CN115226102A - Identity authentication method and system based on communication network and readable storage medium thereof - Google Patents

Identity authentication method and system based on communication network and readable storage medium thereof Download PDF

Info

Publication number
CN115226102A
CN115226102A CN202210656260.9A CN202210656260A CN115226102A CN 115226102 A CN115226102 A CN 115226102A CN 202210656260 A CN202210656260 A CN 202210656260A CN 115226102 A CN115226102 A CN 115226102A
Authority
CN
China
Prior art keywords
information
identity
intelligent terminal
verification
identity authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210656260.9A
Other languages
Chinese (zh)
Inventor
郑志新
杨秀红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Emperor Technology Co Ltd
Original Assignee
Shenzhen Emperor Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Emperor Technology Co Ltd filed Critical Shenzhen Emperor Technology Co Ltd
Priority to CN202210656260.9A priority Critical patent/CN115226102A/en
Publication of CN115226102A publication Critical patent/CN115226102A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/47Security arrangements using identity modules using near field communication [NFC] or radio frequency identification [RFID] modules
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Abstract

The invention relates to the technical field of network information, in particular to an identity authentication method and system based on a communication network and a readable storage medium thereof, wherein the method comprises the following steps: the intelligent terminal acquires a radio frequency signal of a user certificate and establishes communication with an identity authentication server; the intelligent terminal uploads ciphertext information containing identity information in the radio frequency signal to an identity verification server; the identity authentication server analyzes the received ciphertext information into plaintext information, encrypts the plaintext information and sends the encrypted plaintext information to the verification platform; the verification platform decrypts the plaintext information to obtain identity information; receiving biological characteristic information sent by the intelligent terminal; the verification platform compares the identity information with the biological characteristic information for verification to obtain a verification result; sending the verification result to the intelligent terminal; in the identity authentication method, the terminal equipment does not store the plaintext information, so that the possibility of cracking the plaintext information through the terminal equipment does not exist, and the security risk of identity information leakage is greatly reduced.

