WO2015074474A1 - 验证方法、装置及系统 - Google Patents
验证方法、装置及系统 Download PDFInfo
- Publication number
- WO2015074474A1 WO2015074474A1 PCT/CN2014/089404 CN2014089404W WO2015074474A1 WO 2015074474 A1 WO2015074474 A1 WO 2015074474A1 CN 2014089404 W CN2014089404 W CN 2014089404W WO 2015074474 A1 WO2015074474 A1 WO 2015074474A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- verification
- picture
- combination
- verification code
- terminal
- Prior art date
Links
- 238000012795 verification Methods 0.000 title claims abstract description 540
- 238000000034 method Methods 0.000 title claims abstract description 75
- 238000012545 processing Methods 0.000 claims abstract description 138
- 238000005520 cutting process Methods 0.000 claims abstract description 19
- 230000008569 process Effects 0.000 claims description 20
- 230000008859 change Effects 0.000 claims description 19
- 230000009466 transformation Effects 0.000 claims description 7
- 239000003086 colorant Substances 0.000 claims description 6
- 238000000844 transformation Methods 0.000 claims description 6
- 238000005516 engineering process Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 9
- 230000004044 response Effects 0.000 description 9
- 239000002131 composite material Substances 0.000 description 6
- 230000007547 defect Effects 0.000 description 6
- 230000004083 survival effect Effects 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 3
- 238000003672 processing method Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 2
- 230000001680 brushing effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/50—Information retrieval; Database structures therefor; File system structures therefor of still image data
- G06F16/58—Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
- G06F16/5866—Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually using information manually generated, e.g. tags, keywords, comments, manually generated location and time information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T11/00—2D [Two Dimensional] image generation
- G06T11/001—Texturing; Colouring; Generation of texture or colour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T11/00—2D [Two Dimensional] image generation
- G06T11/60—Editing figures and text; Combining figures or text
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T3/00—Geometric image transformations in the plane of the image
- G06T3/18—Image warping, e.g. rearranging pixels individually
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T3/00—Geometric image transformations in the plane of the image
- G06T3/40—Scaling of whole images or parts thereof, e.g. expanding or contracting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T3/00—Geometric image transformations in the plane of the image
- G06T3/60—Rotation of whole images or parts thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Definitions
- the present invention relates to the field of computer technologies, and in particular, to a verification method, device and system.
- the verification code is a mechanism that effectively distinguishes between sending a request for access to a computer or a human. It can prevent maliciously cracking passwords, brushing tickets, forum watering, etc., and maliciously requesting the server through the terminal, thereby effectively improving the network security of the server.
- the existing verification code mechanism is to send a verification code and a verification code corresponding to the verification problem to the terminal, where the verification code includes a plurality of pictures corresponding to the verification question, so that the user selects the picture in the verification code according to the verification problem.
- the verification result is returned to the server, and the server judges whether the verification result passes the verification by counting the returned verification result.
- the process of generating a verification code corresponding to the verification question is as follows: a related picture corresponding to each verification question is stored in the server, and the picture whose label content is “Yes” is the correct answer corresponding to the verification question, and The picture including the label content is “No”, which is the wrong answer corresponding to the verification question, and the server pre-selects the preset number of pictures as a verification code, wherein the selected picture carries at least one picture of the correct answer, and records the The correct answer is the location information in the verification code.
- the server sends multiple requests for pulling the verification code, and the server randomly selects one of the pre-generated verification codes, and sends the verification code and the verification question to the terminal.
- the terminal returns the verification result, it is determined whether the verification code passes the verification according to the pre-stored location information.
- a verification method comprising:
- a verification device comprising:
- a selecting module configured to randomly select one picture combination in a plurality of pre-generated picture combinations, where the picture in the picture combination is associated with the same verification question;
- a first generating module configured to merge the pictures in the selected picture combination according to a preset combining manner, and perform image processing on the combined picture according to the second processing manner to generate a verification code
- a verification module configured to send the verification question associated with the verification code and the picture combination to the terminal, receive a verification result returned by the terminal, and perform, according to the verification result Verification, wherein the verification code is picture cut by the terminal, the verification result is that the terminal generates according to the received verification answer, and the verification answer is selected from the cut verification code.
- a verification method comprising:
- the server randomly selects one picture combination in a plurality of pre-generated picture combinations, where the pictures in the picture combination are associated with the same verification question; and the pictures in the selected picture combination are merged according to a preset merge mode, and Performing image processing on the merged picture according to the second processing manner to generate a verification code; and sending the verification question associated with the picture combination to the terminal;
- the terminal performs picture cutting on the verification code and displays the cut verification code and verification question; receives a verification answer selected according to the cut verification code; generates a verification result according to the verification answer and returns to the Server
- the server receives the verification result returned by the terminal and performs verification according to the verification result.
- an authentication system including: a terminal and a server;
- the server is configured to randomly select one picture combination in a plurality of pre-generated picture combinations, where the pictures in the picture combination are associated with the same verification question; and the pictures in the selected picture combination are according to a preset merge mode. Performing merging, and performing image processing on the merged picture according to the second processing manner to generate a verification code; sending the verification question associated with the verification code and the picture combination to the terminal, and receiving the terminal The returned verification result is verified according to the verification result;
- the terminal is configured to perform image cutting on the verification code and display the verified verification after cutting a code and verification question; receiving a verification answer selected according to the cut verification code; generating a verification result based on the verification answer and returning to the server.
- Embodiment 1 is a flowchart of a verification method provided by Embodiment 1 of the present invention.
- FIG. 2 is a flowchart of a method for generating a verification code in a verification method provided by Embodiment 2 of the present invention
- FIG. 3 is a schematic diagram of generating a picture in a picture set in a verification code in the verification method provided by Embodiment 2 of the present invention.
- FIG. 4 is a schematic diagram of a distortion processing performed on a picture in a picture set in a verification code generated by the verification method provided in Embodiment 2 of the present invention
- FIG. 5 is a schematic diagram of generating an interference line by performing a picture in a picture set in a verification code in the verification method provided in Embodiment 2 of the present invention
- FIG. 6 is a flowchart of performing verification according to a generated verification code according to Embodiment 2 of the present invention.
- FIG. 7 is a schematic structural diagram of a verification apparatus according to Embodiment 3 of the present invention.
- Embodiment 8 is a flowchart of a verification method provided by Embodiment 4 of the present invention.
- FIG. 9 is a schematic structural diagram of a verification system according to Embodiment 5 of the present invention.
- FIG. 10 is a schematic structural diagram of hardware of a verification apparatus according to an embodiment of the present invention.
- the verification code refers to a mechanism capable of distinguishing between humans and machines, and may include, for example, a CAPTCHA (Completely automated public turing test to tell computers and humans apart) verification code.
- the verification code can take many forms, such as one or more pictures, characters, symbols, or any combination thereof.
- An embodiment of the present invention provides a verification method. Referring to FIG. 1, the method flow includes steps 101-104.
- the terminal performs image cutting on the verification code, and generates a verification result according to the received verification answer, wherein the verification answer is selected in the cut verification code.
- the verification answer may be that the user selects from the verification code that is cut into multiple pictures, or the verification answer may also be selected by the attacker by malicious code or other means from the cut verification code.
- 201 In a set of pictures associated with the same verification question, randomly selecting a picture to generate a plurality of picture combinations, and performing image processing on the pictures in the picture combination according to the first processing manner.
- Each verification question in the server corresponds to a picture collection, which contains the picture with the label "Yes”, that is, the picture belonging to the correct answer of the verification question, and the picture with the label "No", that is, belongs to The picture of the wrong answer to the verification question.
- the set of pictures is stored in a first buffer corresponding to the verification question.
- the first processing mode may also include other manners of image processing, which is not limited herein.
- FIG. 1 An example of a process of selecting a picture to generate a picture combination in a picture set is illustrated. For example, there are 1 million pictures in the picture collection corresponding to a verification problem, and the setting generates 20,000 sets of picture combinations, and each picture combination includes 9 pictures.
- the pictures in the picture collection may exist in multiple picture combinations.
- the picture in each group of picture combinations needs to be processed by the first processing mode for the first time, and after the first picture processing, the pictures in each group of picture combinations are different.
- the first processing manner may include, but is not limited to, at least one of the following processing manners:
- FIG. 3 is a schematic diagram of a picture in a picture set
- FIG. 4 is a schematic view of the picture in FIG. 3 processed by a distorted picture processing method
- FIG. 5 is a picture in FIG. The schematic diagram after the image processing.
- a set of picture combinations may be selected in any group of picture combinations existing in the second buffer, and the pictures in the picture combination are entered through a preset merge mode. Line merge processing.
- the preset merge mode may be, but is not limited to, the following:
- the second picture processing is performed by the second processing method.
- the second processing manner may include, but is not limited to, at least one of the following processing manners:
- the second processing mode may also include other manners of image processing, which is not limited herein.
- the resolution or size of each picture is the same, so when generating the verification code
- the merge operation does not need to adjust the resolution or size of the image, and the resolution or size of the image used to generate the verification code, and the number of images that generate the verification code can be carried in the webpage code with the verification code. So that the terminal obtains the resolution or size of each picture in the verification code when the webpage is opened.
- the manner of merging the pictures when generating the verification code is also preset, for example, using 9 pictures to generate a verification code, which is combined in the form of a nine-square grid to merge the nine pictures.
- the merge mode may be carried in the form of the merged identifier in the webpage code with the verification code opened by the user.
- the terminal confirms the manner of cutting the image by using the merged identifier in the webpage. .
- the rate of change of processing the picture by the first processing mode is greater than the rate of change of processing the picture by the second processing mode.
- the second image processing process is for generating a verification code, and the triggering of this step may be performed in response to the verification request sent by the terminal, the processing time is limited, so the time required for the image processing is short, so the second processing method is adopted.
- the rate of change in image processing is lighter for the rate of change in image processing for the first processing mode.
- the obtained image is determined as a verification code
- the verification code is assigned a unique verification code identifier corresponding thereto, and is associated with the verification code
- the associated method may be to save the verification code and Corresponding relationship of the verification code identifier corresponding to the verification code, and storing the verification code identifier in the verification code, used to send the verification code to the terminal, stored in the returned verification result, and the server analyzes the verification code identifier according to the verification code identifier Whether the answer in the verification result is verified.
- the verification code generated at this time is stored in the third buffer corresponding to the verification question.
- An embodiment of the present invention provides a verification code verification process according to the generated verification method in the terminal. As shown in FIG. 6, the method includes:
- 601 Send the verification question associated with the verification code and the picture combination to the terminal.
- the processing process of the terminal is specifically:
- the terminal After receiving the verification code, the terminal cuts the verification code through image cutting to generate a plurality of pictures, so that the user selects the verification answer in the generated picture, and uses the selected verification answer and the verification code identifier corresponding to the verification code as The verification result is sent to the server.
- the cut by the image is the restoration of the merge operation in step 203.
- the terminal opens the webpage with the verification code
- the resolution or size of each image in the verification code is obtained, and a picture of the verification code is generated.
- the number and the combined ID are obtained.
- the manner of performing picture cutting for each verification code is determined according to the merge identification, and the number of pictures for generating the verification code determines the position at which each verification code is subjected to the cutting process according to the resolution or size of each verification code.
- the combination of the verification codes represented by the merged identifiers is as follows: the horizontal direction is arranged in a row, and the image cutting method obtained at this time is: longitudinal cutting, and the number of times of cutting is determined according to the number of pictures in which the verification code is generated, further basis The resolution or size of each image in the captcha determines the size of each longitudinal cut.
- 602 Receive the verification result returned by the terminal, and perform verification according to the verification result.
- the verification result carries the verification code identifier corresponding to the verification answer and the verification code.
- the process of verification is prior art and will not be described here.
- the verification code identifier carried in the verification result stored by the verification result is deleted.
- the verification code corresponding to the verification code identifier may be deleted, thereby reducing the storage pressure of the server.
- the verification code may also be used or deleted.
- the case where the verification code continues to be used after the verification fails is not limited herein.
- step 603 the verification process can also be performed to combine the pictures. It is preferred. Therefore, after step 603, the method further includes:
- the statistic module 706 is configured to query, according to the verification code identifier, a picture combination corresponding to the verification code, and perform statistics according to the corresponding picture combination;
- a second deleting module 707 configured to: when the verification pass rate of the verification code generated in the picture combination is lower than a preset pass rate, delete the picture combination;
- the third deleting module 708 is configured to delete the picture combination when the number of times of using the verification code generated in the picture combination is greater than a preset number of times.
- the server since the image in the verification code is merged in the server, the server does not need to receive multiple pull requests, and the process of sending multiple pictures according to multiple pull requests reduces the pressure on the server.
- the image processing is performed when the image combination is generated, and the image processing is further performed in the process of generating the verification code according to the image combination, the number of generated image combinations and verification codes is greatly increased, and finally generated. There is almost no duplication of verification codes. Therefore, the security of the server has been further improved.
- An embodiment of the present invention provides a method for generating a verification code in a verification method.
- the method process includes:
- the server randomly selects a picture combination in a plurality of pre-generated picture combinations, where the picture in the picture combination is associated with the same verification question; and the pictures in the picture combination are merged according to a preset merge mode, and according to the second The processing mode performs image processing on the merged picture to generate a verification code; and sends the verification question associated with the verification code and the picture combination to the terminal;
- the terminal performs image cutting on the verification code and displays the verified verification code and verification problem; receives a verification answer selected according to the cut verification code; generates a verification result according to the verification answer and returns to the server;
- the method before the server receives the verification request sent by the terminal, the method further includes:
- the server randomly selects a picture to generate a plurality of picture combinations in the picture set associated with the same verification question, and performs image processing on the picture in the picture combination according to the first processing manner;
- the method further includes:
- the server deletes the picture combination
- An embodiment of the present invention provides a verification system.
- the system includes:
- Terminal 901 and server 902 are Terminal 901 and server 902;
- the server 902 is configured to randomly select one picture combination in a plurality of pre-generated picture combinations, where the pictures in the picture combination are associated with the same verification question; Merging according to the preset merge mode, and performing image processing on the merged picture according to the second processing manner to generate a verification code; sending the verification question associated with the verification code and the picture combination to the terminal 901, and receiving the return of the terminal 901 Verify the results and verify according to the verification results;
- the server 902 is further configured to: in the set of pictures associated with the same verification question, randomly select a picture to generate a plurality of picture combinations, and perform image processing on the pictures in the picture combination according to the first processing manner;
- the rate of change of processing the picture by the first processing mode is greater than the rate of change of processing the picture by the second processing mode.
- the picture combination has at least a preset picture of the correct answer corresponding to the verification number.
- any one of the first processing mode and the second processing mode includes adding interference lines, increasing interference points, increasing interference polygons, modifying colors, modifying contrast, rotating pictures, stretching pictures, and distorting pictures , cropping the image, occluding the image, and performing at least one of the perspective transformation of the image.
- the server 902 is further configured to: according to the verification code, the picture combination corresponding to the verification code is used, and the corresponding picture combination is used for statistics; when the verification pass rate of the verification code generated in the picture combination is lower than the preset pass rate, The picture combination is deleted; when the number of times the verification code generated in the picture combination is used is greater than the preset number, the picture combination is deleted.
- the verification code is returned to the terminal and verified against the verification result returned by the terminal. It compensates for the defect that other people cause attacks on the server by repeatedly submitting the verification result due to the survival time of the verification code in the server, thereby improving the security of the server.
- the server since the image in the verification code is merged in the server, the server does not need to receive multiple pull requests, and the process of sending multiple pictures according to multiple pull requests reduces the pressure on the server.
- the verification device 1000 further includes a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors to include the one or more programs
- the verification code is performed by the terminal
- the picture is cut
- the verification result is that the terminal generates according to the received verification answer, and the verification answer is selected from the cut verification code.
- a person skilled in the art may understand that all or part of the steps of implementing the above embodiments may be completed by hardware, or may be instructed by a program to execute related hardware, and the program may be stored in a computer readable storage medium.
- the storage medium mentioned may be a read only memory, a magnetic disk or an optical disk or the like.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Library & Information Science (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Editing Of Facsimile Originals (AREA)
- Telephonic Communication Services (AREA)
- Electrically Operated Instructional Devices (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Processing Or Creating Images (AREA)
Abstract
Description
Claims (25)
- 一种验证方法,所述方法包括:响应于终端发送的验证请求,在预先生成的多个图片组合中随机选取一个图片组合,其中所述图片组合中的图片与同一验证问题相关联;将所选取图片组合中的图片根据预设的合并方式进行合并,并根据第二处理方式对所述合并后的图片进行图片处理生成验证码;将所述验证码和所述图片组合相关联的所述验证问题发送给所述终端,所述验证码被所述终端进行图片切割;以及接收所述终端返回的验证结果并根据所述验证结果进行验证,其中所述验证结果是所述终端根据所接收的验证答案生成,所述验证答案是从所述被切割的验证码中选取的。
- 根据权利要求1所述的方法,所述接收到终端发送的验证请求之前,所述方法还包括:在与同一验证问题相关联的图片集合中,随机选取图片生成多个图片组合,并根据第一处理方式对所述图片组合中的图片进行图片处理;其中,所述第一处理方式对图片进行处理的变化率大于所述第二处理方式对图片进行处理的变化率。
- 根据权利要求2所述的方法,所述图片组合中至少存在预设张数的所述验证问题对应的正确答案的图片。
- 根据权利要求1或2所述的方法,所述第一处理方式和所述第二处理方式中的任一包括增加干扰线条,增加干扰点,增加干扰多边形,修改颜色,修改对比度,对图片进行旋转,对图片进行拉伸,对图片进行扭曲,对图片进行裁剪,对图片进行遮挡,对图片进行透视变换中的至少一种。
- 根据权利要求1所述的方法,所述根据所述验证结果进行验证之后,所述方法还包括:当所述验证结果中的验证答案通过验证后,将存储的所述验证结果中携带的所述验证码的标识进行删除。
- 根据权利要求5所述的方法,所述根据所述验证结果进行验证之后,所述方法还包括:根据所述验证码标识查询所述验证码对应的图片组合,并对应的图片组合进行统计;当所述图片组合中生成的验证码的验证通过率低于预设通过率时,则将所述图片组合进行删除;当所述图片组合中生成的验证码的使用次数大于预设次数时,则将所述图片组合进行删除。
- 一种验证装置,所述装置包括:选取模块,用于响应于终端发送的验证请求,在预先生成的多个图片组合中随机选取一个图片组合,其中所述图片组合中的图片与同一验证问题相关联;第一生成模块,用于将所选取图片组合中的图片根据预设的合并方式进行合并,并根据第二处理方式对所述合并后的图片进行图片处理生成验证码;验证模块,用于将所述验证码和所述图片组合相关联的所述验证问题发送给所述终端,接收所述终端返回的验证结果并根据所述验证结果进行验证,其中所述验证码被所述终端进行图片切割,所述验证结果是所述终端根据所接收的验证答案生成,所述验证答案是从所述被切割的验证码中选取的。
- 根据权利要求7所述的装置,所述装置还包括:第二生成模块,用于在与同一验证问题相关联的图片集合中,随机选取图片生成多个图片组合,并根据第一处理方式对所述图片组合中的图片进行图片处理;其中,所述第一处理方式对图片进行处理的变化率大于所述第二处理方式对图片进行处理的变化率。
- 根据权利要求8所述的装置,所述图片组合中至少存在预设张数的所述验证问题对应的正确答案的图片。
- 根据权利要求8或9所述的装置,所述第一处理方式和所述第二处理方式中的任一包括增加干扰线条,增加干扰点,增加干扰多边形,修改颜色,修改对比度,对图片进行旋转,对图片进行拉伸,对图片进行扭 曲,对图片进行裁剪,对图片进行遮挡,对图片进行透视变换中的至少一种。
- 根据权利要求7所述的装置,所述装置还包括:第一删除模块,用于当所述验证结果中的验证答案通过验证后,将存储的所述验证结果中携带的所述验证码标识进行删除。
- 根据权利要求11所述的装置,所述装置还包括:统计模块,用于根据所述验证码标识查询所述验证码对应的图片组合,并对应的图片组合进行统计;第二删除模块,用于当所述图片组合中生成的验证码的验证通过率低于预设通过率时,则将所述图片组合进行删除;第三删除模块,用于当所述图片组合中生成的验证码的使用次数大于预设次数时,则将所述图片组合进行删除。
- 一种验证方法,所述方法包括:服务器在预先生成的多个图片组合中随机选取一个图片组合,其中所述图片组合中的图片与同一验证问题相关联;将所选取图片组合中的图片根据预设的合并方式进行合并,并根据第二处理方式对所述合并后的图片进行图片处理生成验证码;将所述验证码和所述图片组合相关联的所述验证问题发送给终端;所述终端对所述验证码进行图片切割并展示所述切割后的验证码和验证问题;接收根据所述切割后的验证码选择的验证答案;根据所述验证答案生成验证结果并返回给所述服务器;所述服务器接收所述终端返回的验证结果并根据所述验证结果进行验证。
- 根据权利要求13所述的方法,所述服务器接收到所述终端发送的验证请求之前,所述方法还包括:所述服务器在与同一验证问题相关联的图片集合中,随机选取图片生成多个图片组合,并根据第一处理方式对所述图片组合中的图片进行图片处理;其中,所述第一处理方式对图片进行处理的变化率大于所述第二处理 方式对图片进行处理的变化率。
- 根据权利要求14所述的方法,所述图片组合中至少存在预设张数的所述验证问题对应的正确答案的图片。
- 根据权利要求13或14所述的方法,所述第一处理方式和所述第二处理方式中的任一包括增加干扰线条,增加干扰点,增加干扰多边形,修改颜色,修改对比度,对图片进行旋转,对图片进行拉伸,对图片进行扭曲,对图片进行裁剪,对图片进行遮挡,对图片进行透视变换中的至少一种。
- 根据权利要求13所述的方法,所述服务器根据所述验证结果进行验证之后,所述方法还包括:当所述验证结果中的验证答案通过验证后,所述服务器将存储的所述验证结果中携带的所述验证码的标识进行删除。
- 根据权利要求17所述的方法,所述服务器根据所述验证结果进行验证之后,所述方法还包括:所述服务器根据所述验证码标识查询所述验证码对应的图片组合,并对应的图片组合进行统计;当所述图片组合中生成的验证码的验证通过率低于预设通过率时,所述服务器则将所述图片组合进行删除;当所述图片组合中生成的验证码的使用次数大于预设次数时,所述服务器则将所述图片组合进行删除。
- 一种验证系统,包括:终端和服务器;所述服务器,用于在预先生成的多个图片组合中随机选取一个图片组合,其中所述图片组合中的图片与同一验证问题相关联;将所选取图片组合中的图片根据预设的合并方式进行合并,并根据第二处理方式对所述合并后的图片进行图片处理生成验证码;将所述验证码和所述图片组合相关联的所述验证问题发送给所述终端,接收所述终端返回的验证结果并根据所述验证结果进行验证;所述终端,用于对所述验证码进行图片切割并展示所述切割后的验证码和验证问题;接收根据所述切割后的验证码选择的验证答案;根据所述 验证答案生成验证结果并返回给所述服务器。
- 根据权利要求19所述的系统,所述服务器,还用于在与同一验证问题相关联的图片集合中,随机选取图片生成多个图片组合,并根据第一处理方式对所述图片组合中的图片进行图片处理;其中,所述第一处理方式对图片进行处理的变化率大于所述第二处理方式对图片进行处理的变化率。
- 根据权利要求20所述的系统,所述图片组合中至少存在预设张数的所述验证问题对应的正确答案的图片。
- 根据权利要求19或20所述的系统,所述第一处理方式和所述第二处理方式中的任一包括增加干扰线条,增加干扰点,增加干扰多边形,修改颜色,修改对比度,对图片进行旋转,对图片进行拉伸,对图片进行扭曲,对图片进行裁剪,对图片进行遮挡,对图片进行透视变换中的至少一种。
- 根据权利要求19所述的系统,所述服务器,还用于当所述验证结果中的验证答案通过验证后,将存储的所述验证结果中携带的所述验证码的标识进行删除。
- 根据权利要求23所述的系统,所述服务器,还用于根据所述验证码标识查询所述验证码对应的图片组合,并对应的图片组合进行统计;当所述图片组合中生成的验证码的验证通过率低于预设通过率时,则将所述图片组合进行删除;当所述图片组合中生成的验证码的使用次数大于预设次数时,则将所述图片组合进行删除。
- 一种非瞬时性的计算机可读存储介质,其上存储有计算机可执行指令,当计算机中运行这些可执行指令时,执行如下步骤:响应于终端发送的验证请求,在预先生成的多个图片组合中随机选取一个图片组合,其中所述图片组合中的图片与同一验证问题相关联;将所选取图片组合中的图片根据预设的合并方式进行合并,并根据第二处理方式对所述合并后的图片进行图片处理生成验证码;将所述验证码和所述图片组合相关联的所述验证问题发送给所述终端,所述验证码被所述终端进行图片切割;以及接收所述终端返回的验证结果并根据所述验证结果进行验证,其中所述验证结果是所述终端根据所接收的验证答案生成,所述验证答案是从所述被切割的验证码中选取的。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/035,424 US9690923B2 (en) | 2013-11-19 | 2014-10-24 | Method, apparatus and system for verifying terminal |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310585392.8A CN104660402B (zh) | 2013-11-19 | 2013-11-19 | 一种对终端进行验证的方法、装置及系统 |
CN201310585392.8 | 2013-11-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015074474A1 true WO2015074474A1 (zh) | 2015-05-28 |
Family
ID=53178914
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2014/089404 WO2015074474A1 (zh) | 2013-11-19 | 2014-10-24 | 验证方法、装置及系统 |
Country Status (3)
Country | Link |
---|---|
US (1) | US9690923B2 (zh) |
CN (1) | CN104660402B (zh) |
WO (1) | WO2015074474A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018059127A1 (zh) * | 2016-09-27 | 2018-04-05 | 中兴通讯股份有限公司 | 一种安全验证的方法及装置 |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106055963B (zh) * | 2016-06-30 | 2019-10-01 | 珠海市魅族科技有限公司 | 一种验证方法及装置 |
CN108989269B (zh) * | 2017-06-02 | 2021-10-15 | 阿里巴巴集团控股有限公司 | 获取验证码的方法、装置和系统 |
CN107995170B (zh) * | 2017-11-21 | 2021-05-28 | 重庆金融资产交易所有限责任公司 | 身份验证方法、装置、计算机设备和计算机可读存储介质 |
CN108182356A (zh) * | 2017-12-19 | 2018-06-19 | 重庆亚凡科技有限公司 | 提问式图片验证码的生成系统 |
US10691789B2 (en) * | 2017-12-19 | 2020-06-23 | International Business Machines Corporation | Authentication/security using user activity mining based live question-answering |
CN108076061A (zh) * | 2017-12-19 | 2018-05-25 | 重庆亚凡科技有限公司 | 提问式图片验证方法 |
CN109040001B (zh) * | 2018-02-14 | 2021-07-27 | 北京梆梆安全科技有限公司 | 一种验证用户的方法、终端和服务器 |
CN108512850A (zh) * | 2018-04-02 | 2018-09-07 | 广东能龙教育股份有限公司 | 一种基于问答题目的智能验证码的处理方法 |
CN110798435B (zh) * | 2018-08-03 | 2021-12-07 | 广州小鹏汽车科技有限公司 | 一种验证码校验方法及装置 |
CN109635535A (zh) * | 2018-12-14 | 2019-04-16 | 泰康保险集团股份有限公司 | 用于验证用户身份的方法 |
CN110348450A (zh) * | 2019-07-15 | 2019-10-18 | 中国工商银行股份有限公司 | 用于图像验证码的安全评估方法、装置和计算机系统 |
CN110995677A (zh) * | 2019-11-22 | 2020-04-10 | 河北网新科技集团有限公司 | 一种验证码生成方法、登录验证方法及登录验证系统 |
CN111143813B (zh) * | 2019-12-27 | 2022-02-22 | 网易(杭州)网络有限公司 | 一种验证问题的生成方法、验证方法及装置 |
CN111177689A (zh) * | 2019-12-30 | 2020-05-19 | 广东智媒云图科技股份有限公司 | 验证码的生成方法及装置 |
CN111447207B (zh) * | 2020-03-24 | 2022-11-01 | 咪咕文化科技有限公司 | 验证码验证方法、电子设备及存储介质 |
CN112839026B (zh) * | 2020-11-30 | 2022-07-26 | 中冶华天南京工程技术有限公司 | 基于随机网格与随机水印轮廓的行为验证码生成及验证方法 |
CN112507641B (zh) * | 2020-12-17 | 2022-07-05 | 中科芯云微电子科技有限公司 | 一种集成电路交替式验证方法及系统 |
CN113422687B (zh) * | 2021-06-24 | 2023-02-28 | 中国农业银行股份有限公司 | 一种验证方法、验证服务器和验证系统 |
CN115001751B (zh) * | 2022-05-06 | 2024-01-09 | 上海增融信息科技有限公司 | 一种动态验证方法、装置、电子设备及存储介质 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101388078A (zh) * | 2008-09-27 | 2009-03-18 | 腾讯科技(深圳)有限公司 | 基于验证的文本识别的方法及装置 |
CN102592254A (zh) * | 2011-10-25 | 2012-07-18 | 上海博路信息技术有限公司 | 一种图像拼接方式的验证码系统 |
CN102724191A (zh) * | 2012-06-11 | 2012-10-10 | 华南理工大学 | 一种图文结合的Web验证码安全防护方法及装置 |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7929805B2 (en) * | 2006-01-31 | 2011-04-19 | The Penn State Research Foundation | Image-based CAPTCHA generation system |
US7891005B1 (en) * | 2006-08-10 | 2011-02-15 | Google Inc. | Verifying human interaction via rotated images |
CN101179381B (zh) * | 2006-11-07 | 2010-11-03 | 阿里巴巴集团控股有限公司 | 一种验证信息的方法和装置 |
US20100046790A1 (en) * | 2008-08-22 | 2010-02-25 | Koziol Anthony R | Method and system for generating a symbol identification challenge |
US8397275B1 (en) * | 2009-02-05 | 2013-03-12 | Google Inc. | Time-varying sequenced image overlays for CAPTCHA |
US9225531B2 (en) * | 2009-06-18 | 2015-12-29 | Visa International Service Association | Automated test to tell computers and humans apart |
US20120323700A1 (en) * | 2011-06-20 | 2012-12-20 | Prays Nikolay Aleksandrovich | Image-based captcha system |
US8918851B1 (en) * | 2013-07-26 | 2014-12-23 | Michael Iannamico | Juxtapositional image based authentication system and apparatus |
US9501632B2 (en) * | 2013-08-30 | 2016-11-22 | Lenovo (Singapore) Pte. Ltd. | Visual authentication to a computing device |
-
2013
- 2013-11-19 CN CN201310585392.8A patent/CN104660402B/zh active Active
-
2014
- 2014-10-24 WO PCT/CN2014/089404 patent/WO2015074474A1/zh active Application Filing
- 2014-10-24 US US15/035,424 patent/US9690923B2/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101388078A (zh) * | 2008-09-27 | 2009-03-18 | 腾讯科技(深圳)有限公司 | 基于验证的文本识别的方法及装置 |
CN102592254A (zh) * | 2011-10-25 | 2012-07-18 | 上海博路信息技术有限公司 | 一种图像拼接方式的验证码系统 |
CN102724191A (zh) * | 2012-06-11 | 2012-10-10 | 华南理工大学 | 一种图文结合的Web验证码安全防护方法及装置 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018059127A1 (zh) * | 2016-09-27 | 2018-04-05 | 中兴通讯股份有限公司 | 一种安全验证的方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN104660402B (zh) | 2018-05-25 |
US20160292411A1 (en) | 2016-10-06 |
CN104660402A (zh) | 2015-05-27 |
US9690923B2 (en) | 2017-06-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2015074474A1 (zh) | 验证方法、装置及系统 | |
US10798081B2 (en) | Method, apparatus, and system for providing a security check | |
US10218506B1 (en) | Cross-device authentication | |
WO2019165675A1 (zh) | 登录验证方法、装置、计算机设备及存储介质 | |
US9660974B2 (en) | Fingerprint based authentication for single sign on | |
US8661254B1 (en) | Authentication of a client using a mobile device and an optical link | |
US9003506B2 (en) | Mobile out-of-band authentication service | |
CN104468531B (zh) | 敏感数据的授权方法、装置和系统 | |
US9117068B1 (en) | Password protection using pattern | |
WO2020041747A1 (en) | Methods, apparatuses, and computer program products for frictionless electronic signature management | |
CN104700007A (zh) | 一种手势印象密码的设置及应用方法 | |
TW201407403A (zh) | 身份認證管理裝置及其方法 | |
CN103455965A (zh) | 一种基于验证图片的验证方法、装置及服务器 | |
US20160180073A1 (en) | Captcha processing method and device, terminal and server | |
CN108900561A (zh) | 单点登录的方法、装置及系统 | |
JP2015115079A (ja) | 認証入力方法および装置 | |
CN103327034A (zh) | 安全登录方法、系统和装置 | |
WO2015032281A1 (en) | Method and system for generating and processing challenge-response tests | |
WO2015062441A1 (zh) | CGI web界面下的多会话验证码的产生及验证方法 | |
WO2015179640A1 (en) | Method, apparatus, and system for providing a security check | |
Jiang et al. | Two-way graphic password for mobile user authentication | |
CN109104290A (zh) | 一种无需重注册并支持离线认证的动态口令认证方法 | |
US11704418B2 (en) | Fingerprint encryption method and device, fingerprint decryption method and device, storage medium and terminal | |
CN104113514B (zh) | 信息安全的处理方法和装置 | |
Hande et al. | Image based authentication for folder security using persuasive cued click-points and SHA |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14864588 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15035424 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 29.09.2016) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 14864588 Country of ref document: EP Kind code of ref document: A1 |