WO2016095564A1 - Procédé et dispositif de vérification d'identité - Google Patents

Procédé et dispositif de vérification d'identité Download PDF

Info

Publication number
WO2016095564A1
WO2016095564A1 PCT/CN2015/088404 CN2015088404W WO2016095564A1 WO 2016095564 A1 WO2016095564 A1 WO 2016095564A1 CN 2015088404 W CN2015088404 W CN 2015088404W WO 2016095564 A1 WO2016095564 A1 WO 2016095564A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
identity verification
detected
authentication
biological information
Prior art date
Application number
PCT/CN2015/088404
Other languages
English (en)
Chinese (zh)
Inventor
杜霁轩
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016095564A1 publication Critical patent/WO2016095564A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • This document relates to, but is not limited to, smart terminal technology, and more particularly to a method, apparatus, and computer readable storage medium for implementing authentication.
  • the authentication method commonly used by the website is that when the user applies for the network service, the user is prompted to input user information such as an account and password for the user to apply for the network service, and prompt the user to input a verification code according to the information in the provided picture, that is, a person skilled in the art.
  • a well-known public Turing machine test If you enter the wrong verification code, you will not be able to pass the verification even if you entered the correct user information. This better prevents malicious attacks against websites and improves the reliability of web services provided by websites.
  • the embodiment of the invention provides a method and device for implementing identity verification, which can reduce the complexity of the user to perform identity verification, thereby improving the user experience.
  • the embodiment of the invention discloses a method for implementing identity verification, including:
  • the preset biometric information is detected from the biometric information, determining whether the detected biometric information is related to the current identity verification according to a preset time correlation policy;
  • the time correlation policy is: when the absolute value of the difference between the time when the identity verification information is obtained and the time when the biometric information is detected is less than or equal to a time threshold corresponding to the preset biometric information, The detected biological information is related to the current identity verification.
  • the biometric information includes at least one or more of pressure information, temperature information, voiceprint information, and voice information.
  • the preset biometric information is not detected, it is determined that the identity verification fails.
  • An embodiment of the present invention further discloses an apparatus for implementing identity verification, where the apparatus includes a detecting unit, a correlation determining unit, and a verifying unit, where
  • the detecting unit is configured to acquire the authentication information when performing the authentication, and detect whether the obtained biological information includes the preset biological information;
  • a correlation determining unit configured to determine, according to a preset time correlation policy, whether the detected biological information is related to the current identity verification when the detecting unit detects the preset biological information
  • the verification unit is configured to determine, according to the obtained identity information, whether the identity verification is successful, when the relevant determining unit determines that the detected biological information is related to the current identity verification.
  • the time correlation policy is: when the absolute value of the difference between the time when the identity verification is obtained and the time when the biometric information is detected is less than or equal to the preset biometric information.
  • the detected biological information is related to the current authentication.
  • the biometric information includes at least one or more of pressure information, temperature information, voiceprint information, and voice information.
  • the verification unit is further configured to: when the detecting unit does not detect the preset biometric information, determine that the identity verification fails.
  • the verification unit is further configured to: when the correlation determining unit determines that the detected biometric information is not related to the current identity verification, determine that the identity verification fails.
  • the embodiment of the present invention further provides a computer readable storage medium, which stores program instructions, and when the program instructions are executed by the processor, can implement a method for implementing identity verification provided by the embodiments of the present invention.
  • the technical solution of the embodiment of the present invention includes: obtaining identity verification information and biometric information when performing identity verification; detecting whether the obtained biometric information includes pre-set biometric information; and if pre-set biometric information is detected, according to a preset time
  • the correlation policy determines whether the detected biological information is related to the current authentication; if relevant, determines whether the authentication is successful according to the obtained authentication information.
  • the verification code is replaced by the biological information in the identity verification, and the identity verification is performed in combination with the identity verification information. Since the biometric information is automatically acquired by the sensor of the terminal in the identity verification process, the improvement is improved.
  • the success rate of the user's authentication also reduces the complexity of the user's authentication, thereby improving the user experience.
  • FIG. 1 is a flowchart of a method for implementing identity verification according to Embodiment 1 of the present invention
  • FIG. 2 is a schematic structural diagram of a device for implementing identity verification according to Embodiment 2 of the present invention.
  • a method for implementing authentication including:
  • Step 101 Acquire identity verification information and biometric information when performing identity verification, and detect whether the obtained biometric information includes pre-set biometric information;
  • Step 102 If the preset biometric information is detected from the biometric information, determine whether the detected biometric information is related to the current identity verification according to a preset time correlation policy;
  • Step 103 If relevant, determine whether the identity verification is successful according to the obtained authentication information.
  • the biometric information is information generated by human behavior such as clicking and/or emitting voice during the authentication process, and includes at least one or more of pressure information, temperature information, voiceprint information, and voice information.
  • the biometric information may generate pressure information and/or temperature information when a human clicks or presses the touch screen, and may be detected by a sensor of the terminal device, for example, the sensor detects a current and/or a resistance change of the touch screen.
  • the sensor detects temperature information of the touch screen; or detecting information of current and/or resistance change of the touch screen, thereby determining that the human clicks or presses the touch screen Temperature information generated.
  • the optional detection method is not limited to the above example manner, and the smart terminal, such as the human-computer interaction technology of the smart phone, can be used to acquire the biological information.
  • the preset biometric information is pressure information.
  • the touch screen displays an interface for performing authentication, that is, when performing identity verification
  • the identity verification interface displays a user name and password automatically input by the smart terminal according to the pre-stored user information. Also show the submit option to complete the authentication by clicking Confirm.
  • the user submits the option by clicking, clicking the terminal screen generates pressure information, and the smart terminal can obtain the authentication information and the biological information, and the pressure information is detected from the obtained biological information; indicating that the obtained biological information includes the pre- If the biological information is set, proceed to step 102.
  • the authentication information includes a username and password.
  • the smart terminal detects the voice information from the obtained biological information, but does not detect the pressure information, indicating that the obtained biological information is If the preset biometric information is not included, step 102 is not performed, and the current authentication fails.
  • the preset biometric information is pressure information and temperature information.
  • the authentication interface prompts to input a user name and a password respectively in the input box of the user name and the input box of the password.
  • the submitting option for completing the authentication is required.
  • the smart terminal obtains the authentication information and the biological information, wherein the authentication information includes the username and password; the biometric information is The user performs pressure input information and temperature information generated by input box switching, user name/password input, and click submit option; pressure information and temperature information are detected from the biological information, indicating that the obtained biological information includes preset biological information. Then proceed to step 102.
  • the preset biometric information is voice information.
  • the touch screen displays an interface for performing authentication
  • the identity verification interface displays the user name and password automatically input by the smart terminal according to the pre-stored user information, and simultaneously displays the completed identity verification.
  • the "submission" needs to be read out.
  • the smart terminal obtains the authentication information and the biological information, and the voice information is detected from the obtained biological information, indicating that the obtained biological information includes the preset voice. Information, proceed to step 102;
  • the terminal prompts to complete the authentication and needs to read “submit”. The user does not sound.
  • the smart terminal acquires the biological information, and only the pressure information is detected from the obtained biological information, and the voice information is not detected, indicating If the obtained biometric information does not include pre-set voice information, step 102 is not performed, and the current authentication fails.
  • the preset biometric information is voiceprint information
  • the touch screen displays the interface for performing authentication
  • the identity verification interface displays the user name and password automatically input by the smart terminal according to the pre-stored user information, and simultaneously displays the completed identity.
  • Verify the pre-set text to be read such as "application for login”.
  • the smart terminal obtains authentication information and biometric information, wherein the authentication information includes the user name and password, and the biometric information is read by the user.
  • the voiceprint information of the "application registration” is detected, and the terminal detects the voiceprint information matched with the preset voiceprint template from the obtained biological information, indicating that the obtained biological information includes the preset voiceprint information, and then continues. Go to step 102;
  • the terminal displays a preset text to be read out after completing the authentication, such as “application for login”, and when the user reads “hello”, the smart terminal obtains the authentication information and the biological information, wherein the authentication information includes the user name and The password and the biometric information read the voiceprint information of "hello" for the user, and the terminal does not detect the voiceprint information matching the preset voiceprint template from the obtained biometric information, indicating that the obtained biometric information does not include the advance If the voiceprint information is set, then step 102 is not performed, and the identity verification fails.
  • a preset text to be read out after completing the authentication such as “application for login”
  • the smart terminal obtains the authentication information and the biological information, wherein the authentication information includes the user name and The password and the biometric information read the voiceprint information of "hello" for the user, and the terminal does not detect the voiceprint information matching the preset voiceprint template from the obtained biometric information, indicating that the obtained biometric information does not include the advance If the voiceprint information is set, then step
  • the preset biometric information is temperature information.
  • the touch screen displays the interface for performing authentication
  • the authentication interface prompts to complete the authentication
  • the unlocking pattern is input, and the user inputs the unlocking pattern by sliding the finger on the touch screen.
  • the biometric information inputting the unlocking pattern for the user is temperature information generated by touching and/or tapping the screen; the smart terminal detects the temperature information from the obtained biological information, indicating that the obtained information
  • the biometric information includes pre-set temperature information, and then proceeds to step 102.
  • the biological information may also be other types of biological information, such as gravity sensing information generated by the mobile terminal, acceleration information, and the like.
  • the time correlation strategy is: when the absolute value of the difference between the time when the identity verification information is obtained and the time when the biometric information is detected is less than or equal to the time threshold corresponding to the preset biometric information, the detected organism Information is related to this authentication.
  • the preset biometric information is pressure information
  • the time threshold corresponding to the preset pressure information is 100 milliseconds, and the time for obtaining the authentication information is t1; after the terminal sensor is obtained, the pressure information is detected.
  • the time is t2, and the absolute value of the difference between t1 and t2 is 60 milliseconds, and it is determined that the pressure information detected this time is related to the current identity verification, indicating that the detected
  • the measured pressure information is the pressure information generated by the user according to the prompt when performing the identity verification; if the absolute value of the difference between t1 and t2 is 150 milliseconds, the pressure information detected this time is determined.
  • This authentication is irrelevant, indicating that the detected pressure information is not the pressure information generated by the user according to the operation performed during the current authentication, but may be the user's touch and/or obtained by the sensor at other unrelated times. Or click on the pressure information generated by the screen.
  • the preset biological information is pressure information and temperature information
  • the time thresholds corresponding to the preset pressure information and the temperature information are respectively 100 milliseconds and 90 milliseconds, and after the terminal sensor is obtained, the pressure information is detected.
  • the absolute values of the difference between the temperature information and the time at which the authentication information is obtained are 60 mm and 80 milliseconds, respectively, and it is determined according to the time correlation strategy that the pressure information and the temperature information detected this time are related to the current identity verification.
  • the preset biometric information is voice information
  • the time threshold corresponding to the preset voice information is 150 milliseconds
  • the time for obtaining the identity verification information is t1; after the terminal sensor is obtained, the voice information is detected.
  • the time is t2, and the absolute value of the difference between t1 and t2 is 100 milliseconds, and it is determined that the voice information detected this time is related to the current identity verification, indicating that the detected voice information is performed when the identity verification is performed.
  • the voice information generated by the user according to the prompt sound if the absolute value of the difference between t1 and t2 is 200 milliseconds, it is determined that the voice information detected this time is not related to the current identity verification, indicating the detected voice information, It is not the voice information generated by the user according to the prompt when performing this authentication, but may be the voice information of the user's voice obtained by the sensor at other unrelated times.
  • the preset biometric information is temperature information and/or pressure information
  • the unlock pattern information and the temperature information and/or the pressure information can be obtained for a period of time
  • the time when the corresponding temperature information and/or the pressure information is detected after the unlocking pattern information is obtained may be the time when the corresponding temperature information and/or the pressure information is detected after the unlocking pattern information is finally obtained in the above time period, that is, the complete unlocking pattern is obtained.
  • the time corresponding to the temperature information and/or pressure information is detected after the information.
  • the time threshold in this embodiment is not the timeout threshold of the user operating the terminal according to the prompt, but is determined whether the biometric information generated and verified by the human operation is authenticated with the identity verification system in time when the identity verification is performed.
  • the threshold of the time correlation between the information. Determining that the detected biological information is related to the current authentication, that is, the biologically obtained and detected by the sensor The information is biological information generated by humans when performing human operations during the threshold time interval according to the prompt; determining that the detected biological information is not related to the current authentication, that is, the biological information obtained and detected by the sensor is not According to the prompts, humans are specifically generated for the actions performed by this authentication, but the biometric information generated by the sensors at other times and for other applications.
  • an optional implementation manner of determining whether the identity verification is successful according to the obtained identity verification information is: verifying whether the username and password are consistent with the authorized username and password.
  • step 103 when the user performs the authentication to complete the authentication according to the prompt, such as clicking the submit option or issuing a "submitted" voice, etc., if relevant, the determination in step 103 is performed.
  • the preset biometric information is not detected, it is determined that the authentication fails; or the authentication is ended.
  • step 102 if it is determined in step 102 that the detected biometric information is not related to the current identity verification, it is determined that the identity verification fails; or the identity verification is ended.
  • the identity verification may be returned to perform the authentication, or the authentication based on the method of the embodiment of the present invention may be performed, or the authentication may be performed based on other verification codes.
  • the method of the embodiment of the present invention can be applied to an intelligent terminal having a touch screen, and can also be applied to other intelligent terminals having a function of detecting biological information, such as a computer having a keyboard input pressure.
  • a device for implementing identity verification includes a detecting unit 20, a correlation determining unit 21, and a verifying unit 22, wherein
  • the detecting unit 20 is configured to obtain identity verification information and biometric information when the identity verification is performed, and detect whether the obtained biometric information includes pre-set biometric information.
  • the correlation determining unit 21 is configured to determine, when the detecting unit 20 detects the preset biometric information, whether the detected biometric information is related to the current identity verification according to a preset time correlation policy.
  • the verification unit 22 is configured to determine the detected biological information when the correlation determining unit 21 determines When it is related to this authentication, it is determined whether the authentication is successful according to the obtained identity information.
  • the time correlation strategy is: determining the detected biological information when the absolute value of the difference between the time when the authentication information is obtained and the time when the biological information is detected is less than or equal to the time threshold corresponding to the preset biological information. Related to this authentication.
  • the biometric information is information generated by human behavior during the authentication process, and includes at least one or more of pressure information, temperature information, voiceprint information, and voice information.
  • the verification unit 22 is further configured to: when the detection unit 20 does not detect the preset biometric information, determine that the identity verification fails; or end the execution.
  • the verification unit 22 is further configured to: when the correlation determination unit 21 determines that the detected biometric information is irrelevant related to the current identity verification, determine that the identity verification fails; or end the execution.
  • the embodiment of the present invention further provides a computer readable storage medium, which stores program instructions, and when the program instructions are executed by the processor, can implement a method for implementing identity verification provided by Embodiment 1 of the present invention.
  • all or part of the steps of the above embodiments may also be implemented by using an integrated circuit. These steps may be separately fabricated into individual integrated circuit modules, or multiple modules or steps may be fabricated into a single integrated circuit module. achieve.
  • the devices/function modules/functional units in the above embodiments may be implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of multiple computing devices.
  • Each device/function module/function unit in the above embodiment is implemented in the form of a software function module. And when sold or used as a stand-alone product, it can be stored on a computer readable storage medium.
  • the above mentioned computer readable storage medium may be a read only memory, a magnetic disk or an optical disk or the like.
  • the embodiment of the invention realizes the target of using the biometric information learned by the terminal sensor for identity verification.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)
  • Telephonic Communication Services (AREA)
  • User Interface Of Digital Computer (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

Un mode de réalisation de la présente invention concerne un procédé et un dispositif de vérification d'identité, le procédé consistant, lors de la vérification d'identité, à acquérir des informations de vérification d'identité et des informations biologiques; détecter si les informations biologiques acquises comprennent des informations biologiques prédéfinies; si les informations biologiques prédéfinies sont détectées, déterminer si les informations biologiques détectées sont pertinentes pour la vérification d'identité conformément à une politique de relativité temporelle prédéfinie; si celles-ci sont pertinentes, déterminer si la vérification d'identité a réussi sur la base des informations de vérification d'identité acquises.
PCT/CN2015/088404 2014-12-15 2015-08-28 Procédé et dispositif de vérification d'identité WO2016095564A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410776596.4 2014-12-15
CN201410776596.4A CN105763504A (zh) 2014-12-15 2014-12-15 一种实现身份验证的方法和装置

Publications (1)

Publication Number Publication Date
WO2016095564A1 true WO2016095564A1 (fr) 2016-06-23

Family

ID=56125838

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/088404 WO2016095564A1 (fr) 2014-12-15 2015-08-28 Procédé et dispositif de vérification d'identité

Country Status (2)

Country Link
CN (1) CN105763504A (fr)
WO (1) WO2016095564A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107665293A (zh) * 2016-07-28 2018-02-06 中兴通讯股份有限公司 一种多用户账户的切换方法及移动终端
CN107886330A (zh) * 2017-11-28 2018-04-06 北京旷视科技有限公司 结算方法、装置及系统

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108205616A (zh) * 2016-12-16 2018-06-26 北京小米移动软件有限公司 身份信息校验方法及装置

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425914A (zh) * 2012-05-17 2013-12-04 宇龙计算机通信科技(深圳)有限公司 应用程序的登录方法及通信终端
CN103685259A (zh) * 2013-12-06 2014-03-26 北京奇虎科技有限公司 账户登录的方法及其装置
CN103997504A (zh) * 2014-06-13 2014-08-20 谭知微 身份验证系统及身份验证方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425914A (zh) * 2012-05-17 2013-12-04 宇龙计算机通信科技(深圳)有限公司 应用程序的登录方法及通信终端
CN103685259A (zh) * 2013-12-06 2014-03-26 北京奇虎科技有限公司 账户登录的方法及其装置
CN103997504A (zh) * 2014-06-13 2014-08-20 谭知微 身份验证系统及身份验证方法

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107665293A (zh) * 2016-07-28 2018-02-06 中兴通讯股份有限公司 一种多用户账户的切换方法及移动终端
CN107665293B (zh) * 2016-07-28 2023-07-11 中兴通讯股份有限公司 一种多用户账户的切换方法及移动终端
CN107886330A (zh) * 2017-11-28 2018-04-06 北京旷视科技有限公司 结算方法、装置及系统

Also Published As

Publication number Publication date
CN105763504A (zh) 2016-07-13

Similar Documents

Publication Publication Date Title
US11405380B2 (en) Systems and methods for using imaging to authenticate online users
US20220398594A1 (en) Pro-active identity verification for authentication of transaction initiated via non-voice channel
KR102387568B1 (ko) 지문 인식 기반 인증 방법 및 장치
KR102457683B1 (ko) 데이터 분석을 사용하여 인증을 수행하기 위한 시스템 및 방법
TWI543012B (zh) 一種移動終端的身份驗證方法和移動終端
CN108810021B (zh) 确定验证功能的查询系统和方法
WO2016112687A1 (fr) Procédé et appareil d'authentification d'identité sur un terminal et terminal
US20130326604A1 (en) Rhythm-based authentication
CN105141427B (zh) 一种基于声纹识别的登录认证方法、装置及系统
EP2795535A1 (fr) Démonstration de connaissances basée sur les mouvements oculaires
US10878071B2 (en) Biometric authentication anomaly detection
US20180107813A1 (en) User Authentication Persistence
CN106888204B (zh) 基于自然交互的隐式身份认证方法
JP5043857B2 (ja) トランザクション確認の方法およびシステム
KR20120082772A (ko) 확률적 사용자 인증 장치 및 방법
Yıldırım et al. Android based mobile application development for web login authentication using fingerprint recognition feature
WO2016095564A1 (fr) Procédé et dispositif de vérification d'identité
WO2017129071A1 (fr) Procédé d'authentification de mot de passe, dispositif et serveur d'applications
US10650163B2 (en) Bot detection and access grant or denial based on bot identified
WO2016112792A1 (fr) Procédé et dispositif d'authentification d'identité
EP3876120A1 (fr) Procédé et appareil de traitement d'informations d'authentification et terminal utilisateur comprenant un appareil de procédé de traitement d'informations d'authentification
JP2011118561A (ja) 個人認証装置及び個人認証方法
CN105897429A (zh) 鉴权方法、鉴权装置和终端
WO2020125260A1 (fr) Procédé et dispositif d'authentification d'identité, support d'informations et appareil électronique
WO2020192260A2 (fr) Procédé et dispositif d'authentification d'empreinte digitale et support d'informations lisible par ordinateur

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15869075

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15869075

Country of ref document: EP

Kind code of ref document: A1