Description

Identity authentication method and system based on communication network and readable storage medium thereof
Technical Field
The invention relates to the technical field of network information, in particular to an identity authentication method based on a communication network, an identity authentication system based on the communication network and a readable storage medium storing the method.
Background
In recent years, with the rapid development of mobile internet applications; in daily life of people nowadays, for example: many living scenes such as public security, transportation, hotel accommodations and the like involve network identification, and the related problems of user information security and privacy disclosure exposed in the scenes are increasingly receiving social attention. User identification, i.e. the security of the process of verifying the identity of a person connected to a certain resource, is becoming increasingly important; how to prevent unauthorized users from verifying or accessing certain devices and resources, protecting the security of user identity information, and preventing information leakage has become a problem of general attention.
Network identity recognition in the market today has many schemes, but the main principle is that after an authentication terminal recognizes an identity card through a Radio Frequency Identification (RFID) Module, the recognized information interacts with a Secure Access Module (SAM) Module, and the like, so as to finally realize authentication of user identity card information. The mainstream scheme in the market today specifically is: the intelligent terminal acquires identity information in a user identity card through Near Field Communication (NFC) and sends the identity information to the server, the server analyzes the identity information through the SAM module to obtain corresponding plaintext information, the plaintext information is encrypted through a preset encryption mode and then is sent to the terminal equipment, the terminal equipment decrypts the encrypted plaintext information and compares a picture or fingerprint information obtained through decryption with a corresponding face image or fingerprint in the identity characteristic information, and when the comparison result is within a preset range, authentication of people and cards integration is confirmed. The above scheme needs to store the plaintext information analyzed by the SAM module in the terminal device, and the information comparison and verification are also completed through the terminal device; in the working process, the plaintext information is stored in the terminal equipment, and although the plaintext information is encrypted, the possibility of cracking the plaintext information through the terminal equipment still exists, so that a huge safety risk of identity information leakage exists in the scheme.
Disclosure of Invention
In order to overcome the above-mentioned drawbacks, the present invention provides a method and a system for authenticating an identity based on a communication network with high security level, and a readable storage medium storing the method.
The purpose of the invention is realized by the following technical scheme:
the invention relates to an identity authentication method based on a communication network, which comprises the following steps:
the intelligent terminal acquires a radio frequency signal of a user certificate and establishes communication with the identity authentication server;
the intelligent terminal uploads ciphertext information containing identity information in the radio frequency signal to the identity verification server;
the identity authentication server analyzes the received ciphertext information into plaintext information, encrypts the plaintext information and sends the encrypted plaintext information to the verification platform;
the verification platform decrypts the plaintext information to obtain identity information; receiving biological characteristic information sent by the intelligent terminal;
the verification platform compares the identity information with the biological characteristic information for verification to obtain a verification result; and sending the verification result to the intelligent terminal.
In the present invention, the step of uploading the ciphertext information in the radio frequency signal to the authentication server by the intelligent terminal comprises:
the intelligent terminal is driven by the identity authentication server to split the ciphertext information into more than two ciphertext information blocks; and sending all the ciphertext information blocks to the identity authentication server in batches.
Based on the same conception, the invention also provides an identity authentication system based on the communication network, which comprises:
intelligent terminal, intelligent terminal includes: the system comprises a radio frequency signal receiving module, a biological characteristic acquisition module and a display module;
the radio frequency signal receiving module is used for acquiring a radio frequency signal of a user certificate and uploading ciphertext information containing identity information in the radio frequency signal to an identity verification server;
the biological characteristic acquisition module is used for acquiring biological characteristic information of a user and sending the biological characteristic information to the verification platform;
the display module is used for displaying the received verification result;
the identity authentication server is connected with the intelligent terminal and used for analyzing the received ciphertext information into plaintext information, encrypting the plaintext information and sending the encrypted plaintext information to the verification platform;
the verification platform is respectively connected with the identity verification server and the intelligent terminal and is used for decrypting the plaintext information to obtain identity information; receiving biological characteristic information sent by the intelligent terminal; comparing the identity information with the biological characteristic information for verification to obtain a verification result; and sending the verification result to the intelligent terminal.
In the invention, the intelligent terminal and the identity authentication server and the intelligent terminal and the verification platform are connected through a 5G communication network.
Based on the same concept, the present invention also provides a computer-readable program storage medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method as described above.
In the identity authentication method based on the communication network, the plaintext information of the user identity and the information of the biological characteristics are both sent to the verification server, comparison verification work is carried out in the verification server, the verification server only feeds back the verification result after comparison after verification to the terminal equipment, and the terminal equipment does not store the plaintext information, so that the possibility of cracking the plaintext information by the terminal equipment does not exist in the identity authentication method based on the communication network, and the identity information leakage safety risk is greatly reduced.
Drawings
For the purpose of easy explanation, the present invention will be described in detail with reference to the following preferred embodiments and the accompanying drawings.
FIG. 1 is a schematic diagram illustrating a working process of an embodiment of a method for authenticating an identity based on a communication network according to the present invention;
FIG. 2 is a schematic view of a work flow of another embodiment of the identity authentication method based on a communication network according to the present invention;
FIG. 3 is a schematic diagram of a logic structure of an embodiment of a communication network-based identity authentication system according to the present invention;
fig. 4 is a schematic logic structure diagram of another embodiment of the identity authentication system based on a communication network according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "length", "width", "thickness", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", "clockwise", "counterclockwise", and the like, indicate orientations and positional relationships based on those shown in the drawings, and are used only for convenience of description and simplicity of description, and do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be considered as limiting the present invention. Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, features defined as "first", "second", may explicitly or implicitly include one or more of the described features. In the description of the present invention, "a plurality" means two or more unless specifically defined otherwise.
In the description of the present invention, it should be noted that the terms "mounted," "connected," and "connected" are to be construed broadly and may be, for example, fixedly connected, detachably connected, or integrally connected unless otherwise explicitly stated or limited. Either mechanically or electrically. Either directly or indirectly through intervening media, either internally or in any other relationship. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
An embodiment of the identity authentication method based on the communication network according to the present invention is described in detail below with reference to fig. 1, which includes:
s101, acquiring radio frequency signals of user certificates
The intelligent terminal acquires a radio frequency signal of a user certificate and establishes communication with an identity authentication server; the intelligent terminal is a mobile phone with an NFC communication module, a tablet computer and other terminal equipment; the user certificate is preferably a second generation resident identification Card which is manufactured by adopting a non-contact IC Card (Integrated Circuit Card) technology and has two functions of reading by sight and reading by machine; or residence permit; the method specifically comprises the following steps: a user enters an actual-name system authentication interface of software, the software starts an NFC communication module of an intelligent terminal, prompts 'please show resident identity cards' in the interface of the intelligent terminal, establishes communication with an identity verification server, and acquires radio frequency signals of second-generation resident identity cards after the user places the second-generation resident identity cards in an NFC antenna area of the intelligent terminal; wherein, the identity authentication server comprises an identity card reader SAM.
S102, the ciphertext information is uploaded to an identity verification server
The intelligent terminal is driven by the identity authentication server to split ciphertext information containing identity information in the radio frequency signal into more than two ciphertext information blocks; and sending all the ciphertext information blocks to the identity authentication server in batches. The ciphertext information is encrypted by using special mode identity information, and can be decrypted only through an identity card reader SAM; the intelligent terminal is connected with an identity authentication server through a 5G (5 th generation mobile communication technology) communication network; in this embodiment, the low latency performance of the 5G communication technology is utilized to break through the limitation of the round-trip network communication latency in the bidirectional authentication step for identifying and reading the resident identification card to the realization of the function of identifying and reading the personal information of the resident identification card through networking. Because the intelligent terminal sends the ciphertext information to the identity authentication server and the ciphertext information is sent step by step after being split into multiple sections, the intelligent terminal does not have plaintext information related to the resident identity card or complete ciphertext information, and the information safety is effectively improved.
S103, the ciphertext information is analyzed into plaintext information and encrypted and then sent to a verification platform
The identity authentication server analyzes the received ciphertext information into plaintext information, encrypts the plaintext information and sends the encrypted plaintext information to the verification platform; the plaintext information is encrypted in a general encryption mode, and the verification platform can decrypt the key after acquiring the key; the verification platform is a software platform which needs to perform identity authentication based on a communication network, such as: and (5) WeChat.
S104, decrypting the plaintext information to obtain identity information and receiving the biological characteristic information
The verification platform decrypts the plaintext information to obtain identity information; receiving biological characteristic information sent by the intelligent terminal; the identity information also comprises the biological characteristic information of the user; wherein the biometric information includes: fingerprint information, face image information, and the like; the method comprises the following steps: the authentication software can display 'please input the fingerprint' or 'please take a picture' and the like on a screen of the intelligent terminal; the user can obtain corresponding biological characteristic information through a fingerprint input module, a camera and the like in the intelligent terminal, and the biological characteristic information is sent to the verification platform through the 5G communication network.
S105, comparing the identity information with the biological characteristic information to check to obtain a check result
The verification platform compares the identity information with the biological characteristic information for verification to obtain a verification result; and sending the verification result to the intelligent terminal. If the comparison is successful, the verification passing can be displayed in the display screen of the intelligent terminal, and if the comparison is unsuccessful, the verification failing can be displayed in the display screen of the intelligent terminal, and the verification is required to be carried out again. Therefore, in this step, the intelligent terminal only receives the verification result and does not perform the verification operation, so that the outside cannot acquire the plaintext information corresponding to the user identity from the intelligent terminal, which is beneficial to improving the information security.
An embodiment of hotel stay authentication is described below in detail with reference to fig. 2, which shows an identity authentication method based on a communication network according to the present invention, and includes:
s201, acquiring radio frequency signals of user certificates
The intelligent terminal acquires a radio frequency signal of a user certificate and establishes communication with an identity authentication server; the intelligent terminal is a mobile phone with an NFC communication module, a tablet computer and other terminal equipment; the user certificate is preferably a second generation resident identification card which is manufactured by adopting a non-contact IC card technology and has two functions of reading and watching; or residence permit; the method specifically comprises the following steps: a user enters an actual-name system authentication interface of software, the software starts an NFC communication module of an intelligent terminal, prompts 'please show resident identity cards' in the interface of the intelligent terminal, establishes communication with an identity verification server, and acquires radio frequency signals of second-generation resident identity cards after the user places the second-generation resident identity cards in an NFC antenna area of the intelligent terminal; wherein, the identity authentication server comprises an identity card reader SAM.
S202, the ciphertext information is uploaded to an identity verification server
The intelligent terminal is driven by the identity authentication server to split ciphertext information containing identity information in the radio frequency signal into more than two ciphertext information blocks; and sending all the ciphertext information blocks to the identity authentication server in batches. The ciphertext information is encrypted by using special mode identity information, and can be decrypted only through an identity card reader SAM; the intelligent terminal is connected with the authentication server through a 5G communication network; in this embodiment, the low latency performance of the 5G communication technology is utilized to break through the limitation of the round-trip network communication latency in the bidirectional authentication step for identifying and reading the resident identification card to the realization of the function of identifying and reading the personal information of the resident identification card through networking. Because the intelligent terminal sends the ciphertext information to the identity authentication server and the ciphertext information is sent step by step after being split into multiple segments, the intelligent terminal does not have plaintext information related to the resident identity card or complete ciphertext information, and the information security is effectively improved.
S203, the ciphertext information is analyzed into plaintext information and encrypted and then sent to a code sending platform
The identity authentication server analyzes the received ciphertext information into plaintext information, encrypts the plaintext information and sends the encrypted plaintext information to the code sending platform; the plaintext information is encrypted in a general encryption mode, and the code sending platform can decrypt the key after acquiring the key; the code sending platform is a software platform capable of issuing personal graphic codes, such as: and (5) WeChat. In order to prevent the plaintext from appearing in a network environment, the plaintext is encrypted and then transmitted to the code sending platform, and therefore the safety of information transmission is effectively improved.
S204, generating a corresponding graphic code according to the plaintext information and sending the graphic code to the intelligent terminal
The code sending platform receives the encrypted plaintext information, generates a corresponding graphic code according to a preset rule, and sends the graphic code to the intelligent terminal; and the code sending platform converts the plaintext information into a personal graphic code and sends the personal graphic code to the 5G intelligent terminal of the living personnel. At this time, the check-in personnel have graphic codes representing personal identity information of the check-in personnel, and when the check-in personnel check in the hotel, the graphic codes owned by the check-in personnel are displayed on the hotel foreground; the graphic code may be a two-dimensional code. In the embodiment, the plaintext information of the user identity does not appear on the intelligent terminal in the whole process, the obtained graphic code system special non-special equipment cannot recognize and read, and the information read by the special equipment in real time is also encrypted information, so that the personal information is ensured.
S205, the verification terminal reads the graphic code and the biological characteristic information
The verification terminal reads the graphic code displayed in the intelligent terminal and acquires the biological characteristic information of the user; then sending the acquired graphic code and the biological characteristic information to a verification platform; wherein, the checking terminal is that the hotel foreground personal checking device is provided with a special reading hardware module or a special software module; this verification terminal still possesses the function of gathering the biological characteristic information of the personnel of living in, and this biological characteristic information includes: fingerprint information, face image information, etc. Specifically, when a check-in person goes to the hotel reception desk to check in procedures, the check-in person displays a graphic code owned by the check-in person to the hotel reception desk; meanwhile, the biological characteristic information of the hotel is acquired through a verification terminal on a hotel foreground.
S206, comparing the identity information with the biological characteristic information to check to obtain a check result
The verification platform generates corresponding identity information according to the received graphic code, and compares and verifies the identity information and the biological characteristic information to obtain a verification result; and sending the verification result to the verification terminal. Wherein, the verification platform is a third-party service platform. If the comparison is successful, the verification pass can be displayed in the display screen of the verification terminal, and if the comparison is unsuccessful, the verification fail can be displayed in the display screen of the verification terminal, and the verification is required to be carried out again. Therefore, in this step, the verification terminal only receives the verification result and does not perform the verification operation.
In the existing hotel check-in link, a check-in person needs to show effective certificates each time and take pictures on site to ensure that the certificates are the same as the user, and because the verification process is carried out in the terminal of the hotel, all personal information in the certificates enters the hotel management system, and the information security of the mode needs to be improved. In the embodiment, the plaintext information corresponding to the user identity is not stored in the intelligent terminal of the user or the verification terminal of the hotel, and the verification terminal only receives the verification result, so that the information security is improved.
The present invention includes a computer readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, aspects of the invention may also be implemented in the form of a program product comprising program code means for causing a terminal device to carry out the steps according to various exemplary embodiments of the invention described in the above section "exemplary methods" of the present description, when said program product is run on the terminal device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on the above readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
An embodiment of a single authentication method for an identity authentication system based on a communication network according to the present invention is described in detail below with reference to fig. 3, which includes:
intelligent terminal 301, intelligent terminal 301 is for terminal equipment such as cell-phone, panel computer that possesses 5G network communication function, and it includes: the device comprises a radio frequency signal receiving module, a biological characteristic acquisition module and a display module.
The radio frequency signal receiving module is used for acquiring a radio frequency signal of a user certificate and uploading ciphertext information containing identity information in the radio frequency signal to an identity verification server; the radio frequency signal receiving module is an NFC communication module; the user certificate is preferably a second generation resident identification card, and can also be a residence card.
The biological characteristic acquisition module is used for acquiring biological characteristic information of a user and sending the biological characteristic information to the verification platform through the 5G communication network; the biological characteristic acquisition module is a fingerprint acquisition device and/or a camera; the biometric information includes: fingerprint information, face image information, etc.
And the display module is used for displaying the received verification result.
The identity authentication server 302 is connected with the intelligent terminal 301, and is used for analyzing the received ciphertext information into plaintext information, encrypting the plaintext information and sending the encrypted plaintext information to the verification platform; the identity authentication server 302 includes an identity card reader SAM, and ciphertext information included in the identity card radio frequency signal may be analyzed by the identity card reader to obtain corresponding plaintext information.
The verification platform 303, where the verification platform 303 is connected to the authentication server 302 and the intelligent terminal 301, respectively, and is configured to decrypt the plaintext information to obtain identity information; receiving the biological characteristic information sent by the intelligent terminal 301; comparing the identity information with the biological characteristic information for verification to obtain a verification result; and sends the verification result to the intelligent terminal 301.
Preferably, the intelligent terminal 301 and the authentication server 302 and the intelligent terminal 301 and the verification platform 303 are connected through a 5G communication network. The 5G communication has a low delay characteristic, so that the requirement that the round trip delay of the communication between the authentication server 302 and the identity card does not exceed a limited time can be overcome.
In this embodiment, since the intelligent terminal 301 can only obtain the ciphertext information of the user certificate, and the identity verification process is performed in the verification platform 303, the intelligent terminal 301 of the user does not have any plaintext information, thereby effectively preventing the identity information of the user from being leaked.
An embodiment of continuous authentication is described below in detail for an identity authentication system based on a communication network, please refer to fig. 4, which includes:
intelligent terminal 401, intelligent terminal 401 is for terminal equipment such as cell-phone, panel computer that possesses 5G network communication function, and it includes: the device comprises a radio frequency signal receiving module and a display module.
The radio frequency signal receiving module is used for acquiring a radio frequency signal of a user certificate and uploading ciphertext information containing identity information in the radio frequency signal to an identity verification server; the radio frequency signal receiving module is an NFC communication module; the user certificate is preferably a second generation resident identification card, and can also be a residence card.
The display module is used for displaying the acquired graphic code.
The identity authentication server 402 is connected with the intelligent terminal 401, and is used for analyzing the received ciphertext information into plaintext information, encrypting the plaintext information and sending the encrypted plaintext information to a code sending platform; the identity authentication server 402 includes an identity card reader SAM, and ciphertext information included in the identity card radio frequency signal may be analyzed by the identity card reader to obtain corresponding plaintext information.
The code sending platform 403, connected to the authentication server 402 and the intelligent terminal 401, is configured to receive encrypted plaintext information, generate a corresponding graphic code according to a predetermined rule, and send the graphic code to the intelligent terminal 401; the code sending platform 403 is a third-party software platform with a function of generating a graphic code; such as: weChat and Paibao, etc.
The checking terminal 404, the checking terminal 404 is a special reading hardware module or a special software module for the hotel foreground personal checking device, and specifically includes: the device comprises a graphic code reading module, a biological characteristic acquisition module and a result display module.
The graphic code reading module is used for reading the graphic code displayed in the intelligent terminal 401 and sending the acquired graphic code to the verification platform; the graphic code reading module comprises a scanner; the graphic code may be a two-dimensional code.
The biological characteristic acquisition module is used for acquiring biological characteristic information of a user and sending the acquired biological characteristic information to the verification platform; the biological characteristic acquisition module is a fingerprint acquisition device and/or a camera; the biometric information includes: fingerprint information, face image information, etc.
And the result display module is used for displaying the received verification result.
The verification platform 405 is connected with the verification terminal 404, and is used for decrypting the received graphic code and reversely generating corresponding identity information, and comparing the identity information with the biological characteristic information to perform verification to obtain a verification result; and sends the verification result to the verification terminal 404.
Preferably, the intelligent terminal 401 and the authentication server 402 and the intelligent terminal 401 and the code sending platform 403 are connected through a 5G communication network. The 5G communication has a low delay characteristic, so that the requirement that the round trip delay of the communication between the authentication server 402 and the identity card does not exceed a limited time can be overcome.
In this embodiment, a user can upload ciphertext information of an identity card to an identity verification server 402 through an intelligent terminal 401, the identity verification server 402 analyzes the ciphertext information to obtain encrypted plaintext information, and then sends the encrypted plaintext information to a code sending platform 403, the code sending platform 403 generates a graphic code according to the encrypted plaintext information and sends the graphic code to the intelligent terminal 401, so that the intelligent terminal 401 can transact a check-in procedure to a hotel foreground through the graphic code; when the user checks in the check-in procedure, the user displays the graphic code in the intelligent terminal 401 to a check terminal 404 of a hotel foreground, the check terminal 404 reads the graphic code and inputs the biological characteristic information of the user, sends the graphic code and the biological characteristic information to a check platform 405 for checking, and feeds back a check result to the check terminal 404; therefore, in the whole process, the intelligent terminal 401 and the verification terminal 404 do not store plaintext information with identities, so that the safety of the information is effectively ensured, and in the process, the user does not need an identity card in the process of handling the hotel on site, so that the loss of the identity card is effectively avoided.
In the description of the present specification, reference to the description of the terms "one embodiment", "some embodiments", "an illustrative embodiment", "an example", "a specific example", or "some examples", etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (5)

1. An identity authentication method based on a communication network is characterized by comprising the following steps:
the intelligent terminal acquires a radio frequency signal of a user certificate and establishes communication with an identity authentication server;
the intelligent terminal uploads ciphertext information containing identity information in the radio frequency signal to the identity verification server;
the identity authentication server analyzes the received ciphertext information into plaintext information, encrypts the plaintext information and sends the encrypted plaintext information to the verification platform;
the verification platform decrypts the plaintext information to obtain identity information; receiving biological characteristic information sent by the intelligent terminal;
the verification platform compares the identity information with the biological characteristic information for verification to obtain a verification result; and sending the verification result to the intelligent terminal.
2. The identity authentication method based on the communication network according to claim 1, wherein the intelligent terminal uploading the ciphertext information in the radio frequency signal to the identity authentication server comprises:
the intelligent terminal is driven by the identity authentication server to split the ciphertext information into more than two ciphertext information blocks; and sending all the ciphertext information blocks to the identity authentication server in batches.
3. An identity authentication system based on a communication network, comprising:
intelligent terminal, intelligent terminal includes: the system comprises a radio frequency signal receiving module, a biological characteristic acquisition module and a display module;
the radio frequency signal receiving module is used for acquiring a radio frequency signal of a user certificate and uploading ciphertext information containing identity information in the radio frequency signal to an identity verification server;
the biological characteristic acquisition module is used for acquiring biological characteristic information of a user and sending the biological characteristic information to the verification platform;
the display module is used for displaying the received verification result;
the identity authentication server is connected with the intelligent terminal and used for analyzing the received ciphertext information into plaintext information, encrypting the plaintext information and sending the encrypted plaintext information to the verification platform;
the verification platform is respectively connected with the identity verification server and the intelligent terminal and is used for decrypting the plaintext information to obtain identity information; receiving biological characteristic information sent by the intelligent terminal; comparing the identity information with the biological characteristic information for verification to obtain a verification result; and sending the verification result to the intelligent terminal.
4. The communication network-based identity authentication system of claim 3, wherein the intelligent terminal and the identity authentication server and the intelligent terminal and the verification platform are connected through a 5G communication network.
5. A computer-readable program storage medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method according to any one of claims 1 to 2.
CN202210656260.9A 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof Pending CN115226102A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210656260.9A CN115226102A (en) 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110031490.1A CN112910837B (en) 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof
CN202210656260.9A CN115226102A (en) 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN202110031490.1A Division CN112910837B (en) 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof

Publications (1)

Publication Number Publication Date
CN115226102A true CN115226102A (en) 2022-10-21

Family

ID=76112360

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202110031490.1A Active CN112910837B (en) 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof
CN202210656260.9A Pending CN115226102A (en) 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202110031490.1A Active CN112910837B (en) 2021-01-11 2021-01-11 Identity authentication method and system based on communication network and readable storage medium thereof

Country Status (1)

Country Link
CN (2) CN112910837B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117221877B (en) * 2023-09-03 2024-03-29 广东高芯国际物联网科技有限公司 Safety verification and transmission method applied to frequency radio field data

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2883010A1 (en) * 2014-02-25 2015-08-25 Sal Khan Systems and methods relating to the authenticity and verification of photographic identity documents
CN106789077A (en) * 2016-12-29 2017-05-31 北京握奇智能科技有限公司 A kind of real name identification method and system
CN110166244A (en) * 2018-02-13 2019-08-23 北京京东尚科信息技术有限公司 Contactless auth method, device and system
CN108462725B (en) * 2018-05-29 2023-08-01 北京华大智宝电子系统有限公司 Electronic signature device, identity verification method and system
CN109191112B (en) * 2018-07-16 2021-09-28 创新先进技术有限公司 Identity verification method and device
CN111401489A (en) * 2018-12-28 2020-07-10 金联汇通信息技术有限公司 Control method and device of intelligent door lock and electronic equipment

Also Published As

Publication number Publication date
CN112910837A (en) 2021-06-04
CN112910837B (en) 2022-09-06

Similar Documents

Publication Publication Date Title
US10681025B2 (en) Systems and methods for securely managing biometric data
US8807426B1 (en) Mobile computing device authentication using scannable images
US20160012272A1 (en) Fingerprint authentication system and a fingerprint authentication method based on nfc
US10979421B2 (en) Identity authentication using a barcode
US20110185181A1 (en) Network authentication method and device for implementing the same
CN106899551B (en) Authentication method, authentication terminal and system
US10263999B2 (en) System for securely accessing network address, and device and method therein
CN109274582B (en) Instant communication message display method, device, equipment and storage medium
EP1819089A1 (en) Network access system, method, and storage medium
JP2015088080A (en) Authentication system, authentication method, and program
US11652640B2 (en) Systems and methods for out-of-band authenticity verification of mobile applications
CN109472903A (en) A kind of control of bluetooth access control method and its device
US20230252451A1 (en) Contactless card with multiple rotating security keys
US20110170689A1 (en) Terminal and method for processing encrypted message
CN112910837B (en) Identity authentication method and system based on communication network and readable storage medium thereof
US10819711B2 (en) Data access method, user equipment and server
CN108322440B (en) Card reading login method and security login system by using security equipment
CN114900832A (en) Server and intelligent terminal based on electronic card information safety transmission verification method
CN110084021A (en) Cabinet surface terminal, client, cabinet face data exchange method and system
KR101853970B1 (en) Method for Relaying Authentication Number
KR101426223B1 (en) Method for checking confidential information using smartcard and smart terminal, and computer-readable recording medium for the same
CN114666786A (en) Identity authentication method and system based on telecommunication smart card
CN107682161B (en) Offline authentication method and device for two-dimensional code
KR20100093016A (en) Rfid terminal
KR101879842B1 (en) User authentication method and system using one time password

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination