs a one-digit password by using the random keyboard shown in fig. 2, and the user clicks the number 1 key, the absolute value of the acquired authentication information of the one-digit password is 1, and the absolute position information is the coordinate information of the position of the number 1 key, that is, the second row and the first column.
S102: and comparing whether the verification information and the configuration information have consistent information or not according to the configuration information of the preset password for verifying the password.
If the verification information and the configuration information have the same information, S103 is executed.
If no consistent information exists in the verification information and the configuration information, S104 is executed.
In S102, configuration information of the preset password is configured in advance by the user, and the configuration information at least includes an absolute value of the preset password or absolute position information of the preset password.
It should be noted that, when the configuration information of the preset password includes the absolute value of the preset password, whether the absolute value of the password in the verification information is consistent with the absolute value of the preset password is compared, and when the configuration information of the preset password includes the absolute position information of the preset password, whether the absolute position information of the password in the verification information is consistent with the absolute position of the preset password is compared.
In the process of implementing S102 specifically, configuration information of a preset password used for verifying the password is obtained, where the configuration information includes an absolute value or absolute position information of the preset password.
And judging whether the configuration information comprises absolute position information of a preset password.
And if the configuration information comprises the absolute position information of the preset password, judging whether the absolute position information of the password is consistent with the absolute position information of the preset password.
And if so, determining that the verification information and the configuration information have consistent information.
If not, it is determined that no consistent information exists between the verification information and the configuration information, and S103 is performed.
If the configuration information does not include the absolute position information of the preset password, determining that the configuration information includes the absolute value of the preset password, and then judging whether the absolute value of the password is consistent with the absolute value of the preset password.
And if the verification information is consistent with the configuration information, determining that the consistent information exists in the verification information and the configuration information.
If not, it is determined that no consistent information exists in the verification information and the configuration information, and S104 is performed.
S103: the bit password is recorded to be correct, and S105 is performed.
S104: the bit cipher error is recorded, and S105 is performed.
In an embodiment, after all the passwords input by the user are sequentially obtained according to the sequence input by the user on the random keyboard, the verification processes from S102 to S104 are performed bit by bit according to the sequence input by the user.
S105: and judging whether the password is acquired completely. If the password is not obtained, S106 is executed, and if the password is obtained, S107 is executed.
In S105, the last password input by the user is verified, and if a confirmation instruction sent by the user is received, it is determined that the password acquisition is completed.
S106: and continuously acquiring the authentication information of the next password input by the user by using the random keyboard, and returning to execute S102 for authentication.
In S106, the authentication information of the next-digit password includes the absolute value and the absolute position information of the next-digit password.
S107: it is queried whether there is an error record. If the password exists, the verification of the output password fails, and if the password does not exist, the verification of the output password succeeds.
In S107, the error record is a record generated by the error of the password when the authentication information of the password does not match the configuration information of the preset password when each password is authenticated.
In the process of implementing S107 specifically, it is determined whether the obtained password bit number input by the user is consistent with the preset password bit number configured by the user in advance, if not, the output password authentication fails, if so, it is queried whether each password input by the user has an error record, if so, the output password authentication fails, and if not, the output password authentication succeeds.
Based on the payment password verification method disclosed by the embodiment of the invention, in the scheme, the random keyboard is used for obtaining the verification information of the password for verification, the absolute value or the absolute position information in the verification information of the password is compared with the configuration information during verification, if the consistent information exists, the verification is passed, and as the verification mode of each password has two possibilities, namely the absolute value or the absolute position information is verified, the value which should be input by each password in the next random keyboard has two possibilities, so that the security of password verification is greatly improved.
Based on the above payment password verification method disclosed in the embodiment of the present invention, as shown in fig. 3, a flowchart of a method for configuring preset password configuration information disclosed in the embodiment of the present invention mainly includes the following steps:
s301: and acquiring absolute values and absolute position information of each preset password input by a user.
