WO2016058556A1 - Procédé et dispositif de traitement de service - Google Patents

Procédé et dispositif de traitement de service Download PDF

Info

Publication number
WO2016058556A1
WO2016058556A1 PCT/CN2015/092136 CN2015092136W WO2016058556A1 WO 2016058556 A1 WO2016058556 A1 WO 2016058556A1 CN 2015092136 W CN2015092136 W CN 2015092136W WO 2016058556 A1 WO2016058556 A1 WO 2016058556A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
verification
service
server
motion
Prior art date
Application number
PCT/CN2015/092136
Other languages
English (en)
Chinese (zh)
Inventor
陈秋滢
Original Assignee
腾讯科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 腾讯科技(深圳)有限公司 filed Critical 腾讯科技(深圳)有限公司
Publication of WO2016058556A1 publication Critical patent/WO2016058556A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to the field of Internet technologies, and in particular, to the field of service processing technologies, and in particular, to a service processing method and apparatus.
  • identity authentication refers to the process of confirming the legal identity of the user who uses the service processing service.
  • identity authentication refers to the process of confirming the legal identity of the user who uses the service processing service.
  • the first request is to perform identity authentication on the requester, usually to check the identifier, password, and the like input by the requester, and if the input information matches the pre-configured identifier, password, and the like.
  • the identity authentication is successful, the user is confirmed as a legitimate identity; secondly, the requested service is processed.
  • the identity authentication process is relatively simple, and the input information such as identification and password is easily stolen or tampered, which reduces the security of the business process, and is not suitable for services involving, for example, transaction data, including accounts.
  • Business services such as data require high security business processes.
  • the embodiment of the invention provides a service processing method and device, which can perform security authentication on the service request process based on the motion of the service requester, and improve the security of the service processing.
  • a first aspect of the embodiments of the present invention provides a service processing method, which may include:
  • the server acquires configuration information of the second terminal, where the configuration information carries a verification parameter
  • the first terminal collects data to be verified according to the verification notification, and the data to be verified is Report to the server;
  • the server performs security verification on the to-be-checked data by using the verification parameter, and processes the requested service after the verification is passed.
  • the second aspect of the embodiment of the present invention provides another service processing method, which may include:
  • the first terminal sends a service request to the second terminal, so that the server acquires configuration information of the second terminal, where the configuration information carries a verification parameter;
  • the first terminal reports the to-be-checked data to the server, so that the server performs security verification on the to-be-checked data by using the verification parameter, and after the verification is passed, the requested service is performed. Process it.
  • a third aspect of the embodiments of the present invention provides a service processing method, which may include:
  • the server acquires configuration information of the second terminal, where the configuration information carries a verification parameter
  • the server sends a verification notification to the first terminal, so that the first terminal collects data to be verified according to the verification notification, and reports the data to be verified to the server;
  • the server performs security verification on the to-be-checked data by using the verification parameter, and processes the requested service after the verification is passed.
  • a fourth aspect of the embodiments of the present invention provides a service processing apparatus, which may include:
  • a service requesting unit configured to send a service request to the second terminal, so that the server acquires configuration information of the second terminal, where the configuration information carries a verification parameter
  • a notification receiving unit configured to receive a verification notification sent by the server
  • a data collection unit configured to collect data to be verified according to the verification notification
  • a reporting unit configured to report the to-be-checked data to the server, so that the server performs security verification on the to-be-checked data by using the verification parameter, and after the verification is passed, the requested service is performed. Process it.
  • a fifth aspect of the embodiments of the present invention provides a terminal, which may include the service processing apparatus provided in the foregoing fourth aspect.
  • a sixth aspect of the embodiments of the present invention provides another service processing apparatus, which may include:
  • the acquiring unit is configured to acquire the first when the first terminal sends a service request to the second terminal
  • the configuration information of the second terminal where the configuration information carries a verification parameter
  • a notification unit configured to send a verification notification to the first terminal, so that the first terminal collects data to be verified according to the verification notification, and reports the data to be verified to the server;
  • a security verification unit configured to perform security verification on the to-be-checked data by using the verification parameter
  • the service processing unit is configured to process the requested service after the verification is passed.
  • a seventh aspect of the embodiments of the present invention provides a server, which may include the service processing apparatus according to the sixth aspect.
  • the server may request the first terminal to report the data to be verified according to the configuration information of the second terminal, and The reported data to be verified is subjected to security authentication. After the security authentication is passed, the server processes the requested service. Because the content of the data to be verified is relatively complex, it is difficult to be recorded and cracked, so it is based on the service processing process. Checking the data for security verification can effectively ensure the reliability of the business process and improve the security of business processing.
  • FIG. 1 is a flowchart of a service processing method according to an embodiment of the present invention
  • FIG. 2 is a flowchart of another service processing method according to an embodiment of the present invention.
  • FIG. 3 is a flowchart of still another service processing method according to an embodiment of the present invention.
  • FIG. 4 is a flowchart of still another service processing method according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a service processing apparatus according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic structural diagram of an embodiment of the data collection unit shown in FIG. 5;
  • FIG. 7 is a schematic structural diagram of another service processing apparatus according to an embodiment of the present disclosure.
  • FIG. 8 is a schematic structural diagram of an embodiment of the security verification unit shown in FIG. 7;
  • FIG. 9 is a schematic structural diagram of an embodiment of the service processing unit shown in FIG. 7;
  • FIG. 10 is a schematic structural view of an embodiment of the configuration unit shown in FIG. 7;
  • FIG. 11 is a schematic structural view of an embodiment of the detecting unit shown in FIG. 7;
  • FIG. 12 is a schematic structural view of another embodiment of the detecting unit shown in FIG. 7;
  • Figure 13 is a schematic structural view of still another embodiment of the detecting unit shown in Figure 7;
  • FIG. 14 is a schematic structural diagram of a terminal according to an embodiment of the present disclosure.
  • FIG. 15 is a schematic structural diagram of a server according to an embodiment of the present invention.
  • the terminal may be a smart terminal with network function, such as a notebook computer, a mobile phone, a PAD (tablet), a smart wearable device, an in-vehicle terminal, and the like.
  • the first terminal may be any one of the above-mentioned smart terminals with network functions
  • the second terminal may be any one of the above-mentioned smart terminals with network functions except the first terminal.
  • the server may be a server having a business processing function, which can process an interactive service including transaction data, account data, multimedia data, and the like, and can perform a process such as security verification involved in the business process.
  • the service processing solution of the embodiment of the present invention may process the interaction service between the first terminal and the second terminal.
  • the original identity verification process may be compatible in the process of the service processing, for example, the identity authentication may be performed based on the input information such as the verification identifier and the password to the service requester;
  • the motion data is further used to perform security verification.
  • the first terminal acts as a service requester, performs a motion operation for security verification based on the first terminal in the service processing process, and reports motion data to be verified generated by the motion operation. Perform security verification on the requested service.
  • the interactive service may be a service including transaction data, for example, the first terminal and the second terminal perform a virtual item transaction in the game application, and the virtual item to be traded and the virtual item involved are required to be involved, such as points. Transaction data such as virtual currency is transferred between the first terminal and the second terminal.
  • the interactive service may also be a service that includes account data. For example, the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for it, and needs to be based on the attribute of the purchased item. User B on the second terminal side In the account, the account data equivalent to the purchased item is transferred.
  • the interactive service may also be a service including multimedia data such as pictures, audio and video, for example, the instant communication user A requests the instant communication user B of the second terminal side to interact with the picture data through the first terminal, and needs to input the requested picture data from the The second terminal transfers processing to the first terminal.
  • multimedia data such as pictures, audio and video
  • FIG. 1 is a flowchart of a service processing method according to an embodiment of the present invention. This embodiment describes the flow of the service processing method from the first terminal side; specifically, the method may include at least the following steps S101 to S104.
  • step S101 the first terminal sends a service request to the second terminal, so that the server acquires the configuration information of the second terminal, where the configuration information carries the verification parameter.
  • the verification parameters include, but are not limited to, authentication parameters such as facial expressions, fingerprints, and voices of the user on the terminal side, which can be implemented by face recognition technology, fingerprint recognition technology, and voice recognition technology, respectively.
  • the check parameter may also be a motion check parameter, and the motion check parameter may include a motion track and a motion time.
  • the motion check parameter may be pre-configured by the second terminal for performing security verification on the service involved in the second terminal.
  • the second terminal may be a terminal with a motion detection function, and the second terminal may be used to detect various motion operations performed by the second terminal, for example, the second terminal may be a built-in gyroscope and an acceleration sensor.
  • a terminal of the sensing device such as a gravity sensor
  • the second terminal can detect various motion operations performed by itself through the built-in sensing device.
  • the user on the second terminal side can perform service configuration on the server through the second terminal, and the service configuration can include configuration of motion check parameters.
  • the user on the second terminal side can perform an action for performing security verification by using the second terminal in the service configuration process, for example, the user on the second terminal side can shake the second terminal, or the second terminal side
  • the user may wave the second terminal, or the user on the second terminal side may hold the second terminal to perform a drawing operation, and the like, the second terminal is executed under the action control of the user on the second terminal side.
  • the second terminal may detect motion trajectory generated by the trajectory generated by the motion operation performed by itself, the time required to complete the motion operation, and perform motion calibration parameter configuration based on the motion feature data.
  • the service configuration may further include the configuration of the service information.
  • the user on the second terminal side inputs the configured service information in the service configuration process, for example, the user on the second terminal side can input the acceptable or the second terminal can The type of business being processed and confirming whether the type of business entered requires security verification. And information indicating how the business type is handled.
  • the server generates configuration information of the second terminal according to the configuration of the second terminal, where the configuration information includes the motion check parameter and service information.
  • the first terminal may send a service request to the second terminal by using the server.
  • the first terminal may first send a service request for the second terminal to the server, where The server forwards the service request sent by the first terminal to the second terminal.
  • the service request is used to request the second terminal to process the requested service.
  • the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the user.
  • step S102 the first terminal receives the verification notification sent by the server.
  • the verification notification is used to notify that the service requested by the first terminal needs to perform security verification, and the first terminal needs to perform a motion operation to be verified for security verification, and report the to-be-checked motion operation. Verify motion data.
  • the first terminal may establish a wired or wireless connection with the server, and the first terminal may receive a verification notification sent by the server based on an established wired or wireless connection with the server.
  • step S103 the first terminal collects data to be verified according to the verification notification.
  • the to-be-checked data includes motion data to be checked, and the to-be-checked motion data is in a motion operation of the first terminal to perform verification for security verification.
  • the collected motion data may be a terminal with a motion detection function, and the first terminal may be used to detect various motion operations performed by itself.
  • the first terminal may be a terminal built with a sensing device such as a gyroscope, an acceleration sensor, a gravity sensor, etc., and the first terminal may detect various motion operations performed by itself through the built-in sensing device.
  • the motion operation to be verified for the security verification is performed by the user on the first terminal side through the first terminal.
  • the user on the first terminal side performs the to-be-corrected state through the first terminal.
  • the specific content of the motion operation to be verified needs to be known.
  • the user on the first terminal side can communicate with the user on the second terminal side and communicate face to face.
  • the specific content of the motion operation to be verified is obtained by means of network video communication, etc.
  • the specific content of the motion operation to be verified is the action represented by the motion check parameter configured by the second terminal. Specific content.
  • the user on the first terminal side performs the learned motion to be verified by the first terminal, for example, the user on the first terminal side shakes the first terminal, or the user on the first terminal side swings the first
  • the terminal, or the user on the first terminal side holds the first terminal to perform a drawing operation, and the like, the first terminal performs a motion operation to be verified under the action control of the user on the first terminal side
  • the first terminal may collect the trajectory generated by the motion operation to be verified performed by itself, and wait for the time required to complete the motion operation to be verified to check the motion data.
  • step S104 the first terminal reports the to-be-checked data to the server, so that the server performs security verification on the to-be-checked data by using the verification parameter, and after the verification is passed, Process the requested business.
  • the first terminal may establish a wired or wireless connection with the server, and the first terminal may report the to-be-checked motion data to the server by using a wired or wireless connection established with the server.
  • the server performs security verification on the motion data to be checked by using the motion check parameter, that is, whether the motion operation to be verified performed by the first terminal for security verification is the second terminal.
  • the action characterized by the configured motion check parameter. If the user on the first terminal side needs to know the specific content of the motion operation to be verified from the user on the second terminal side, if the security verification is passed, it indicates that the user on the first terminal side successfully succeeds from the user on the second terminal side.
  • the server can process the requested service.
  • the server when the first terminal sends a service request to the second terminal, the server may request the first terminal to report the motion data to be checked according to the configuration information of the second terminal, and perform the check data to be verified.
  • Security authentication after the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complicated, it is difficult to be recorded and cracked, so the security verification based on the motion data in the business process can effectively ensure the service Improve the reliability of the processing process and improve the security of business processing.
  • FIG. 2 is a flowchart of another service processing method according to an embodiment of the present invention. This embodiment describes the flow of the service processing method from the server side; the method may include at least the following steps S201 to S204.
  • the server acquires the configuration information of the second terminal, where the configuration information carries the verification parameter.
  • the verification parameters include, but are not limited to, authentication parameters such as facial expressions, fingerprints, and voices of the user on the terminal side, which can be implemented by face recognition technology, fingerprint recognition technology, and voice recognition technology, respectively.
  • the check parameter may also be a motion check parameter, where the configuration information may carry a motion check parameter, where the motion check parameter may be pre-configured by the second terminal, and is used for the second terminal.
  • the business conducts security verification information.
  • the configuration information may further include service information; the service information may include at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type.
  • the service type may be classified according to risks that may exist in the service processing process, and may include, but is not limited to, a security type or a risk type.
  • a preset risk threshold may be introduced, where the risk factor involved in the processing of the security type service is lower than a preset risk threshold, and the risk coefficient involved in the processing of the risk type service is higher than the pre-process Set the risk threshold.
  • the preset risk threshold may be set according to actual needs, for example, may be set based on factors such as Trojan risk, phishing risk, or risk tolerance of the user on the second terminal side.
  • the service of the security type may include, but is not limited to, an interactive service including multimedia data such as pictures, audio and video.
  • the risk type of service may include, but is not limited to, an interactive service including transaction data or account data. Further, the risk type may be further divided into a low risk type or a high risk type according to the size of the data value, where the data value to be processed involved in the low risk type service is less than a preset value; for example, the amount is less than a preset value.
  • the data transfer service for the payment of the high-risk type; the data value to be processed involved in the high-risk type of service is greater than or equal to a preset value; for example, the data transfer service for which the payment is greater than the preset value.
  • the security verification attribute may include a positive attribute or a negative attribute, the affirmative attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the security verification attribute may be represented by a flag bit, for example, the flag of the affirmative attribute may be set to 1, and the flag of the negative attribute may be set to 0;
  • the processing manner of the service type may include, but is not limited to, the processing method corresponding to the security type may be directly performing service processing; the processing method corresponding to the low risk type may output a notification after the service processing; and the processing corresponding to the high risk type The method can output a notification before the business processing, and perform business processing after obtaining the confirmation.
  • step S202 the server sends a verification notification to the first terminal, so that the first terminal collects data to be verified according to the verification notification, and reports the to-be-checked data to the service. Device.
  • the to-be-checked data includes motion data to be checked, and the to-be-checked motion data is in a motion operation of the first terminal to perform verification for security verification.
  • the verification notification is used to notify that the service requested by the first terminal needs to perform security verification, and the first terminal needs to perform a motion operation to be verified for security verification, and report the to-be-checked motion operation. Verify motion data.
  • the server may establish a wired or wireless connection with the first terminal, and the server may send a verification notification to the first terminal based on an established wired or wireless connection with the first terminal.
  • the first terminal performs a motion operation to be verified for the security verification according to the verification notification, and the motion operation to be verified for the security verification is performed by the user on the first terminal side through the first terminal.
  • the specific content of the motion operation to be verified needs to be known first.
  • the The user on the first terminal side can learn the specific content of the motion operation to be verified by performing telephone communication, face-to-face communication, or network video communication with the user on the second terminal side, and the motion to be verified.
  • the specific content of the operation is the specific content of the action characterized by the motion check parameter configured by the second terminal.
  • the user on the first terminal side performs the learned motion to be verified by the first terminal, for example, the user on the first terminal side shakes the first terminal, or the user on the first terminal side swings the first The terminal, or the user on the first terminal side, holds the first terminal to perform a drawing operation, and the like.
  • the first terminal performs a motion operation to be verified under the action control of the user on the first terminal side, and the first terminal may collect a trajectory generated by the motion operation to be verified performed by the first terminal, and complete the location
  • the time required for the motion operation to be verified is awaiting verification of the motion data and reporting to the server.
  • step S203 the server performs security verification on the to-be-checked data by using the verification parameter.
  • the server performs security verification on the motion data to be checked by using the motion check parameter, that is, whether the motion operation to be verified performed by the first terminal for security verification is the second terminal.
  • the action characterized by the configured motion check parameter If the user on the first terminal side needs to know the specific content of the motion operation to be verified from the user on the second terminal side, if the security verification is passed, it indicates that the user on the first terminal side successfully succeeds from the user on the second terminal side. Obtaining the specific content of the action characterized by the motion check parameter, indicating that the user on the first terminal side is a legal identity user, further indicating that the first terminal that is the originating service request is a legal terminal, thereby confirming the service The security of the process.
  • step S204 after the verification is passed, the server processes the requested service.
  • the server processes the requested service, for example, the first terminal and the second terminal perform a transaction of the virtual item in the game application, and the requested service is a service including transaction data, and the server needs to include
  • the transactiond virtual item and transaction data such as points, virtual currency, and the like involved in the virtual item are transferred between the first terminal and the second terminal.
  • the user A purchases the item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the service.
  • the requested service is a service including account data, and the server needs to be based on the attribute of the purchased item.
  • the account data equivalent to the purchased item in the account of the user B on the second terminal side is transferred.
  • the instant communication user A requests the instant communication user B of the second terminal side to interact with the picture data through the first terminal, and the requested service is an interactive service including picture data, and the server needs to input the requested picture data from the first The second terminal transfers processing to the first terminal.
  • the server when the first terminal sends a service request to the second terminal, the server may request the first terminal to report the motion data to be checked according to the configuration information of the second terminal, and perform the check data to be verified.
  • Security authentication after the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complicated, it is difficult to be recorded and cracked, so the security verification based on the motion data in the business process can effectively ensure the service Improve the reliability of the processing process and improve the security of business processing.
  • FIG. 3 is a flowchart of still another service processing method according to an embodiment of the present invention.
  • the flow of the service processing method is described from the interaction between the first terminal and the second terminal and the server; the method may include at least the following steps S301 to S306.
  • step S301 when the first terminal sends a service request to the second terminal, the server acquires configuration information of the second terminal, where the configuration information carries a verification parameter.
  • the verification parameter includes, but is not limited to, a verification parameter of a facial expression, a fingerprint, a voice, and the like of a user on the terminal side, which can be implemented by a face recognition technology, a fingerprint recognition technology, a voice recognition technology, and the like, respectively.
  • the check parameter may also be a motion check parameter, where the configuration information may carry a motion check parameter, where the motion check parameter may be pre-configured by the second terminal, and used for the second terminal.
  • the configuration information may further include service information; the service information may include at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type.
  • the service type may be classified according to risks that may exist in the service processing process, and may include, but is not limited to, a security type or a risk type.
  • a preset risk threshold may be introduced, where the risk factor involved in the processing of the security type service is lower than a preset risk threshold, and the risk coefficient involved in the processing of the risk type service is higher than the pre-process Set the risk threshold.
  • the preset risk threshold may be set according to actual needs, for example, may be set based on factors such as Trojan risk, phishing risk, or risk tolerance of the user on the second terminal side.
  • the service of the security type may include, but is not limited to, an interactive service including multimedia data such as pictures, audio and video.
  • the risk type of service may include, but is not limited to, an interactive service including transaction data or account data. Further, the risk type may be further divided into a low risk type or a high risk type according to the size of the data value, where the data value to be processed involved in the low risk type service is less than a preset value; for example, the amount is less than a preset value.
  • the data transfer service for the payment of the high-risk type; the data value to be processed involved in the high-risk type of service is greater than or equal to a preset value; for example, the data transfer service for which the payment is greater than the preset value.
  • the security verification attribute may include a positive attribute or a negative attribute, the affirmative attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the security verification attribute may be represented by a flag bit, for example, the flag of the affirmative attribute may be set to 1, and the flag of the negative attribute may be set to 0;
  • the processing manner of the service type may include, but is not limited to, the processing method corresponding to the security type may be directly performing service processing; the processing method corresponding to the low risk type may output a notification after the service processing; and the processing corresponding to the high risk type The method can output a notification before the business processing, and perform business processing after obtaining the confirmation.
  • the first terminal may send a service request to the second terminal by using the server.
  • the first terminal may first send a service request for the second terminal to the server, where the server Forwarding, by the second terminal, the service request sent by the first terminal.
  • the service request is used to request the second terminal to process the requested service.
  • the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the user.
  • step S302 the server sends a verification notification to the first terminal.
  • the verification notification is used to notify the first terminal that the requested service needs to perform security verification, and the first terminal needs to perform a motion operation to be verified for security verification, and report the motion operation to be verified.
  • the server may establish a wired or wireless connection with the first terminal, and the server may send a verification notification to the first terminal based on an established wired or wireless connection with the first terminal.
  • step S303 the first terminal collects data to be verified according to the verification notification.
  • the to-be-checked data includes motion data to be checked, and the to-be-checked motion data is that the first terminal is performing verification for security verification.
  • the first terminal may be a terminal with a motion detection function, and the first terminal may be used to detect various motion operations performed by the first terminal, for example, the first terminal may be a built-in gyroscope or an acceleration sensor. a terminal of the sensing device such as a gravity sensor, wherein the first terminal can detect various motion operations performed by itself through the built-in sensing device.
  • the motion operation to be verified for the security verification is performed by the user on the first terminal side through the first terminal.
  • the user on the first terminal side performs the to-be-corrected state through the first terminal.
  • the specific content of the motion operation to be verified needs to be known.
  • the user on the first terminal side can communicate with the user on the second terminal side and communicate face to face.
  • the specific content of the motion operation to be verified is obtained by means of network video communication, etc.
  • the specific content of the motion operation to be verified is the action represented by the motion check parameter configured by the second terminal. specific contents.
  • the user on the first terminal side performs the learned motion to be verified by the first terminal, for example, the user on the first terminal side shakes the first terminal, or the user on the first terminal side swings the first
  • the terminal, or the user on the first terminal side holds the first terminal to perform a drawing operation, and the like, the first terminal performs a motion operation to be verified under the action control of the user on the first terminal side
  • the first terminal may collect the trajectory generated by the motion operation to be verified performed by itself, and wait for the time required to complete the motion operation to be verified to check the motion data.
  • step S304 the first terminal reports the to-be-checked data to the server.
  • the first terminal may establish a wired or wireless connection with the server, and the first terminal may check the to-be-checked based on an established wired or wireless connection with the server. The motion data is reported to the server.
  • step S305 the server performs security verification on the to-be-checked data by using the verification parameter.
  • the server performs security verification on the to-be-checked motion data by using the motion check parameter, that is, verifying that the first terminal performs a motion operation to be verified for security verification. Whether it is an action characterized by the motion check parameter configured by the second terminal. If the user on the first terminal side needs to know the specific content of the motion operation to be verified from the user on the second terminal side, if the security verification is passed, it indicates that the user on the first terminal side successfully succeeds from the user on the second terminal side. Obtaining the specific content of the action characterized by the motion check parameter, indicating that the user on the first terminal side is a legal identity user, further indicating that the first terminal that is the originating service request is a legal terminal, thereby confirming service processing Process security.
  • the motion check parameter that is, verifying that the first terminal performs a motion operation to be verified for security verification. Whether it is an action characterized by the motion check parameter configured by the second terminal. If the user on the first terminal side needs to know the specific content of the motion operation to
  • step S306 after the verification is passed, the server processes the requested service.
  • the server processes the requested service, for example, the first terminal and the second terminal perform a transaction of the virtual item in the game application, and the requested service is a service including transaction data, the server It is necessary to transfer the virtual item including the transaction and the transaction data such as points, virtual currency, and the like involved in the virtual item between the first terminal and the second terminal.
  • the user A purchases the item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the service.
  • the requested service is a service including account data, and the server needs to be based on the attribute of the purchased item.
  • the account data equivalent to the purchased item in the account of the user B on the second terminal side is transferred.
  • the instant messaging user A requests the instant communication user B of the second terminal side to interact with the picture data through the first terminal, and the requested service is an interactive service including picture data, and the server needs to take the requested picture data from the The second terminal transfers processing to the first terminal.
  • the server when the first terminal sends a service request to the second terminal, the server may request the first terminal to report the motion data to be checked according to the configuration information of the second terminal, and perform the check data to be verified.
  • Security authentication after the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complicated, it is difficult to be recorded and cracked, so the security verification based on the motion data in the business process can effectively ensure the service Improve the reliability of the processing process and improve the security of business processing.
  • FIG. 4 is a flowchart of still another service processing method according to an embodiment of the present invention.
  • the flow of the service processing method is described from the interaction between the first terminal and the second terminal and the server.
  • the method may include at least the following steps S401 to S413.
  • step S401 the server generates a configuration of the second terminal according to a configuration operation of the second terminal. Set the information.
  • the configuration information may include a verification parameter, where the verification parameter includes, but is not limited to, a facial expression, a fingerprint, a voice, and the like of the user on the terminal side, and the fingerprint recognition technology, the fingerprint recognition technology, Speech recognition technology and other ways to achieve.
  • the check parameter may also be a motion check parameter, where the motion check parameter may be pre-configured by the second terminal for performing security verification on the service involved in the second terminal.
  • the configuration information may further include service information; the service information may include at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type.
  • step S401 may include the following steps A-D:
  • the server acquires service information configured by the second terminal when the configuration operation of the second terminal is detected.
  • the user on the second terminal side can perform service configuration on the server by using the second terminal. Specifically, when the user on the second terminal side performs account registration in the server, the user can pass the second terminal.
  • the configuration operation is initiated by the second terminal when the user on the second terminal side wants to strengthen account security or service processing security.
  • the service configuration may include the configuration of the service information. Specifically, the user on the second terminal side inputs the configured service information in the service configuration process, for example, the user on the second terminal side can input the acceptable or the second terminal can process the service information.
  • the type of business, and confirm whether the type of business entered requires security verification, as well as information indicating how the business type is handled.
  • the service information may include at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type.
  • the service type may be classified according to risks that may exist in the business process, and may include, but is not limited to, a security type or a risk type.
  • a preset risk threshold may be introduced, where the risk factor involved in the processing of the security type service is lower than a preset risk threshold, and the risk coefficient involved in the processing of the risk type service is higher than the pre-process Set the risk threshold.
  • the preset risk threshold may be set according to actual needs, for example, may be set based on factors such as Trojan risk, phishing risk, or risk tolerance of the user on the second terminal side. Risk threshold.
  • the service of the security type may include, but is not limited to, an interactive service including multimedia data such as pictures, audio and video.
  • the risk type of service may include, but is not limited to, an interactive service including transaction data or account data. Further, the risk type may be classified into a low risk type or a high risk type according to the size of the data value.
  • the data value to be processed involved in the low-risk type service is less than a preset value; for example, a data transfer service in which the amount of money is less than a preset value; and the data value to be processed involved in the high-risk type service It is greater than or equal to the preset value; for example, the data transfer service for which the payment is greater than the preset value, and so on.
  • the security verification attribute may include a positive attribute or a negative attribute, the affirmative attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the security verification attribute may be represented by a flag bit, for example, the flag of the affirmative attribute may be set to 1, and the flag of the negative attribute may be set to 0;
  • the processing manner of the service type may include, but is not limited to, the processing method corresponding to the security type may be directly performing service processing; the processing method corresponding to the low risk type may output a notification after the service processing; and the processing corresponding to the high risk type The method can output a notification before the business processing, and perform business processing after obtaining the confirmation.
  • the server acquires motion feature data generated by the second terminal to perform the configuration operation.
  • the second terminal may be a terminal with a motion detection function, and the second terminal may be used to detect various motion operations performed by itself.
  • the second terminal may be a terminal built with a sensing device such as a gyroscope, an acceleration sensor, a gravity sensor, etc., and the second terminal may detect various motion operations performed by itself through the built-in sensing device.
  • the motion check parameters may include motion trajectories and motion time.
  • the user on the second terminal side can perform service configuration on the server by using the second terminal.
  • the service configuration can include the configuration of the motion check parameter.
  • the user on the second terminal side can pass the service during the service configuration process.
  • the second terminal performs an action for performing security verification.
  • the user on the second terminal side may shake the second terminal, or the user on the second terminal side may wave the second terminal, or the user on the second terminal side.
  • the second terminal may be handheld to perform a drawing operation, and the like, the second terminal performs a motion operation under the motion control of the user on the second terminal side, and the second terminal may detect a motion operation performed by itself
  • the generated trajectory, the time required to complete the motion operation, and the like, and the motion feature data are reported to the server.
  • the server determines the motion feature data as a motion check parameter for performing security verification.
  • the motion check parameter may be pre-configured by the second terminal for performing security verification on the service involved in the second terminal.
  • the server will be on the second terminal.
  • the reported motion feature data is determined as the motion check parameter.
  • the server generates configuration information of the second terminal according to the service information and the motion check parameter.
  • step S402 the first terminal sends a service request for the second terminal.
  • the first terminal may send a service request to the second terminal by using the server, specifically, the first terminal may send a service request for the second terminal to the server, where the service request is used for requesting
  • the second terminal processes the requested service. For example, the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the payment, and the first terminal may send the data requesting the second terminal to pay for the second terminal. Transfer business requests.
  • step S403 the server forwards the service request sent by the first terminal to the second terminal.
  • the server may establish a wired or wireless connection with the second terminal, and the server may forward the first terminal to the second terminal according to an established wired or wireless connection with the second terminal.
  • Business request For example, the user A purchases an item in the e-commerce website through the first terminal, requests the user B on the second terminal side to make a payment, and the server forwards the data transfer service request for the payment sent by the first terminal to the The second terminal.
  • step S404 the server acquires configuration information of the second terminal, where the configuration information carries a motion check parameter.
  • the server pre-stores the configuration information of the second terminal.
  • the server may obtain configuration information of the second terminal from the storage space.
  • step S405 whether the service requested by the server needs to perform security verification; if the requested service needs to perform security verification, then go to step S406; otherwise, go to step S412.
  • step S405 may include the following steps E-F.
  • the server detects whether a current location of the first terminal is located in a preset security area.
  • the preset security zone may be set according to actual needs, for example, may be set based on the location of the first terminal, and the preset may be set if the first terminal is generally used in Shenzhen.
  • the safe area is Shenzhen.
  • the server may request the first terminal to report the current location, and the first terminal may acquire the current location of the first terminal by using a positioning technology such as GPS or GPRS, and report the current location to the server, where the server determines Whether the current location of the first terminal is located in a preset security area, for example, detecting whether the current location of the first terminal is in Shenzhen.
  • the server If the current location of the first terminal is in the preset security zone, the server confirms that the requested service does not need to perform security verification; if the current location of the first terminal is outside the preset security zone, the server confirms The requested service requires security verification.
  • the security of the service requested by the first terminal may be confirmed, and the first terminal is requested. If the current location of the first terminal is outside the preset security zone, indicating that the location status of the first terminal is abnormal, there may be a risk that the terminal is blocked or the terminal information is stolen. Performing security verification on the service requested by the first terminal.
  • step S405 may include the following steps G-H.
  • the server detects whether the identifier of the first terminal is a preset security identifier.
  • the preset security identifier may be set according to a relationship chain of the user on the second terminal side, for example, an instant communication identifier of the instant communication friend of the user on the second terminal side or a common identifier of the instant communication friend
  • the device identifier is set to a preset security identifier, or the SNS identifier of the SNS friend of the user on the second terminal side or the common device identifier of the SNS friend may be set as the preset security identifier.
  • the server may determine whether the identifier of the first terminal is a preset security identifier.
  • the server If the identifier of the first terminal is a preset security identifier, the server confirms that the requested service does not need to perform security verification; if the identifier of the first terminal is a non-pre-defined security identifier, the server confirms the requested service. Security verification is required.
  • step S405 may include the following steps I-J.
  • the server detects a security verification attribute of a service type of the requested service.
  • the configuration information of the second terminal includes at least one service type and a security verification attribute of each service type.
  • the security verification attribute includes a positive attribute or a negative attribute, the positive attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the server determines that the security verification attribute of the service type of the requested service is a positive attribute or a negative attribute.
  • the server If the security verification attribute of the service type of the requested service is a positive attribute, the server confirms that the requested service does not need to perform security verification; if the security verification attribute of the service type of the requested service is a negative attribute, the server confirms the request The business needs to be verified securely.
  • step S406 the server sends a verification notification to the first terminal.
  • the to-be-checked data includes motion data to be verified, and the to-be-checked motion data is a motion operation process in which the first terminal is performing verification for security verification.
  • the motion data collected in the game.
  • the verification notification is used to notify that the service requested by the first terminal needs to perform security verification, and the first terminal needs to perform a motion operation to be verified for security verification, and report the to-be-checked motion operation. Verify motion data.
  • the server may establish a wired or wireless connection with the first terminal, and the server may send a verification notification to the first terminal based on an established wired or wireless connection with the first terminal.
  • step S407 the first terminal outputs verification prompt information according to the verification notification.
  • the verification prompt information may be used to prompt the user on the first terminal side to perform a motion operation to be verified for security verification; for example, the verification prompt information may be “Please complete the verification action of the payment generation! "and many more.
  • step S408 when detecting a motion operation generated according to the verification prompt information, the first terminal collects motion data to be verified generated by the motion operation.
  • the first terminal may be a terminal with a motion detection function, and the first terminal may be used to detect various motion operations performed by the first terminal, for example, the first terminal may be a built-in gyroscope or an acceleration sensor. a terminal of the sensing device such as a gravity sensor, wherein the first terminal can detect various motion operations performed by itself through the built-in sensing device.
  • the user on the first terminal side performs a motion operation to be verified for security verification by the first terminal under the prompt of the verification prompt information. Specifically, the user on the first terminal side needs to know the specific content of the motion operation to be verified before performing the motion operation to be verified.
  • the user on the first terminal side The specific content of the motion operation to be verified may be obtained by performing telephone communication, face-to-face communication, or network video communication with the user on the second terminal side, and the specific content of the motion operation to be verified is The specific content of the action represented by the motion check parameter of the second terminal configuration.
  • the user on the first terminal side performs the learned motion to be verified by the first terminal, for example, the user on the first terminal side shakes the first terminal, or the user on the first terminal side swings the first
  • the terminal, or the user on the first terminal side holds the first terminal to perform a drawing operation, and the like, the first terminal performs a motion operation to be verified under the action control of the user on the first terminal side
  • the first terminal may collect the trajectory generated by the motion operation to be verified performed by itself, and wait for the time required to complete the motion operation to be verified to check the motion data.
  • step S409 the first terminal reports the motion data to be checked to the server.
  • the first terminal may establish a wired or wireless connection with the server, and the first terminal may report the to-be-checked motion data based on an established wired or wireless connection with the server. To the server.
  • step S410 the server calculates a similarity between the motion check parameter and the motion data to be checked.
  • the server may use a similar algorithm, such as a cross-correlation algorithm, a HASH algorithm, or the like, to calculate a similarity between the motion check parameter and the motion data to be checked.
  • the similarity ranges from [0, 1], and the closer the similarity is to 0, the less similar the motion check parameter is to the motion data to be checked; the closer the similarity is to 1, It indicates that the motion check parameter is similar to the motion data to be checked.
  • step S411 if the similarity is greater than or equal to the preset threshold, the server confirms that the verification is passed, and if the similarity is less than the preset threshold, the server confirms that the verification fails.
  • the preset threshold may be set according to actual needs, and the preset threshold has a value range of [0, 1]. If the similarity is greater than or equal to a preset threshold, indicating that the to-be-checked operation performed by the user on the first terminal side for security verification is characterized by the motion check parameter configured by the second terminal.
  • the action is a similar action, indicating that the user on the first terminal side successfully obtains the specific content of the action represented by the motion check parameter from the user on the second terminal side, and may indicate the first terminal side
  • the user who is a legal user further indicates that the first terminal that initiates the service request is a legitimate terminal, thereby confirming the security of the service processing process, and the server can confirm that the verification is successful.
  • the similarity is less than the preset threshold, indicating that the operation to be verified for security verification performed by the user on the first terminal side is characterized by the motion check parameter configured by the second terminal.
  • the action is not a similar action, indicating that the user on the first terminal side cannot obtain the specific content of the action represented by the motion check parameter from the user on the second terminal side, and may indicate the first terminal side
  • the user whose user is an illegal identity further indicates that the first terminal that is the originating service request is an illegal terminal, thereby confirming that there may be a risk in the service processing process, and the server may confirm that the verification fails.
  • step S412 after the verification is passed, the server reads the processing manner of the service type of the requested service from the configuration information.
  • the processing manner of the service type may include, but is not limited to, the processing method corresponding to the security type may be directly performing service processing; the processing method corresponding to the low risk type may output a notification after the service processing; and the processing corresponding to the high risk type The method can output a notification before the business processing, and perform business processing after obtaining the confirmation.
  • step S413 the server performs the requested service according to the processed processing manner. Reason.
  • the server processes the requested service according to the read processing manner. For example, the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the service, and the requested service is included.
  • the service of the account data the type of the service including the account data is a risk type; the server may determine that the requested service is low risk according to the data value size of the account data involved in the requested service (ie, the price of the item to be paid) a type or a high-risk type, if the server determines that the requested service is of a low-risk type, the server may directly transfer the account data equivalent to the purchased item in the account of the user B on the second terminal side, And sending, to the second terminal, the processed notification message after the processing; if the server determines that the requested service is of a high risk type, the server first sends a data transfer request to the second terminal, waiting for the second After the user B on the terminal side confirms, the account of the user B on the second terminal side is equivalent to the
  • the server when the first terminal sends a service request to the second terminal, the server may request the first terminal to report the motion data to be checked according to the configuration information of the second terminal, and perform the check data to be verified.
  • Security authentication after the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complicated, it is difficult to be recorded and cracked, so the security verification based on the motion data in the business process can effectively ensure the service Improve the reliability of the processing process and improve the security of business processing.
  • a service processing apparatus will be described in detail below with reference to FIG. 5 to FIG.
  • the service processing device shown in Figure 5 - Figure 6 can be run in a terminal, specifically in the first terminal according to the embodiment of the present invention, to be applied to the method shown in Figure 1 - Figure 4 above. .
  • FIG. 5 is a schematic structural diagram of a service processing apparatus according to an embodiment of the present invention.
  • the apparatus may include a service request unit 101, a notification receiving unit 102, a data collection unit 103, and a reporting unit 104.
  • the service requesting unit 101 is configured to send a service request to the second terminal, so that the server acquires configuration information of the second terminal, where the configuration information carries a verification parameter.
  • the verification parameters include, but are not limited to, authentication parameters such as facial expressions, fingerprints, and voices of the user on the terminal side, which can be implemented by face recognition technology, fingerprint recognition technology, and voice recognition technology, respectively.
  • the check parameter may also be a motion check parameter, and the motion check parameter may include a motion track and a motion time.
  • the motion check parameter may be pre-configured for the second terminal, and used for The information about the security verification of the services involved in the second terminal.
  • the second terminal may be a terminal with a motion detection function, and the second terminal may be used to detect various motion operations performed by the second terminal, for example, the second terminal may be a built-in gyroscope and an acceleration sensor.
  • a terminal of the sensing device such as a gravity sensor, wherein the second terminal can detect various motion operations performed by itself through the built-in sensing device.
  • the user on the second terminal side can perform service configuration on the server by using the second terminal.
  • the service configuration can include the configuration of the motion check parameter.
  • the user on the second terminal side can pass the service during the service configuration process.
  • the second terminal performs an action for performing security verification. For example, the user on the second terminal side may shake the second terminal, or the user on the second terminal side may wave the second terminal, or the user on the second terminal side.
  • the second terminal may be handheld to perform a drawing operation, and the like, the second terminal performs a motion operation under the motion control of the user on the second terminal side, and the second terminal may detect a motion operation performed by itself
  • the generated trajectory, the motion characteristic data such as the time required to complete the motion operation, and the motion feature data are configured based on the motion feature data.
  • the service configuration may further include the configuration of the service information.
  • the user on the second terminal side inputs the configured service information in the service configuration process, for example, the user on the second terminal side can input the acceptable or the second terminal can The type of business being processed, and confirms whether the type of business entered requires security verification, as well as information indicating how the business type is handled.
  • the server generates configuration information of the second terminal according to the configuration of the second terminal, where the configuration information includes the motion check parameter and service information.
  • the service requesting unit 101 may send a service request to the second terminal by using the server. Specifically, the service requesting unit 101 may first send a service request for the second terminal to the server, where the server is located. The second terminal forwards the service request sent by the service requesting unit 101. The service request is used to request the second terminal to process the requested service. For example, the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the service, and the service request unit 101 The data transfer service request for requesting payment by the second terminal may be sent to the server, and the server forwards the data transfer service request for the payment sent by the service requesting unit 101 to the second terminal.
  • the notification receiving unit 102 is configured to receive a verification notification sent by the server.
  • the verification notification is used to notify that the service requested by the first terminal needs to perform security verification, and the first terminal needs to perform a motion operation to be verified for security verification, and report the to-be-checked motion operation. Verify motion data.
  • the first terminal may establish a wired or wireless connection with the server Then, the notification receiving unit 102 can receive the verification notification sent by the server based on a wired or wireless connection established with the server.
  • the data collection unit 103 is configured to collect data to be verified according to the verification notification.
  • the to-be-checked data includes motion data to be checked, and the to-be-checked motion data is in a motion operation of the first terminal to perform verification for security verification.
  • the motion data to be checked is motion data collected by the first terminal during a motion operation to be verified for security verification.
  • the first terminal may be a terminal with a motion detection function, and the first terminal may be used to detect various motion operations performed by the first terminal, for example, the first terminal may be a built-in gyroscope or an acceleration sensor.
  • a terminal of the sensing device such as a gravity sensor
  • the first terminal can be used to detect various motion operations performed by the first terminal through the built-in sensing device.
  • the motion operation to be verified for the security verification is performed by the user on the first terminal side through the first terminal.
  • the user on the first terminal side performs the to-be-corrected state through the first terminal.
  • the specific content of the motion operation to be verified needs to be known.
  • the user on the first terminal side can communicate with the user on the second terminal side and communicate face to face.
  • the specific content of the motion operation to be verified is obtained by means of network video communication, etc.
  • the specific content of the motion operation to be verified is the action represented by the motion check parameter configured by the second terminal.
  • the user on the first terminal side performs the learned motion to be verified by the first terminal, for example, the user on the first terminal side shakes the first terminal, or the user on the first terminal side swings the first
  • the terminal, or the user on the first terminal side holds the first terminal to perform a drawing operation, and the like, the first terminal performs a motion operation to be verified under the action control of the user on the first terminal side
  • the data collection unit 103 can collect, by using the first terminal built-in sensing device, a trajectory generated by the motion operation to be verified performed by the first terminal, and a time waiting for verification to complete the motion operation to be verified. Sports data.
  • the reporting unit 104 is configured to report the motion data to be checked to the server, so that the server performs security verification on the motion data to be verified by using the verification parameter, and after verification , processing the requested business.
  • the first terminal may establish a wired or wireless connection with the server, and the reporting unit 104 may report the to-be-checked motion data to the server based on an established wired or wireless connection with the server.
  • the server performs security verification on the to-be-checked motion data by using the motion check parameter, that is, verifying the exercise to be verified for the security verification performed by the first terminal Determining whether the action is characterized by the motion check parameter configured by the second terminal. If the user on the first terminal side needs to know the specific content of the motion operation to be verified from the user on the second terminal side, if the security verification is passed, it indicates that the user on the first terminal side successfully succeeds from the user on the second terminal side.
  • the server can process the requested service.
  • the server when the first terminal sends a service request to the second terminal, the server may request the first terminal to report the motion data to be checked according to the configuration information of the second terminal, and perform the check data to be verified.
  • Security authentication after the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complicated, it is difficult to be recorded and cracked, so the security verification based on the motion data in the business process can effectively ensure the service Improve the reliability of the processing process and improve the security of business processing.
  • FIG. 6 is a schematic structural diagram of an embodiment of the data collection unit shown in FIG. 5.
  • the data collection unit 103 can include a prompting unit 1301 and an acquisition unit 1302.
  • the prompting unit 1301 is configured to output verification prompt information according to the verification notification.
  • the verification prompt information may be used to prompt the user on the first terminal side to perform a motion operation to be verified for security verification; for example, the verification prompt information may be “Please complete the verification action of the payment generation!” .
  • the collecting unit 1302 is configured to collect motion data to be verified generated by the motion operation when detecting a motion operation generated according to the verification prompt information.
  • the first terminal may be a terminal with a motion detection function, and the first terminal may be used to detect various motion operations performed by the first terminal, for example, the first terminal may be a built-in gyroscope or an acceleration sensor. a terminal of the sensing device such as a gravity sensor, wherein the first terminal can detect various motion operations performed by itself through the built-in sensing device.
  • the user on the first terminal side performs a motion operation to be verified for security verification by using the first terminal, and the user on the first terminal side is executing at the Before the motion operation of the verification is performed, the specific content of the motion operation to be verified needs to be known.
  • the user on the first terminal side can communicate with the user on the second terminal side.
  • the specific content of the motion operation to be verified is obtained by the face-to-face communication or the network video communication, and the specific content of the motion operation to be verified is the motion check parameter configured by the second terminal. Characterizing the action content.
  • the user on the first terminal side performs the learned motion to be verified by the first terminal, for example, the user on the first terminal side shakes the first terminal, or the user on the first terminal side swings the first
  • the terminal, or the user on the first terminal side holds the first terminal to perform a drawing operation, and the like, the first terminal performs a motion operation to be verified under the action control of the user on the first terminal side
  • the collecting unit 1302 may collect the trajectory generated by the motion operation to be verified performed by the first terminal, and the time required to complete the motion operation to be verified to wait for the verification motion data.
  • the business processing method according to FIGS. 1 and 4 may be an image synthesizing method performed by each unit in the business processing apparatus shown in FIGS. 5 and 6.
  • steps S101, S102, S103, and S104 shown in FIG. 1 can be performed by the service requesting unit 101, the notification receiving unit 102, the data collecting unit 103, and the reporting unit 104 shown in FIG. 5, respectively.
  • Steps S407 and S408 shown in FIG. 4 can be performed by the prompting unit 1301 and the collecting unit 1302 shown in FIG. 6, respectively.
  • each unit in the service processing apparatus shown in FIG. 5 and FIG. 6 may be separately or entirely combined into one or several additional units, or one of the units(s) further It can be split into multiple units that are functionally smaller. Thus, not only the same operation can be achieved without affecting the realization of the technical effects of the embodiments of the present invention.
  • a general-purpose computing device such as a computer including a processing unit and a storage element including a central processing unit (CPU), a random access memory (RAM), a read only memory (ROM), and the like.
  • a computer program (including program code) for performing the business processing method as shown in FIGS. 1 and 4 to construct a business processing apparatus as shown in FIGS. 5 and 6, and to implement a business processing method according to an embodiment of the present invention .
  • the computer program can be recorded, for example, on a computer readable recording medium, and loaded in and run in the above-described computing device by a computer readable recording medium.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • the embodiment of the present invention further discloses a terminal, which may be the first one described in the embodiment of the present invention.
  • the first terminal may include a service processing device.
  • a service processing device For the structure and function of the device, refer to the related description of the embodiment shown in FIG. 5 to FIG. 6 , and details are not described herein.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • a service processing apparatus according to an embodiment of the present invention will be described in detail below with reference to FIG. 7 to FIG.
  • the service processing apparatus shown in Figures 7 - 13 can be run in a server to be applied to the methods illustrated in Figures 1-4 above.
  • FIG. 7 is a schematic structural diagram of another service processing apparatus according to an embodiment of the present invention.
  • the apparatus may include: a configuration obtaining unit 201, a notification unit 202, a security verification unit 203, and a service processing unit 204.
  • the configuration obtaining unit 201 is configured to acquire configuration information of the second terminal when the first terminal sends a service request to the second terminal, where the configuration information carries a verification parameter.
  • the verification parameters include, but are not limited to, authentication parameters such as facial expressions, fingerprints, and voices of the user on the terminal side, which can be implemented by face recognition technology, fingerprint recognition technology, and voice recognition technology, respectively.
  • the check parameter may also be a motion check parameter, where the configuration information may carry a motion check parameter, where the motion check parameter may be pre-configured by the second terminal, and is used for the second terminal.
  • the business conducts security verification information.
  • the configuration information may further include service information; the service information may include at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type.
  • the service type may be classified according to risks that may exist in the business process, and may include, but is not limited to, a security type or a risk type.
  • a preset risk threshold may be introduced, where the risk factor involved in the processing of the security type service is lower than a preset risk threshold, and the risk coefficient involved in the processing of the risk type service is higher than the pre-process Set the risk threshold.
  • the preset risk threshold may be set according to actual needs, for example, may be set based on factors such as Trojan risk, phishing risk, or risk tolerance of the user on the second terminal side.
  • the security type of services may include, but is not limited to, multimedia including pictures, audio and video, and the like. Interactive business of data.
  • the risk type of service may include, but is not limited to, an interactive service including transaction data or account data. Further, the risk type may be further divided into a low risk type or a high risk type according to the size of the data value, where the data value to be processed involved in the low risk type service is less than a preset value; for example, the amount is less than a preset value.
  • the data transfer service for the payment of the high-risk type; the data value to be processed involved in the high-risk type of service is greater than or equal to a preset value; for example, the data transfer service for which the payment is greater than the preset value.
  • the security verification attribute may include a positive attribute or a negative attribute, the affirmative attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the security verification attribute may be represented by a flag bit, for example, the flag of the affirmative attribute may be set to 1, and the flag of the negative attribute may be set to 0;
  • the processing manner of the service type may include, but is not limited to, the processing method corresponding to the security type may be directly performing service processing; the processing method corresponding to the low risk type may output a notification after the service processing; and the processing corresponding to the high risk type The method can output a notification before the business processing, and perform business processing after obtaining the confirmation.
  • the notification unit 202 is configured to send a verification notification to the first terminal, so that the first terminal collects data to be verified according to the verification notification, and reports the to-be-checked data to the server.
  • the to-be-checked data includes motion data to be checked, and the to-be-checked motion data is in a motion operation of the first terminal to perform verification for security verification.
  • the verification notification is used to notify that the service requested by the first terminal needs to perform security verification, and the first terminal needs to perform a motion operation to be verified for security verification, and report the to-be-checked motion operation. Verify motion data.
  • the server may establish a wired or wireless connection with the first terminal, and the notification unit 202 may send a verification notification to the first terminal based on an established wired or wireless connection with the first terminal.
  • the first terminal performs a motion operation to be verified for the security verification according to the verification notification, and the motion operation to be verified for the security verification is performed by the user on the first terminal side through the first terminal.
  • the specific content of the motion operation to be verified needs to be known first.
  • the The user on the first terminal side can learn the specific content of the motion operation to be verified by performing telephone communication, face-to-face communication, or network video communication with the user on the second terminal side, and the motion to be verified.
  • Specific content of the operation That is, the specific content of the action characterized by the motion check parameter configured by the second terminal.
  • the user on the first terminal side performs the learned motion to be verified by the first terminal, for example, the user on the first terminal side shakes the first terminal, or the user on the first terminal side swings the first
  • the terminal, or the user on the first terminal side holds the first terminal to perform a drawing operation, and the like, the first terminal performs a motion operation to be verified under the action control of the user on the first terminal side
  • the first terminal may collect the trajectory generated by the motion operation to be verified performed by itself, and wait for the time required to complete the motion operation to be verified to wait for the verification motion data and report it to the server.
  • the security verification unit 203 is configured to perform security verification on the to-be-checked data by using the verification parameter.
  • the security verification unit 203 performs security verification on the to-be-checked motion data by using the motion verification parameter, that is, verifying that the first terminal performs a motion operation to be verified for security verification. Whether it is an action characterized by the motion check parameter configured by the second terminal. If the user on the first terminal side needs to know the specific content of the motion operation to be verified from the user on the second terminal side, if the security verification is passed, it indicates that the user on the first terminal side successfully succeeds from the user on the second terminal side. Obtaining the specific content of the action characterized by the motion check parameter, indicating that the user on the first terminal side is a legal identity user, further indicating that the first terminal that is the originating service request is a legal terminal, thereby confirming service processing Process security.
  • the motion verification parameter that is, verifying that the first terminal performs a motion operation to be verified for security verification. Whether it is an action characterized by the motion check parameter configured by the second terminal. If the user on the first terminal side needs to know the specific content of
  • the service processing unit 204 is configured to process the requested service after the verification is passed.
  • the service processing unit 204 processes the requested service, for example, the first terminal and the second terminal perform a transaction of the virtual item in the game application, and the requested service is a service including transaction data, the service The processing unit 204 needs to transfer the virtual item including the transaction and the transaction data such as points, virtual currency, and the like involved in the virtual item between the first terminal and the second terminal.
  • the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side to pay for the service.
  • the requested service is a service including account data, and the service processing unit 204 needs to be based on the purchased item.
  • the attribute is to perform transfer processing on the account data equivalent to the purchased item in the account of the user B on the second terminal side.
  • the instant communication user A requests the instant communication user B of the second terminal side to interact with the picture data through the first terminal, and the requested service is an interactive service including picture data, and the service processing unit 204 needs to take the requested picture data from The second terminal transfers processing to the first terminal.
  • the apparatus may further include: a configuration unit 205 and a detecting unit 206.
  • the configuration unit 205 is configured to generate configuration information of the second terminal according to the configuration operation of the second terminal.
  • the configuration information may include a verification parameter, where the verification parameter includes, but is not limited to, a facial expression, a fingerprint, a voice, and the like of the user on the terminal side, and the fingerprint recognition technology, the fingerprint recognition technology, Speech recognition technology and other ways to achieve.
  • the check parameter may also be a motion check parameter, where the motion check parameter may be pre-configured by the second terminal for performing security verification on the service involved in the second terminal.
  • the configuration information may further include service information; the service information may include at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type.
  • the detecting unit 206 is configured to detect whether the requested service needs to perform security verification, and if the requested service needs to perform security verification, the notification unit sends a verification notification to the first terminal.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • FIG. 8 is a schematic structural diagram of an embodiment of the security verification unit shown in FIG. 7.
  • the security verification unit 203 may include a similarity calculation unit 2301 and a verification result unit 2302.
  • the similarity calculation unit 2301 is configured to calculate a similarity between the verification parameter and the data to be verified.
  • the similarity computing unit 2301 may employ a similar algorithm, such as a cross-correlation algorithm, a HASH algorithm, etc., to calculate a similarity between the motion check parameter and the motion data to be verified.
  • the similarity ranges from [0, 1], and the closer the similarity is to 0, the less similar the motion check parameter is to the motion data to be checked; the closer the similarity is to 1, It indicates that the motion check parameter is similar to the motion data to be checked.
  • the verification result unit 2302 is configured to confirm that the verification is passed if the similarity is greater than or equal to the preset threshold, or to confirm that the verification fails if the similarity is less than the preset threshold.
  • the preset threshold may be set according to actual needs, and the preset threshold has a value range of [0, 1]. If the similarity is greater than or equal to a preset threshold, indicating that the user on the first terminal side performs
  • the action to be verified for the security verification is similar to the action characterized by the motion check parameter configured by the second terminal, indicating that the user on the first terminal side successfully succeeds from the second terminal side
  • the user obtains the specific content of the action characterized by the motion check parameter, and indicates that the user on the first terminal side is a legal identity user, further indicating that the first terminal that is the originating service request is a legal terminal, thereby confirming the service.
  • the verification result unit 2302 can confirm that the verification is successful.
  • the similarity is less than the preset threshold, indicating that the operation to be verified for security verification performed by the user on the first terminal side is characterized by the motion check parameter configured by the second terminal.
  • the action is not a similar action, indicating that the user on the first terminal side cannot obtain the specific content of the action represented by the motion check parameter from the user on the second terminal side, and may indicate the first terminal side
  • the user whose user is an illegal identity further indicates that the first terminal that is the originating service request is an illegal terminal, thereby confirming that there may be a risk in the service processing process.
  • the verification result unit 2302 may confirm that the verification fails.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • FIG. 9 is a schematic structural diagram of an embodiment of the service processing unit shown in FIG. 7.
  • the service processing unit 204 may include: a reading unit 2401 and a processing unit 2402.
  • the reading unit 2401 is configured to: after the verification is passed, the server reads, from the configuration information, a processing manner of a service type of the requested service.
  • the processing manner of the service type may include, but is not limited to, the processing method corresponding to the security type may be directly performing service processing; the processing method corresponding to the low risk type may output a notification after the service processing; and the processing corresponding to the high risk type The method can output a notification before the business processing, and perform business processing after obtaining the confirmation.
  • the processing unit 2402 is configured to process the requested service according to the read processing manner.
  • the processing unit 2402 processes the requested service according to the read processing manner. For example, the user A purchases an item in the e-commerce website through the first terminal, and requests the user B on the second terminal side. On behalf of the payment, the requested service is a service containing account data, and the service type including the account data is a risk type; the server may be based on the data value of the account data involved in the requested service (ie, the price of the item to be paid for) Determining that the requested service is a low-risk type or a high-risk type. If it is determined that the requested service is of a low-risk type, the processing unit 2402 may directly compare the value of the user B in the account of the user B on the second terminal side with the purchased item.
  • the account data is transferred, and the processed notification message is sent to the second terminal after processing; if it is determined that the requested service is of a high risk type, the processing unit 2402 first sends a data transfer request to the second terminal. After the user B on the second terminal side confirms, the account data equivalent to the purchased item in the account of the user B on the second terminal side is transferred.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • FIG. 10 is a schematic structural diagram of an embodiment of the configuration unit shown in FIG. 7.
  • the configuration unit 205 may include a service information acquisition unit 2501, a motion feature acquisition unit 2502, a parameter determination unit 2503, and a configuration generation unit 2504.
  • the service information obtaining unit 2501 is configured to acquire service information configured by the second terminal when detecting a configuration operation of the second terminal.
  • the user on the second terminal side can perform service configuration on the server by using the second terminal. Specifically, when the user on the second terminal side performs account registration in the server, the user may pass the The second terminal initiates a configuration operation; or, when the user on the second terminal side wants to strengthen account security or service processing security, the second terminal may initiate a configuration operation.
  • the service configuration may include the configuration of the service information. Specifically, the user on the second terminal side inputs the configured service information in the service configuration process, for example, the user on the second terminal side can input the acceptable or the second terminal can process the service information.
  • the type of business and confirm whether the type of business entered requires security verification, as well as information indicating how the business type is handled.
  • the service information may include at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type.
  • the business type can Divided according to the risks that may exist in the business process, including but not limited to: security type or risk type.
  • a preset risk threshold may be introduced, where the risk factor involved in the processing of the security type service is lower than a preset risk threshold, and the risk coefficient involved in the processing of the risk type service is higher than the pre-process Set the risk threshold.
  • the preset risk threshold may be set according to actual needs, for example, may be set based on factors such as Trojan risk, phishing risk, or risk tolerance of the user on the second terminal side. Risk threshold.
  • the service of the security type may include, but is not limited to, an interactive service including multimedia data such as pictures, audio and video.
  • the risk type of service may include, but is not limited to, an interactive service including transaction data or account data. Further, the risk type may be further divided into a low risk type or a high risk type according to the size of the data value, where the data value to be processed involved in the low risk type service is less than a preset value; for example, the amount is less than a preset value.
  • the data transfer service for the payment of the high-risk type; the data value to be processed involved in the high-risk type of service is greater than or equal to a preset value; for example, the data transfer service for which the payment is greater than the preset value.
  • the security verification attribute may include a positive attribute or a negative attribute, the affirmative attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the security verification attribute may be represented by a flag bit, for example, the flag of the affirmative attribute may be set to 1, and the flag of the negative attribute may be set to 0;
  • the processing manner of the service type may include, but is not limited to, the processing method corresponding to the security type may be directly performing service processing; the processing method corresponding to the low risk type may output a notification after the service processing; and the processing corresponding to the high risk type The method can output a notification before the business processing, and perform business processing after obtaining the confirmation.
  • the motion feature acquiring unit 2502 is configured to acquire motion feature data generated by the second terminal to perform the configuration operation.
  • the second terminal may be a terminal with a motion detection function, and the second terminal may be used to detect various motion operations performed by the second terminal, for example, the second terminal may be a built-in gyroscope and an acceleration sensor. And a terminal of the sensing device such as a gravity sensor, wherein the second terminal can detect various motion operations performed by itself through the built-in sensing device.
  • the motion check parameters may include motion trajectories and motion time.
  • the user on the second terminal side can perform service configuration on the server by using the second terminal.
  • the service configuration can include the configuration of the motion check parameter. Specifically, the user on the second terminal side can pass the service during the service configuration process.
  • the second terminal performs an action for performing security verification, for example, the user on the second terminal side can shake the second terminal, or the user on the second terminal side can wave the second terminal, or the user on the second terminal side can hold the second terminal to perform painting operation, etc.
  • the second terminal performs a motion operation under the action control of the user on the second terminal side, and the second terminal can detect a trajectory generated by the motion operation performed by itself, and a time required to complete the motion operation
  • the motion feature data is equalized, and the motion feature data is reported to the motion feature acquisition unit 2502.
  • the parameter determining unit 2503 is configured to determine the motion feature data as a motion check parameter for performing security verification.
  • the motion check parameter may be pre-configured by the second terminal for performing security verification on the service involved in the second terminal.
  • the parameter determining unit 2503 determines the motion feature data reported by the second terminal as the motion check parameter.
  • the configuration generating unit 2504 is configured to generate configuration information of the second terminal according to the service information and the motion check parameter.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • FIG. 11 is a schematic structural diagram of an embodiment of the detecting unit shown in FIG. 7.
  • the detecting unit 206 may include a position detecting unit 2601 and a first result confirming unit 2602.
  • the location detecting unit 2601 is configured to detect whether a current location of the first terminal is located in a preset security zone.
  • the preset security zone may be set according to actual needs, for example, may be set based on the location of the first terminal, and the preset may be set if the first terminal is generally used in Shenzhen.
  • the safe area is Shenzhen.
  • the location detecting unit 2601 may request the first terminal to report the current location, and the first terminal may acquire a current location of the first terminal by using a positioning technology such as GPS or GPRS, and report the current location to the server, where the location detecting unit 2601: Determine whether the current location of the first terminal is located in a preset security area, for example, detecting whether the current location of the first terminal is in Shenzhen.
  • the first result confirming unit 2602 is configured to: if the current location of the first terminal is located in the preset security area, confirm that the requested service does not need to perform security verification, or if the current location of the first terminal is located Outside the preset security zone, confirm that the requested service requires security verification.
  • the security of the service requested by the first terminal may be confirmed, and the first terminal is requested. If the current location of the first terminal is outside the preset security zone, indicating that the location status of the first terminal is abnormal, there may be a risk that the terminal is blocked or the terminal information is stolen. Performing security verification on the service requested by the first terminal.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • FIG. 12 is a schematic structural diagram of another embodiment of the detecting unit shown in FIG. 7.
  • the detecting unit 206 may include an identifier detecting unit 2611 and a second result confirming unit 2612.
  • the identifier detecting unit 2611 is configured to detect whether the identifier of the first terminal is a preset security identifier.
  • the preset security identifier may be set according to a relationship chain of the user on the second terminal side, for example, an instant communication identifier of the instant communication friend of the user on the second terminal side or a common identifier of the instant communication friend
  • the device identifier is set to a preset security identifier, or the SNS identifier of the SNS friend of the user on the second terminal side or the common device identifier of the SNS friend may be set as the preset security identifier.
  • the identifier detecting unit 2611 may determine whether the identifier of the first terminal is a preset security identifier.
  • the second result confirming unit 2612 is configured to: if the identifier of the first terminal is a preset security identifier, confirm that the requested service does not need to perform security verification, or if the identifier of the first terminal is not preset Security identification to confirm that the requested service requires security verification.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complicated, it is difficult to be recorded and cracked, so in the process of business processing The security verification of the motion data can effectively ensure the reliability of the business process and improve the security of the business process.
  • FIG. 13 is a schematic structural diagram of still another embodiment of the detecting unit shown in FIG. 7.
  • the detecting unit 206 may include an attribute detecting unit 2621 and a third result confirming unit 2622.
  • the attribute detecting unit 2621 is configured to detect a security verification attribute of a service type of the requested service.
  • the configuration information of the second terminal includes at least one service type and a security verification attribute of each service type.
  • the security verification attribute includes a positive attribute or a negative attribute, the positive attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the attribute detecting unit 2621 determines that the security verification attribute of the service type of the requested service is a positive attribute or a negative attribute.
  • the third result confirming unit 2622 is configured to: if the security verification attribute of the service type of the requested service is a positive attribute, confirm that the requested service does not need to perform security verification, or is used for the security verification attribute of the service type of the requested service. To negate the attribute, confirm that the requested service requires security verification.
  • the business processing method according to FIGS. 2 to 4 may be an image synthesizing method performed by each unit in the business processing apparatus shown in FIGS. 7 to 13.
  • steps S201, S202, S203, and S204 shown in FIG. 2 can be performed by the configuration acquisition unit 201, the notification unit 202, the security verification unit 203, and the service processing unit 204 shown in FIG. 7, respectively.
  • Steps S401, S405, and S406 shown in FIG. 4 can be performed by the configuration unit 205 shown in FIG. 7 in combination with the detecting unit 206, respectively.
  • Steps S410, S411 shown in FIG. 4 can be performed by the similarity calculating unit 2301 and the verification result unit 2302 shown in FIG. 8, respectively.
  • Steps S412, S413 shown in FIG. 4 can be performed by the reading unit 2401 and the processing unit 2402 shown in FIG. 9, respectively.
  • each unit in the service processing apparatus shown in FIG. 7 to FIG. 13 may be separately or entirely combined into one or several additional units, or one of the units(s) may also be It can be split into multiple units that are functionally smaller. Thus, not only the same operation can be achieved without affecting the realization of the technical effects of the embodiments of the present invention.
  • a general-purpose computing device such as a computer including a processing unit and a storage element including a central processing unit (CPU), a random access memory (RAM), a read only memory (ROM), and the like.
  • CPU central processing unit
  • RAM random access memory
  • ROM read only memory
  • a computer program (including program code) to construct a business processing apparatus as shown in FIGS. 7 to 13 and to implement a business processing method according to an embodiment of the present invention.
  • the computer program can be recorded, for example, on a computer readable recording medium, and loaded in and run in the above-described computing device by a computer readable recording medium.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • the embodiment of the present invention further discloses a server, which may include a service processing device.
  • a server which may include a service processing device.
  • a service processing device For the structure and function of the device, refer to the related description of the embodiment shown in FIG. 7 to FIG. 13 , and details are not described herein.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • FIG. 14 is a schematic structural diagram of another terminal according to an embodiment of the present invention.
  • the terminal of the embodiment of the present invention includes at least one processor 10, such as a CPU, at least one communication bus 11, at least one network interface 12, and a memory 13.
  • the communication bus 11 is used to implement connection communication between these components.
  • the network interface 12 may optionally include a standard wired interface, a wireless interface (such as WI-FI, a mobile communication interface, etc.).
  • the memory 13 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the memory 13 can also optionally be at least one storage device located remotely from the processor 10.
  • a memory 13 as a computer storage medium stores an operating system, a network communication module, and stores programs for performing business processing and other programs.
  • the processor 10 can be used to invoke a program stored in the memory 13 for performing business processing, and perform the following steps:
  • the configuration information carries a motion check parameter
  • the motion data to be checked is reported to the server, so that the server performs security verification on the motion data to be checked by using the motion check parameter, and processes the requested service after the verification is passed. .
  • the motion check parameter includes a motion track and a motion time; the configuration information further includes service information;
  • the service information includes at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type;
  • the security verification attribute includes a positive attribute or a negative attribute, the affirmative attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the processor 10 when the processor 10 performs the step of collecting the motion data to be checked according to the verification notification, the processor 10 specifically performs the following steps:
  • the motion data to be checked generated by the motion operation is collected.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • FIG. 15 is a schematic structural diagram of another server according to an embodiment of the present invention.
  • the server of the embodiment of the invention comprises at least one processor 20, such as a CPU, at least one communication bus 21, at least one network interface 22, and a memory 23.
  • the communication bus 21 is used to implement connection communication between these components.
  • the network interface 22 may optionally include a standard wired interface, a wireless interface (such as WI-FI, a mobile communication interface, etc.).
  • the memory 23 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory. Optionally, the memory 23 may be at least one located away from the foregoing processing.
  • the storage device of the device 20 As shown in FIG. 15, an operating system, a network communication module, and a program for performing business processing and other programs are stored in the memory 23 as a computer storage medium.
  • the processor 20 may be configured to invoke a program stored in the memory 23 for performing business processing, and perform the following steps:
  • the first terminal When the first terminal sends a service request to the second terminal, acquiring configuration information of the second terminal, where the configuration information carries a motion check parameter;
  • the motion verification data is used to perform security verification on the motion data to be checked, and after the verification is passed, the requested service is processed.
  • the motion check parameter includes a motion track and a motion time; the configuration information further includes service information;
  • the service information includes at least one service type, a security verification attribute of each service type in the at least one service type, and a processing manner of each service type;
  • the security verification attribute includes a positive attribute or a negative attribute, the affirmative attribute is used to indicate that no security verification is required, and the negative attribute is used to indicate that security verification is required.
  • the processor 20 performs the following steps before the step of acquiring the configuration information of the second terminal when the first terminal sends a service request to the second terminal:
  • the server generates configuration information of the second terminal according to the configuration operation of the second terminal.
  • the processor 20 specifically performs the following steps:
  • the processor 20 before performing the step of the first terminal sending the verification notification, the processor 20 further performs the following steps:
  • the step of sending a verification notification to the first terminal is performed.
  • the processor 20 performs the following steps when performing the step of detecting whether the requested service needs to perform security verification:
  • the processor 20 performs the following steps when performing the step of detecting whether the requested service needs to perform security verification:
  • the identifier of the first terminal is a preset security identifier, confirm that the requested service does not need to perform security verification;
  • the identifier of the first terminal is a non-preset security identifier, it is confirmed that the requested service needs to perform security verification.
  • the processor 20 performs the following steps when performing the step of detecting whether the requested service needs to perform security verification:
  • security verification attribute of the service type of the requested service is a positive attribute, it is confirmed that the requested service does not need to perform security verification
  • the security verification attribute of the service type of the requested service is a negative attribute, it is confirmed that the requested service needs to perform security verification.
  • the processor 20 specifically performs the following steps:
  • processor 20 performs the step of processing the requested service after the verification is passed, the following steps are specifically performed:
  • the processing manner of the service type of the requested service is read from the configuration information
  • the requested service is processed according to the processing method that is read.
  • the server may request the first terminal to report the to-be-checked motion data according to the configuration information of the second terminal, and perform security authentication on the reported data to be verified. After the security authentication is passed, the server processes the requested service; since the content of the motion data is relatively complex and difficult to be recorded and cracked, security verification based on the motion data during the service processing process can effectively ensure the service processing process. Reliability, improve the security of business processing.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé et un dispositif de traitement de service. Le procédé peut comprendre les étapes suivantes : lorsqu'un premier terminal envoie une demande de service à un second terminal, un serveur acquiert des informations de configuration concernant le second terminal, les informations de configuration contenant un paramètre de vérification ; le serveur envoie une notification de vérification au premier terminal ; le premier terminal recueille des données à vérifier en fonction de la notification de vérification et rapporte les données à vérifier au serveur ; et le serveur utilise le paramètre de vérification pour effectuer une vérification de sécurité sur les données à vérifier et traite un service demandé une fois la vérification réussie. La présente invention permet d'effectuer une authentification de sécurité sur le processus de demande de service sur la base du mouvement d'un demandeur de service et d'améliorer la sécurité de traitement du service.
PCT/CN2015/092136 2014-10-17 2015-10-16 Procédé et dispositif de traitement de service WO2016058556A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410554653.4A CN104901936B (zh) 2014-10-17 2014-10-17 一种业务处理方法、装置、终端及服务器
CN201410554653.4 2014-10-17

Publications (1)

Publication Number Publication Date
WO2016058556A1 true WO2016058556A1 (fr) 2016-04-21

Family

ID=54034334

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/092136 WO2016058556A1 (fr) 2014-10-17 2015-10-16 Procédé et dispositif de traitement de service

Country Status (2)

Country Link
CN (1) CN104901936B (fr)
WO (1) WO2016058556A1 (fr)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018001129A1 (fr) * 2016-06-29 2018-01-04 阿里巴巴集团控股有限公司 Procédé et dispositif de transaction de réseau basés sur une commande de séparation de privilèges
CN110737548A (zh) * 2019-10-28 2020-01-31 聚好看科技股份有限公司 数据请求方法和服务器
CN111427566A (zh) * 2020-03-18 2020-07-17 北京达佳互联信息技术有限公司 适于模拟接口平台的数据处理方法和装置、服务器
CN111444224A (zh) * 2020-03-24 2020-07-24 政采云有限公司 一种业务数据校验方法及装置
CN113282650A (zh) * 2020-11-24 2021-08-20 苏州律点信息科技有限公司 基于大数据的业务数据处理方法及装置
CN113838238A (zh) * 2021-09-26 2021-12-24 北京紫光展锐通信技术有限公司 业务处理方法、装置及设备
CN113837584A (zh) * 2021-09-17 2021-12-24 平安养老保险股份有限公司 业务处理系统和基于业务处理系统的异常数据处理方法

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104901936B (zh) * 2014-10-17 2018-12-07 腾讯科技(深圳)有限公司 一种业务处理方法、装置、终端及服务器
CN107645483B (zh) * 2016-07-22 2021-03-19 创新先进技术有限公司 风险识别方法、风险识别装置、云风险识别装置及系统
CN111291143A (zh) * 2020-01-16 2020-06-16 深圳市华傲数据技术有限公司 网格数据采集方法以及系统
CN113194366B (zh) * 2021-04-23 2022-06-03 烽火通信科技股份有限公司 一种基于闭环约束的业务配置合理性校验方法与装置
CN113487317A (zh) * 2021-07-27 2021-10-08 中国银行股份有限公司 一种身份认证方法、装置及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103152317A (zh) * 2011-12-07 2013-06-12 金蝶软件(中国)有限公司 动态验证方法及装置
CN103297437A (zh) * 2013-06-20 2013-09-11 中国软件与技术服务股份有限公司 一种移动智能终端安全访问服务器的方法
CN103348353A (zh) * 2010-10-06 2013-10-09 西里克斯系统公司 基于移动设备的物理位置对资源访问进行中介调节
CN103685195A (zh) * 2012-09-21 2014-03-26 华为技术有限公司 用户验证处理方法、用户设备和服务器
CN104901936A (zh) * 2014-10-17 2015-09-09 腾讯科技(深圳)有限公司 一种业务处理方法、装置、终端及服务器

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103348353A (zh) * 2010-10-06 2013-10-09 西里克斯系统公司 基于移动设备的物理位置对资源访问进行中介调节
CN103152317A (zh) * 2011-12-07 2013-06-12 金蝶软件(中国)有限公司 动态验证方法及装置
CN103685195A (zh) * 2012-09-21 2014-03-26 华为技术有限公司 用户验证处理方法、用户设备和服务器
CN103297437A (zh) * 2013-06-20 2013-09-11 中国软件与技术服务股份有限公司 一种移动智能终端安全访问服务器的方法
CN104901936A (zh) * 2014-10-17 2015-09-09 腾讯科技(深圳)有限公司 一种业务处理方法、装置、终端及服务器

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018001129A1 (fr) * 2016-06-29 2018-01-04 阿里巴巴集团控股有限公司 Procédé et dispositif de transaction de réseau basés sur une commande de séparation de privilèges
CN110737548A (zh) * 2019-10-28 2020-01-31 聚好看科技股份有限公司 数据请求方法和服务器
CN111427566A (zh) * 2020-03-18 2020-07-17 北京达佳互联信息技术有限公司 适于模拟接口平台的数据处理方法和装置、服务器
CN111427566B (zh) * 2020-03-18 2024-05-07 北京达佳互联信息技术有限公司 适于模拟接口平台的数据处理方法和装置、服务器
CN111444224A (zh) * 2020-03-24 2020-07-24 政采云有限公司 一种业务数据校验方法及装置
CN111444224B (zh) * 2020-03-24 2023-08-15 政采云有限公司 一种业务数据校验方法及装置
CN113282650A (zh) * 2020-11-24 2021-08-20 苏州律点信息科技有限公司 基于大数据的业务数据处理方法及装置
CN113837584A (zh) * 2021-09-17 2021-12-24 平安养老保险股份有限公司 业务处理系统和基于业务处理系统的异常数据处理方法
CN113837584B (zh) * 2021-09-17 2024-04-12 平安养老保险股份有限公司 业务处理系统和基于业务处理系统的异常数据处理方法
CN113838238A (zh) * 2021-09-26 2021-12-24 北京紫光展锐通信技术有限公司 业务处理方法、装置及设备

Also Published As

Publication number Publication date
CN104901936B (zh) 2018-12-07
CN104901936A (zh) 2015-09-09

Similar Documents

Publication Publication Date Title
WO2016058556A1 (fr) Procédé et dispositif de traitement de service
US11010803B2 (en) Identity verification and authentication
TWI686757B (zh) 資源轉移方法、資金支付方法、裝置及電子設備
JP6653268B2 (ja) 異なるチャネル上で強力な認証イベントを伝えるシステム及び方法
TWI530894B (zh) 資訊驗證的方法、相關裝置及系統
US20150220933A1 (en) Methods and systems for making secure online payments
US20150294313A1 (en) Systems, apparatus and methods for improved authentication
US11212871B2 (en) Network of trust with blockchain
US10015171B1 (en) Authentication using metadata from posts made to social networking websites
US20180137480A1 (en) Mobile device gesture and proximity communication
TW201516903A (zh) 安全支付方法、相關裝置及系統
JP7213596B2 (ja) 動的ラスタライズ管理に基づく身元識別方法、装置及びサーバ
CA2772349A1 (fr) Authentification a l'aide d'un element d'authentification d'application
CN105656850B (zh) 一种数据处理方法、相关装置及系统
US11900354B2 (en) Remote commands using network of trust
US20240062187A1 (en) Network of trust for bill splitting
US20210112068A1 (en) Data security method utilizing mesh network dynamic scoring
US11037146B2 (en) Managing product returns associated with a user device
CN110503549B (zh) 数据处理方法、装置、系统、电子设备和介质
US10270771B1 (en) Mid-session live user authentication
CN111784355B (zh) 一种基于边缘计算的交易安全性验证方法及装置
CN118171252A (zh) 身份识别方法、装置、计算机设备和存储介质
CA2982061A1 (fr) Gestion de retours de produit associes a un dispositif utilisateur
KR20140089236A (ko) 온라인 뱅킹을 위한 인증 처리방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15850078

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 07/09/2017)

122 Ep: pct application non-entry in european phase

Ref document number: 15850078

Country of ref document: EP

Kind code of ref document: A1