In S301, each preset password may be input by using a fixed keyboard or a random keyboard, where an absolute value of the preset password is a fixed value corresponding to a key clicked by the user inputting the preset password, and the absolute position information is coordinate information of the key clicked by the user inputting the preset password in the random keyboard.
S302: and responding to the configuration operation of the user for each preset password, and configuring the type of the preset password as an absolute value key or an absolute position key.
In S302, the type of the preset password is configured as an absolute value key, which indicates that a password with an absolute value consistent with the absolute value of the preset password needs to be input during verification, and the bit password can be verified. The type of the preset password is configured as an absolute position key, which indicates that a password with absolute position information consistent with the absolute position information of the preset password needs to be input during verification, and the bit password can be verified.
Preferably, among the preset passwords, a preset password of which the type is an absolute value key and a preset password of which the type is an absolute position coexist.
For example, a user sets two preset passwords, and since each preset password should have both a preset password with the type of absolute value key and a preset password with the type of absolute position, the user should set two preset passwords including at least one preset password with the type of absolute value key and one preset password with the type of absolute position key.
It should be noted that the above is only an example, in practice, the preset password should be at least larger than 1 bit, and the more the number of bits of the preset password is set, the higher the security of the password authentication is.
S303: when the type of the preset password is configured as an absolute value key, configuration information containing the absolute value of the preset password is generated.
In the specific implementation process of S303, when the user configures the type of the one-bit preset password as the absolute value key, the absolute value corresponding to the preset password is found from the obtained absolute values of the preset passwords, and based on the absolute value of the one-bit preset password, configuration information including the absolute value of the one-bit preset password is generated.
S304: when the type of the preset password is configured as the absolute position key, configuration information containing absolute position information of the preset password is generated.
In the specific implementation process of S304, when the user configures the type of the one preset password as the absolute position information position key, the absolute position information corresponding to the preset password is found from the obtained absolute position information of each preset password, and based on the absolute position information of the one preset password, configuration information including the absolute position information of the one preset password is generated.
Based on the method for configuring the preset password configuration information disclosed by the embodiment of the invention, in the scheme, the preset password is configured as an absolute value key or an absolute position key by configuring each preset password, corresponding configuration information is generated, the preset password configured as the absolute value key can be verified to pass only by inputting the password with the absolute value consistent with the absolute value of the preset password, and the preset password configured as the absolute position key can be verified to pass only by inputting the password with the absolute position consistent with the absolute position information of the preset password, and the configuration of the two types of the preset passwords enables one-bit password to have two possible verification modes during verification, so that the safety of the preset password is greatly improved.
Corresponding to the method for verifying the payment password disclosed in the embodiment of the present invention, as shown in fig. 4, the device for verifying the payment password disclosed in the embodiment of the present invention includes an obtaining unit 401, a verifying unit 402, and a recording unit 403.
An obtaining unit 401, configured to obtain verification information of a one-digit password currently input by a user using a random keyboard, where the verification information includes an absolute value and absolute position information of the password; and after the password is verified by the verification unit, continuously acquiring the verification information of the next password input by the user by using the random keyboard, and verifying by using the verification unit until the last password is verified.
When a user initiates payment, a random keyboard with random key layout is automatically generated, and the verification information of a bit password input by the user currently by using the random keyboard is obtained, wherein the verification information comprises the absolute value and the absolute position information of the bit password.
The verification unit 402 is configured to verify whether consistent information exists between the verification information and the configuration information according to configuration information of a preset password used for verifying the password, where the configuration information includes an absolute value or absolute position information of the preset password.
Specifically, the verification unit 402 includes an acquisition subunit and a judgment subunit.
The password verification device comprises an acquisition subunit, a verification subunit and a verification processing subunit, wherein the acquisition subunit is used for acquiring configuration information of a preset password used for verifying the password, and the configuration information comprises an absolute value or absolute position information of the preset password.
The judging subunit is configured to judge whether the configuration information includes absolute position information of a preset password, determine whether the absolute position information of the password is consistent with the absolute position information of the preset password if the configuration information includes the absolute position information of the preset password, determine that consistent information exists between the verification information and the configuration information if the absolute position information of the password is consistent with the absolute position information of the preset password, determine that the consistent information does not exist between the verification information and the configuration information if the absolute position information of the preset password is not included in the configuration information, determine whether an absolute value of the password is consistent with the absolute value of the preset password, determine that the consistent information exists between the verification information and the configuration information if the absolute value of the password is consistent with the absolute value of the preset password, and determine that the consistent information does not exist between the verification information and the configuration information if the absolute position information of the password is not included in the configuration information.
A recording unit 403, configured to record that the password is correct if there is consistent information in the verification information and the configuration information; if the verification information does not have the consistent information in the configuration information, the password error is recorded.
In one embodiment, the device further comprises a configuration unit, configured to obtain absolute values and absolute position information of each preset password input by a user; responding to the configuration operation of a user for each preset password, and configuring the type of the preset password into an absolute value key or an absolute position key; generating configuration information containing an absolute value of the preset password when the type of the preset password is configured as an absolute value key; when the type of the preset password is configured as the absolute position key, configuration information including absolute position information of the preset password is generated.
In one embodiment, the apparatus further includes a first output unit, configured to query whether an error record exists after the last password is verified; if yes, the output password authentication fails; if not, the password verification is output successfully.
In an embodiment, the apparatus further includes a second output unit, configured to determine whether the input password bit number is consistent with a preset password bit number pre-configured by a user after the last password is verified; if yes, inquiring whether an error record exists; if yes, the output password authentication fails; if not, outputting the password to verify successfully; if not, the output password authentication fails.
Based on the payment password verification device disclosed by the embodiment of the invention, in the scheme, the random keyboard is used for acquiring the verification information of the password for verification, the absolute value or the absolute position information in the verification information of the password is compared with the configuration information during verification, if the verification information is consistent, the verification is passed, the verification modes of all the passwords are different, some passwords need to verify the absolute value, and some passwords need to verify the absolute position information, so that in the next random keyboard with inconsistent key layout, two possibilities exist according to different input values of each password of the verification modes, and the security of password verification is greatly improved.
Based on the method and the device for verifying the payment password disclosed by the embodiment of the invention, the embodiment of the invention also correspondingly discloses an application example of the payment password.
Fig. 5 is a schematic diagram of a key layout of a fixed keyboard according to an embodiment of the present invention.
First, a user inputs a 3-bit preset password, which is a first preset password, a second preset password, and a third preset password, respectively, by using the fixed keyboard shown in fig. 5, absolute values of the obtained preset passwords are 1,2, and 3, respectively, and absolute position information of the obtained preset passwords is (1, 1), (1, 2), and (1, 3), that is, a first row and a first column, a first row and a second column, and a first row and a third column.
Then, the user configures the types of the three preset passwords one by one, wherein the first preset password is configured as an absolute value key, the second preset password is configured as an absolute position key, and the third preset password is configured as an absolute value key, and respectively generates configuration information containing an absolute value of 1, configuration information containing an absolute position of (1, 2), and configuration information containing an absolute value of 3.
Fig. 6 is a schematic diagram of another random keyboard layout according to an embodiment of the present invention.
When a user initiates payment, a random keyboard shown in figure 6 is generated and popped up, and based on a first preset password, a second preset password and a third preset password which are pre-configured by the user, in the random keyboard shown in figure 6, a key position with an absolute value of 1, a key position with an absolute position of (1, 2) and a key position with an absolute value of 3, namely key positions 1, 9 and 3 in figure 6, are clicked, and then click determination is carried out, and verification is output successfully.
If the user misses or clicks keys 1, 9, and 3 out of order in the random keyboard shown in FIG. 6, the output verification fails.
Based on the payment password verification example disclosed by the embodiment of the invention, in the scheme, when the user presets the passwords, the configuration information of each preset password is configured, the configuration information of the preset password comprises an absolute value or an absolute position, when the verification is carried out, the password input by the user on a random keyboard is obtained, part of the passwords verify the absolute values of the preset passwords according to the types of the preset passwords configured in advance, the other part of the passwords verify the absolute positions of the preset passwords, the passwords are input by using the random keyboard and the verification is carried out by combining the absolute values and the absolute positions, even if a peeper memorizes the plaintext information input by the passwords, the type of each preset password cannot be known, so the unlocking cannot be finished, and the safety of the payment password verification is greatly improved.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the components and steps of the various examples have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A payment password authentication method, comprising:
acquiring verification information of a one-digit password input by a user by using a random keyboard at present, wherein the verification information comprises an absolute value and absolute position information of the password;
according to configuration information of a preset password for verifying the password, comparing whether the verification information and the configuration information have consistent information, wherein the configuration information comprises an absolute value or absolute position information of the preset password;
if the verification information and the configuration information have consistent information, recording that the password is correct;
if the verification information and the configuration information do not have consistent information, recording the password error;
and continuously acquiring the verification information of the next password input by the user by using the random keyboard to verify until the last password is verified.
2. The method according to claim 1, wherein the verifying whether there is information in agreement with configuration information of a preset password used for verifying the password, the configuration information including an absolute value or absolute position information of the preset password, comprises:
acquiring configuration information of a preset password for verifying the password, wherein the configuration information comprises an absolute value or absolute position information of the preset password;
judging whether the configuration information comprises absolute position information of the preset password or not;
if the configuration information comprises the absolute position information of the preset password, judging whether the absolute position information of the password is consistent with the absolute position information of the preset password;
if the verification information is consistent with the configuration information, determining that the verification information is consistent with the configuration information;
if the verification information is inconsistent with the configuration information, determining that the consistent information does not exist in the verification information and the configuration information;
if the configuration information does not include the absolute position information of the preset password, judging whether the absolute value of the password is consistent with the absolute value of the preset password;
if the verification information is consistent with the configuration information, determining that the verification information and the configuration information have consistent information;
and if not, determining that no consistent information exists in the verification information and the configuration information.
3. The method according to claim 1, wherein the step of pre-configuring the configuration information of the preset password comprises:
acquiring absolute values and absolute position information of all preset passwords input by a user;
responding to the configuration operation of a user for each preset password, and configuring the type of the preset password into an absolute value key or an absolute position key;
generating configuration information containing an absolute value of the preset password when the type of the preset password is configured as an absolute value key;
and when the type of the preset password is configured as an absolute position key, generating configuration information containing absolute position information of the preset password.
4. The method of any one of claims 1 to 3, further comprising, after the last password is authenticated:
inquiring whether an error record exists;
if yes, the output password authentication fails;
if not, outputting the password authentication to be successful.
5. The method of any one of claims 1 to 3, further comprising, after the last password is authenticated:
judging whether the input password digit is consistent with a preset password digit preset by the user;
if yes, inquiring whether an error record exists;
if yes, outputting the password to fail to verify;
if not, outputting the password to verify successfully;
if not, the output password authentication fails.
6. A password authentication apparatus, comprising:
the device comprises an acquisition unit, a processing unit and a control unit, wherein the acquisition unit is used for acquiring the verification information of a one-bit password currently input by a user by using a random keyboard, and the verification information comprises the absolute value and the absolute position information of the password; after the password is verified by the verification unit, continuously acquiring verification information of the next password input by the user by using the random keyboard, and verifying by using the verification unit until the last password is verified;
the verification unit is configured to verify whether consistent information exists between the verification information and the configuration information according to configuration information of a preset password used for verifying the password, where the configuration information includes an absolute value or absolute position information of the preset password;
the recording unit is used for recording that the password is correct if the verification information and the configuration information have consistent information; and if the verification information does not have consistent information with the configuration information, recording the password error.
7. The apparatus of claim 6, wherein the authentication unit comprises:
the password verification device comprises an acquisition subunit, a verification subunit and a verification processing subunit, wherein the acquisition subunit is used for acquiring configuration information of a preset password for verifying the password, and the configuration information comprises an absolute value or absolute position information of the preset password;
the judging subunit is used for judging whether the configuration information includes the absolute position information of the preset password; if the configuration information comprises the absolute position information of the preset password, judging whether the absolute position information of the password is consistent with the absolute position information of the preset password; if the verification information is consistent with the configuration information, determining that the verification information is consistent with the configuration information; if the verification information is inconsistent with the configuration information, determining that the consistent information does not exist in the verification information and the configuration information; if the configuration information does not include the absolute position information of the preset password, judging whether the absolute value of the password is consistent with the absolute value of the preset password; if the verification information is consistent with the configuration information, determining that the verification information and the configuration information have consistent information; if not, determining that no consistent information exists in the verification information and the configuration information.
8. The apparatus of claim 6, further comprising:
the configuration unit is used for acquiring absolute values and absolute position information of all preset passwords input by a user; responding to the configuration operation of a user for each preset password, and configuring the type of the preset password into an absolute value key or an absolute position key; generating configuration information containing the absolute value of the preset password when the type of the preset password is configured as an absolute value key; and when the type of the preset password is configured as an absolute position key, generating configuration information containing absolute position information of the preset password.
9. The apparatus of any one of claims 6 to 8, further comprising:
the first output unit is used for inquiring whether error records exist or not after the last password is verified; if yes, the output password authentication fails; if not, the password verification is output successfully.
10. The apparatus of any one of claims 6 to 8, further comprising:
the second output unit is used for judging whether the input password digit is consistent with the preset password digit pre-configured by the user or not after the last password is verified; if yes, inquiring whether an error record exists; if yes, outputting the password to fail to verify; if not, outputting the password to verify successfully; if not, the output password authentication fails.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210824367.XA CN115204898A (en) | 2022-07-14 | 2022-07-14 | Payment password verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210824367.XA CN115204898A (en) | 2022-07-14 | 2022-07-14 | Payment password verification method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115204898A true CN115204898A (en) | 2022-10-18 |
Family
ID=83580553
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210824367.XA Pending CN115204898A (en) | 2022-07-14 | 2022-07-14 | Payment password verification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115204898A (en) |
-
2022
- 2022-07-14 CN CN202210824367.XA patent/CN115204898A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5727008B2 (en) | Operating system unlocking method and mobile phone | |
| EP1829281B1 (en) | Authentication device and/or method | |
| AU2005318933B2 (en) | Authentication device and/or method | |
| US8369833B2 (en) | Systems and methods for providing authentication and authorization utilizing a personal wireless communication device | |
| EP2115659B1 (en) | Secure serial number | |
| EP2355443B1 (en) | Network authentication method and device for implementing the same | |
| JP5764203B2 (en) | Password safe input system using password key movement value and password safe input method | |
| JP6426791B2 (en) | User authentication method and system for realizing the same | |
| US10848304B2 (en) | Public-private key pair protected password manager | |
| US20040097217A1 (en) | System and method for providing authentication and authorization utilizing a personal wireless communication device | |
| CN101499905A (en) | Image password authentication system for mobile device and method therefor | |
| WO2014188210A1 (en) | User authentication system and method | |
| CN106034123A (en) | Authentication method, application system server and client | |
| CN103984904A (en) | Method and device for preventing screen locking code of mobile terminal from being cracked | |
| WO2012131675A2 (en) | Authentication system with time attributes | |
| CN103297391A (en) | Graphical dynamic password inputting and verifying method | |
| CN101840478A (en) | Password management method | |
| TW201544983A (en) | Data communication method and system, client terminal and server | |
| CN115204898A (en) | Payment password verification method and device | |
| CN105827625A (en) | Authentication method and authentication system, electronic device based on biological identification information | |
| CN111639322B (en) | Application login method and device, electronic equipment and computer storage medium | |
| CN111984961A (en) | Password resetting system, method, device, equipment and storage medium | |
| CN112464188B (en) | Binding method of payment terminal and peripheral password keyboard | |
| CN108830073B (en) | Unlocking method, device, terminal and computer readable storage medium | |
| CN106709381B (en) | A kind of ciphering type input method based on location information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |