WO2017000357A1 - Authorization and authentication method and apparatus, and related devices - Google Patents

Authorization and authentication method and apparatus, and related devices Download PDF

Info

Publication number
WO2017000357A1
WO2017000357A1 PCT/CN2015/085877 CN2015085877W WO2017000357A1 WO 2017000357 A1 WO2017000357 A1 WO 2017000357A1 CN 2015085877 W CN2015085877 W CN 2015085877W WO 2017000357 A1 WO2017000357 A1 WO 2017000357A1
Authority
WO
WIPO (PCT)
Prior art keywords
authorization authentication
current user
authentication information
payment
identity
Prior art date
Application number
PCT/CN2015/085877
Other languages
French (fr)
Chinese (zh)
Inventor
陈历伟
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2017000357A1 publication Critical patent/WO2017000357A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present invention relates to the field of terminal authorization authentication technologies, and in particular, to an authorization authentication method, device, and related device.
  • the secret-free payment means that the user does not need to input any account password to pay directly, but the confidential payment requires authentication information to be successful, for example, the current market.
  • the connected wearable device reads the authentication information for authentication, so that the secret payment can be made.
  • the technical problem to be solved by the present invention is to provide an authorization authentication method, device and related equipment, improve the security of authorization authentication such as payment, and reduce the payment risk.
  • the current user's ECG waveform is collected for identity confirmation
  • the authorization authentication information is acquired.
  • the current user's ECG waveform is collected for identity confirmation, including:
  • the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
  • the electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  • the invention also provides an authorization authentication method, and the process executed on the communication terminal side includes:
  • the wearable device When the authorization authentication information needs to be obtained, the wearable device is triggered to collect the current user's ECG waveform for identity confirmation, and receive the identity confirmation result sent by the wearable device;
  • the authorization authentication information is acquired when the current user confirms by identity.
  • the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
  • the electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  • the current user's electrocardiogram waveform is collected for identity confirmation, and the result of the identity confirmation is sent to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity. .
  • the current user's ECG waveform is collected for identity confirmation, including:
  • the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
  • the electrocardiogram waveform includes: at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal One of the waveforms.
  • the present invention also provides an authorization authentication device, which is disposed in a communication terminal, and the device includes:
  • the triggering module is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
  • the authorization authentication module is configured to obtain the authorization authentication information when the current user confirms by identity.
  • the present invention also provides an authorization authentication device, which is disposed in a wearable device, and the device includes:
  • the acquisition comparison module is configured to collect the current user's electrocardiogram waveform for identity confirmation under the trigger of the communication terminal;
  • the result output module is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
  • the invention also provides a communication terminal comprising a communication bus, a transceiver, a memory and a processor, wherein:
  • the communication bus is configured to implement connection communication between the transceiver device, the memory, and the processor;
  • the memory stores a set of program codes, and the processor calls the program code stored in the memory to perform the following operations:
  • the processor is configured to obtain the authorization authentication information when the current user confirms by identity.
  • the present invention also provides a wearable device including a communication bus, a transceiver, a memory, and Processor, where:
  • the communication bus is configured to implement connection communication between the transceiver device, the memory, and the processor;
  • the memory stores a set of program codes, and the processor calls the program code stored in the memory to perform the following operations:
  • the processor is configured to collect, according to a trigger of the communication terminal, an ECG waveform of the current user for identity confirmation;
  • the transceiver device is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
  • the present invention has at least the following advantages:
  • the authorization authentication method, device and related device use the difference of the human body ECG signal for identity confirmation, and can be applied to authorized payment and authorized login, etc., for example, directly reading the user in a communication terminal such as a mobile phone or a computer.
  • a communication terminal such as a mobile phone or a computer.
  • the user biometric information that is, the ECG waveform
  • the payment authentication information can be read for payment after the identity confirmation is passed. Therefore, it does not affect the user's experience, but also increases the security of payment.
  • FIG. 1 is a flowchart of an authorization authentication method according to a first embodiment of the present invention
  • FIG. 2 is a flowchart of performing an authorization authentication method on a communication terminal side according to a second embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of a component of an authorization authentication apparatus according to a fourth embodiment of the present invention.
  • FIG. 6 is a block diagram showing the overall design of an eighth embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of a communication terminal according to a ninth embodiment of the present invention.
  • FIG. 10 is a schematic structural diagram of a wearable device according to a ninth embodiment of the present invention.
  • the current user's ECG waveform is collected for identity confirmation, including:
  • the electrocardiogram waveform for comparison includes: a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  • the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
  • obtaining the authorization authentication information may be used for payment authentication, and may also be used for login authentication.
  • the method flow described in this embodiment may all be performed by one communication terminal, such as a smart terminal such as a mobile phone.
  • a smart terminal such as a mobile phone.
  • the acquisition module is triggered to collect the user.
  • the electrocardiogram waveform has already appeared in the prior art, and the user only needs to ensure that the collection module contacts the designated part of the body, and the operation is convenient.
  • the introduction is completed by the communication terminal and the wearable device.
  • Two embodiments of the above authorization authentication process are the second embodiment and the third embodiment.
  • Step S201 when the authorization authentication information needs to be obtained, triggering the wearable device to collect the current user's electrocardiogram waveform for identity confirmation, and receiving the identity confirmation result sent by the wearable device;
  • step S201 the wearable device is triggered to collect the current user's electrocardiogram waveform for identity confirmation, including:
  • Trigger the wearable device to collect the current user's ECG waveform and compare it with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
  • the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login; authorization authentication
  • the information may be stored in the wearable device or stored in the communication terminal.
  • the electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  • Step S202 Acquire the authorization authentication information when the current user confirms by identity.
  • a third embodiment of the present invention is an authorization authentication method. As shown in FIG. 3, the process performed on the wearable device side includes:
  • Step S301 collecting the current user's electrocardiogram waveform for identity confirmation under the trigger of the communication terminal
  • step S301 the current user's electrocardiogram waveform is collected for identity confirmation, including:
  • the current user's ECG waveform is compared with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
  • the electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  • Step S302 Send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
  • the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
  • the fourth embodiment of the present invention corresponds to the second embodiment.
  • the embodiment introduces an authorization authentication device, which is disposed in the communication terminal. As shown in FIG. 4, the device includes the following components:
  • the triggering collection module 401 is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
  • the authorization authentication module 402 is configured to obtain the authorization authentication information when the current user confirms by identity.
  • the fifth embodiment of the present invention corresponds to the third embodiment.
  • This embodiment describes an authorization authentication device, which is disposed in a wearable device. As shown in FIG. 5, the device includes the following components:
  • the collection comparison module 501 is configured to collect the current user's electrocardiogram waveform for identity confirmation under the trigger of the communication terminal;
  • the result output module 502 is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
  • a sixth embodiment of the present invention introduces a communication terminal including the authorization authentication apparatus in the fourth embodiment.
  • the communication terminal of this embodiment includes a communication bus 900, a transceiver 901, a memory 902, and a processor 903.
  • the number of processors 903 of the communication terminal may be one or more, and one processor is shown in FIG. For example), where:
  • the communication bus 900 is configured to implement connection communication between the transceiver device 901, the memory 902, and the processor 903;
  • the memory 902 stores a set of program codes, and the processor 903 calls the program code stored in the memory 902 for performing the following operations:
  • the transceiver device 901 is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
  • the processor 903 is configured to perform acquisition of the authorization authentication information when the current user confirms by identity.
  • a seventh embodiment of the present invention introduces a wearable device including the authorization authentication device in the fifth embodiment.
  • the wearable device of this embodiment includes a communication bus 1000, a transceiver 1001, a memory 1002, and a processor 1003.
  • the number of processors 1003 of the wearable device may be one or more, one in FIG.
  • the processor is an example), where:
  • the communication bus 1000 is configured to implement connection communication between the transceiver device 1001, the memory 1002, and the processor 1003.
  • the memory 1002 stores a set of program codes, and the processor 1003 calls the program code stored in the memory 1002 for performing the following operations:
  • the processor 1003 is configured to collect, according to a trigger of the communication terminal, an ECG waveform of the current user for identity confirmation;
  • the transceiver device 1001 is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
  • the present embodiment is based on the foregoing embodiment, and a process in which a mobile intelligent terminal cooperates with a wearable device to perform double-authentication of the secret-free payment as an example, and is described in conjunction with FIGS. 6-8.
  • the solution of the embodiment of the present invention provides a method for double authentication of a wearable device for secret payment.
  • the ECG chip is embedded on the wearable device, and the ECG chip can interact with the main chip on the wearable device; the ECG chip Collecting, storing, and comparing the ECG signature waveforms; when the mobile intelligent terminal needs to write the user payment authentication information for the first time, the ECG chip starts and automatically collects and stores the ECG characteristic waveform of the user.
  • the user biometric information that is, the ECG waveform
  • the payment authentication information can be read to perform the confidential payment. Therefore, it does not affect the user's experience, but also increases the security of payment.
  • the mobile intelligent terminal can perform connection communication with the open wearable device through wireless communication methods such as Bluetooth or infrared.
  • Wearable device built-in heart The electric chip has an acquisition module, a storage module and a comparison module.
  • the main chip of the wearable device and the ECG chip can communicate through the hardware interface.
  • the ECG chip is controlled by the main chip of the wearable device.
  • a typical electrocardiographic signal is composed of a P wave, a QRS wave, and a T wave.
  • the waveforms in the electrocardiogram are the combined effects of many myocardial cell action potentials on the surface.
  • P wave reflects the depolarization process of atrial muscle, its frequency is low, mainly between 10 ⁇ 15Hz;
  • QRS wave reflects the depolarization process of ventricular muscle, its waveform is steep, the frequency is mainly between 10 ⁇ 40Hz;
  • the T wave reflects the repolarization process of the ventricular muscle, and the frequency is mainly between 10 and 15 Hz;
  • the identification assumes that the waveform of the ECG signal remains relatively stable for a certain period of time. This condition is basically satisfied by normal people. Even during anxiety, stress, and exercise, the QRS waveform remains stable due to heart rate changes, thus ensuring individual characteristics. Stability, universality and collectability. At the same time, the difference between the individual ECG main receptor type, age, weight, mood, gender, heart position, heart size, heart geometry, chest structure, exercise status, cardiac physiological characteristics, etc., therefore also meet the unique requirements of biological identification .
  • the ECG waveform identification process for the confidential payment of the embodiment of the present invention is as follows:
  • Step 2 The mobile intelligent terminal reads the authentication information from the wearable device.
  • Step 3 The wearable device starts the ECG chip
  • Step 4 the ECG chip collects a waveform diagram of the user's electrocardiogram
  • Step 5 reading characteristic waveform data stored in the ECG database
  • Step 6 the ECG chip compares the ECG characteristic data of the user
  • Step 8 if passed, the authentication information can be read to perform secret-free payment
  • Step 9 If the authentication information is not passed, the authentication information cannot be read.
  • the wearable device automatically recognizes the user's biometric information ECG waveform for identity Confirmation does not affect the user's experience, but also increases the security of payment.

Abstract

An authorization and authentication method and apparatus, and related devices. The method comprises: when it is necessary to acquire authorization and authentication information, collecting an electrocardiogram waveform of a current user to perform identity confirmation (S101); and after the current user passes the identity confirmation, acquiring the authorization and authentication information (S102). By means of the method, the difference of human electrocardiogram signals is used to perform identity confirmation, which can be applied to occasions of authorized payment and authorized login, for example: before a communication terminal such as a cellphone and a computer directly reads payment authentication information about a user, automatically identifying biological feature information about the user, i.e. an electrocardiogram waveform, to perform identity confirmation, and reading the payment authentication information for payment after the identity confirmation is passed. Therefore, the method has no impact on the user experience, and also increases the payment security.

Description

一种授权认证方法、装置及相关设备Authorization authentication method, device and related equipment
本申请要求于2015年6月30日提交中国专利局、申请号为201510372722.4,发明名称为“一种授权认证方法、装置及相关设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 20151037272, filed on Jun. 30, 2015, the entire disclosure of which is incorporated herein by reference. In this application.
技术领域Technical field
本发明涉及终端授权认证技术领域,尤其涉及一种授权认证方法、装置及相关设备。The present invention relates to the field of terminal authorization authentication technologies, and in particular, to an authorization authentication method, device, and related device.
背景技术Background technique
用户在通过手机或家用电脑进行网上购物时,可能涉及免密支付,免密支付是指不需要用户输入任何帐号密码直接支付,但是免密支付需要获得鉴权信息才能支付成功,比如:当前市面上有一种比较流行的可穿戴身份认证做法:把鉴权信息写入可穿戴设备芯片中,可穿戴设备直接穿在身上,或是整合到用户的衣服或配件的一种便携式设备例如只能手表、智能手环等。手机在支付时,连接可穿戴设备读取鉴权信息进行鉴权,这样就可以做到免密支付。When users purchase online through mobile phones or home computers, they may involve secret-free payment. The secret-free payment means that the user does not need to input any account password to pay directly, but the confidential payment requires authentication information to be successful, for example, the current market. There is a more popular wearable authentication method: writing authentication information into a wearable device chip, wearing the wearable device directly on the body, or a portable device integrated into the user's clothes or accessories, such as a watch only , smart bracelets, etc. When the mobile phone pays, the connected wearable device reads the authentication information for authentication, so that the secret payment can be made.
但是现有技术存在一个安全风险漏洞:当手机和可穿戴设备都在别人手里,就相当于丢失了支付密码,别人就可以免密支付,风险非常大。However, there is a security risk loophole in the prior art: when the mobile phone and the wearable device are in the hands of others, it is equivalent to losing the payment password, and others can pay for the secret, which is very risky.
发明内容Summary of the invention
本发明要解决的技术问题是,提供一种授权认证方法、装置及相关设备,提升支付等授权认证的安全性,降低支付风险。The technical problem to be solved by the present invention is to provide an authorization authentication method, device and related equipment, improve the security of authorization authentication such as payment, and reduce the payment risk.
本发明采用的技术方案是,所述授权认证方法,包括:The technical solution adopted by the present invention is that the authorization authentication method includes:
当需要获取授权认证信息时,采集当前使用者的心电图波形进行身份确认;When the authorization authentication information needs to be obtained, the current user's ECG waveform is collected for identity confirmation;
在当前使用者通过身份确认后,进行授权认证信息的获取。After the current user is authenticated by the identity, the authorization authentication information is acquired.
进一步的,采集当前使用者的心电图波形进行身份确认,包括:Further, the current user's ECG waveform is collected for identity confirmation, including:
采集当前使用者的心电图波形与预先存储的用户心电图波形进行比 对,若相符,则通过身份确认,否则身份确认失败。Collecting the current user's ECG waveform compared to the pre-stored user's ECG waveform Yes, if they match, they will be confirmed by identity, otherwise the identity confirmation will fail.
进一步的,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;Further, the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。The electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
本发明还提供一种授权认证方法,在通信终端侧执行的流程包括:The invention also provides an authorization authentication method, and the process executed on the communication terminal side includes:
当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;When the authorization authentication information needs to be obtained, the wearable device is triggered to collect the current user's ECG waveform for identity confirmation, and receive the identity confirmation result sent by the wearable device;
在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The authorization authentication information is acquired when the current user confirms by identity.
进一步的,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,包括:Further, triggering the wearable device to collect the current user's ECG waveform for identity confirmation, including:
触发可穿戴设备采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。Trigger the wearable device to collect the current user's ECG waveform and compare it with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
进一步的,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;Further, the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。The electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
本发明还提供一种授权认证方法,在可穿戴设备侧执行的流程包括:The present invention also provides an authorization authentication method, and the process performed on the wearable device side includes:
在通信终端的触发下,采集当前使用者的心电图波形进行身份确认,并将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。Under the trigger of the communication terminal, the current user's electrocardiogram waveform is collected for identity confirmation, and the result of the identity confirmation is sent to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity. .
进一步的,采集当前使用者的心电图波形进行身份确认,包括:Further, the current user's ECG waveform is collected for identity confirmation, including:
采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。The current user's ECG waveform is compared with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
进一步的,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;Further, the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少 之一的波形。The electrocardiogram waveform includes: at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal One of the waveforms.
本发明还提供一种授权认证装置,设置于通信终端中,所述装置包括:The present invention also provides an authorization authentication device, which is disposed in a communication terminal, and the device includes:
触发采集模块,用于当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;The triggering module is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
授权认证模块,用于在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The authorization authentication module is configured to obtain the authorization authentication information when the current user confirms by identity.
本发明还提供一种授权认证装置,设置于可穿戴设备中,所述装置包括:The present invention also provides an authorization authentication device, which is disposed in a wearable device, and the device includes:
采集比对模块,用于在通信终端的触发下,采集当前使用者的心电图波形进行身份确认;The acquisition comparison module is configured to collect the current user's electrocardiogram waveform for identity confirmation under the trigger of the communication terminal;
结果输出模块,用于将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The result output module is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
本发明还提供一种通信终端,包括通信总线、收发装置、存储器以及处理器,其中:The invention also provides a communication terminal comprising a communication bus, a transceiver, a memory and a processor, wherein:
所述通信总线,用于实现所述收发装置、所述存储器以及所述处理器之间的连接通信;The communication bus is configured to implement connection communication between the transceiver device, the memory, and the processor;
所述存储器中存储一组程序代码,且处理器调用存储器中存储的程序代码,用于执行以下操作:The memory stores a set of program codes, and the processor calls the program code stored in the memory to perform the following operations:
所述收发装置,用于当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;The transceiver device is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
所述处理器,用于在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The processor is configured to obtain the authorization authentication information when the current user confirms by identity.
本发明还提供一种可穿戴设备,包括通信总线、收发装置、存储器以及 处理器,其中:The present invention also provides a wearable device including a communication bus, a transceiver, a memory, and Processor, where:
所述通信总线,用于实现所述收发装置、所述存储器以及所述处理器之间的连接通信;The communication bus is configured to implement connection communication between the transceiver device, the memory, and the processor;
所述存储器中存储一组程序代码,且处理器调用存储器中存储的程序代码,用于执行以下操作:The memory stores a set of program codes, and the processor calls the program code stored in the memory to perform the following operations:
所述处理器,用于在通信终端的触发下,采集当前使用者的心电图波形进行身份确认;The processor is configured to collect, according to a trigger of the communication terminal, an ECG waveform of the current user for identity confirmation;
所述收发装置,用于将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The transceiver device is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
采用上述技术方案,本发明至少具有下列优点:With the above technical solution, the present invention has at least the following advantages:
本发明所述的授权认证方法、装置及相关设备,利用人体心电信号的差异性进行身份确认,可以应用在授权支付和授权登录等场合,比如:在手机、电脑等通信终端直接读取用户支付鉴权信息之前,自动识别用户生物特征信息即心电图波形进行身份确认,在身份确认通过后才能读取支付鉴权信息进行支付。因此,既不影响用户的体验,又增加了支付的安全性。The authorization authentication method, device and related device according to the present invention use the difference of the human body ECG signal for identity confirmation, and can be applied to authorized payment and authorized login, etc., for example, directly reading the user in a communication terminal such as a mobile phone or a computer. Before the payment of the authentication information, the user biometric information, that is, the ECG waveform, is automatically identified for identity confirmation, and the payment authentication information can be read for payment after the identity confirmation is passed. Therefore, it does not affect the user's experience, but also increases the security of payment.
附图说明DRAWINGS
图1为本发明第一实施例的授权认证方法流程图;1 is a flowchart of an authorization authentication method according to a first embodiment of the present invention;
图2为本发明第二实施例的授权认证方法在通信终端侧执行的流程图;2 is a flowchart of performing an authorization authentication method on a communication terminal side according to a second embodiment of the present invention;
图3为本发明第三实施例的授权认证方法在可穿戴设备侧执行的流程图;3 is a flowchart of performing an authorization authentication method on a wearable device side according to a third embodiment of the present invention;
图4为本发明第四实施例的授权认证装置组成结构示意图;4 is a schematic structural diagram of a component of an authorization authentication apparatus according to a fourth embodiment of the present invention;
图5为本发明第五实施例的授权认证装置组成结构示意图;FIG. 5 is a schematic structural diagram of a component of an authorization authentication apparatus according to a fifth embodiment of the present invention; FIG.
图6为本发明第八实施例的总体设计框图;Figure 6 is a block diagram showing the overall design of an eighth embodiment of the present invention;
图7为本发明第八实施例的典型心电信号示意图; 7 is a schematic diagram of a typical electrocardiographic signal according to an eighth embodiment of the present invention;
图8为本发明第八实施例的免密支付的心电波形身份识别流程图;8 is a flowchart of an ECG waveform identification process for a confidential payment according to an eighth embodiment of the present invention;
图9为本发明第九实施例的通信终端组成结构示意图;9 is a schematic structural diagram of a communication terminal according to a ninth embodiment of the present invention;
图10为本发明第九实施例的可穿戴设备组成结构示意图。FIG. 10 is a schematic structural diagram of a wearable device according to a ninth embodiment of the present invention.
具体实施方式detailed description
为更进一步阐述本发明为达成预定目的所采取的技术手段及功效,以下结合附图及较佳实施例,对本发明进行详细说明如后。The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments.
本发明第一实施例,一种授权认证方法,如图1所示,包括以下具体步骤:A first embodiment of the present invention, an authorization authentication method, as shown in FIG. 1, includes the following specific steps:
步骤S101,当需要获取授权认证信息时,采集当前使用者的心电图波形进行身份确认;In step S101, when the authorization authentication information needs to be acquired, the current user's electrocardiogram waveform is collected for identity confirmation;
具体的,采集当前使用者的心电图波形进行身份确认,包括:Specifically, the current user's ECG waveform is collected for identity confirmation, including:
采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。在本发明实施例中,用于进行对比的心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。The current user's ECG waveform is compared with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails. In the embodiment of the present invention, the electrocardiogram waveform for comparison includes: a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
在本发明实施例中,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;In the embodiment of the present invention, the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
步骤S102,在当前使用者通过身份确认后,进行授权认证信息的获取。Step S102: After the current user passes the identity confirmation, the authorization information is acquired.
具体的,获取授权认证信息可能用于支付鉴权,也可能用于登录鉴权。Specifically, obtaining the authorization authentication information may be used for payment authentication, and may also be used for login authentication.
本实施例所述方法流程可以全部由一台通信终端来执行,比如:手机等智能终端。只需在手机中安装上用于采集使用者心电图波形的心电模块,并对手机中各种应用场合的授权认证流程做出改进,当需要获取授权认证信息时,触发采集模块去采集使用者的心电图波形,现有技术中已经出现这种采集模块,用户只需保证该采集模块接触身体指定部位即可,操作方便。The method flow described in this embodiment may all be performed by one communication terminal, such as a smart terminal such as a mobile phone. Simply install the ECG module for collecting the user's ECG waveform in the mobile phone, and improve the authorization authentication process for various applications in the mobile phone. When the authorization authentication information needs to be obtained, the acquisition module is triggered to collect the user. The electrocardiogram waveform has already appeared in the prior art, and the user only needs to ensure that the collection module contacts the designated part of the body, and the operation is convenient.
下面在第一实施例的基础上,介绍由通信终端和可穿戴设备配合来完 成上述授权认证过程的两个实施例:第二实施例和第三实施例。In the following, based on the first embodiment, the introduction is completed by the communication terminal and the wearable device. Two embodiments of the above authorization authentication process are the second embodiment and the third embodiment.
本发明第二实施例,一种授权认证方法,如图2所示,在通信终端侧执行的流程包括以下具体步骤:A second embodiment of the present invention is an authorization authentication method. As shown in FIG. 2, the process performed on the communication terminal side includes the following specific steps:
步骤S201,当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;Step S201, when the authorization authentication information needs to be obtained, triggering the wearable device to collect the current user's electrocardiogram waveform for identity confirmation, and receiving the identity confirmation result sent by the wearable device;
具体的,在步骤S201中,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,包括:Specifically, in step S201, the wearable device is triggered to collect the current user's electrocardiogram waveform for identity confirmation, including:
触发可穿戴设备采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。Trigger the wearable device to collect the current user's ECG waveform and compare it with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
在本实施例中,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;授权认证信息可以存储于可穿戴设备中,也可以存储于通信终端中。In this embodiment, the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login; authorization authentication The information may be stored in the wearable device or stored in the communication terminal.
所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。The electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
步骤S202,在当前使用者通过身份确认的情况下,进行授权认证信息的获取。Step S202: Acquire the authorization authentication information when the current user confirms by identity.
本发明第三实施例,一种授权认证方法,如图3所示,在可穿戴设备侧执行的流程包括:A third embodiment of the present invention is an authorization authentication method. As shown in FIG. 3, the process performed on the wearable device side includes:
步骤S301,在通信终端的触发下,采集当前使用者的心电图波形进行身份确认;Step S301, collecting the current user's electrocardiogram waveform for identity confirmation under the trigger of the communication terminal;
具体的,在步骤S301中,采集当前使用者的心电图波形进行身份确认,包括:Specifically, in step S301, the current user's electrocardiogram waveform is collected for identity confirmation, including:
采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。The current user's ECG waveform is compared with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。The electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
步骤S302,将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。 Step S302: Send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
具体的,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;Specifically, the authorization authentication information includes: authentication information required for payment, a payment password required for payment, a verification code required for payment, or a login password required for login;
本发明第四实施例,与第二实施例对应,本实施例介绍一种授权认证装置,设置于通信终端中,如图4所示,该装置包括以下组成部分:The fourth embodiment of the present invention corresponds to the second embodiment. The embodiment introduces an authorization authentication device, which is disposed in the communication terminal. As shown in FIG. 4, the device includes the following components:
触发采集模块401,用于当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;The triggering collection module 401 is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
授权认证模块402,用于在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The authorization authentication module 402 is configured to obtain the authorization authentication information when the current user confirms by identity.
本发明第五实施例,与第三实施例对应,本实施例介绍一种授权认证装置,设置于可穿戴设备中,如图5所示,该装置包括以下组成部分:The fifth embodiment of the present invention corresponds to the third embodiment. This embodiment describes an authorization authentication device, which is disposed in a wearable device. As shown in FIG. 5, the device includes the following components:
采集比对模块501,用于在通信终端的触发下,采集当前使用者的心电图波形进行身份确认;The collection comparison module 501 is configured to collect the current user's electrocardiogram waveform for identity confirmation under the trigger of the communication terminal;
结果输出模块502,用于将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The result output module 502 is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
本发明第六实施例,介绍一种通信终端,包含第四实施例中的授权认证装置。如图9所示,本实施例的通信终端包括通信总线900、收发装置901、存储器902以及处理器903(通信终端的处理器903的数量可以为一个或多个,图9中以一个处理器为例),其中:A sixth embodiment of the present invention introduces a communication terminal including the authorization authentication apparatus in the fourth embodiment. As shown in FIG. 9, the communication terminal of this embodiment includes a communication bus 900, a transceiver 901, a memory 902, and a processor 903. The number of processors 903 of the communication terminal may be one or more, and one processor is shown in FIG. For example), where:
所述通信总线900,用于实现所述收发装置901、所述存储器902以及所述处理器903之间的连接通信;The communication bus 900 is configured to implement connection communication between the transceiver device 901, the memory 902, and the processor 903;
所述存储器902中存储一组程序代码,且处理器903调用存储器902中存储的程序代码,用于执行以下操作:The memory 902 stores a set of program codes, and the processor 903 calls the program code stored in the memory 902 for performing the following operations:
所述收发装置901,用于当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果; The transceiver device 901 is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
所述处理器903,用于在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The processor 903 is configured to perform acquisition of the authorization authentication information when the current user confirms by identity.
本发明第七实施例,介绍一种可穿戴设备,包含第五实施例中的授权认证装置。如图10所示,本实施例的可穿戴设备包括通信总线1000、收发装置1001、存储器1002以及处理器1003(可穿戴设备的处理器1003的数量可以为一个或多个,图10中以一个处理器为例),其中:A seventh embodiment of the present invention introduces a wearable device including the authorization authentication device in the fifth embodiment. As shown in FIG. 10, the wearable device of this embodiment includes a communication bus 1000, a transceiver 1001, a memory 1002, and a processor 1003. The number of processors 1003 of the wearable device may be one or more, one in FIG. The processor is an example), where:
所述通信总线1000,用于实现所述收发装置1001、所述存储器1002以及所述处理器1003之间的连接通信;The communication bus 1000 is configured to implement connection communication between the transceiver device 1001, the memory 1002, and the processor 1003.
所述存储器1002中存储一组程序代码,且处理器1003调用存储器1002中存储的程序代码,用于执行以下操作:The memory 1002 stores a set of program codes, and the processor 1003 calls the program code stored in the memory 1002 for performing the following operations:
所述处理器1003,用于在通信终端的触发下,采集当前使用者的心电图波形进行身份确认;The processor 1003 is configured to collect, according to a trigger of the communication terminal, an ECG waveform of the current user for identity confirmation;
所述收发装置1001,用于将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The transceiver device 1001 is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
本发明第八实施例,本实施例是在上述实施例的基础上,以一台移动智能终端与一台可穿戴设备协作进行免密支付双重认证的过程为例,结合附图6~8介绍一个本发明的应用实例。According to the eighth embodiment of the present invention, the present embodiment is based on the foregoing embodiment, and a process in which a mobile intelligent terminal cooperates with a wearable device to perform double-authentication of the secret-free payment as an example, and is described in conjunction with FIGS. 6-8. An application example of the present invention.
本发明实施例的方案提供了一种可穿戴设备免密支付进行双重认证的方法,在可穿戴设备上嵌入心电芯片,该心电芯片与可穿戴设备上的主芯片可以交互;心电芯片采集、存储和比对心电图特征波形;当移动智能终端第一次需要写入用户支付鉴权信息时,心电芯片启动并自动采集和存储用户的心电图特征波形。在移动智能终端直接读取用户支付鉴权信息之前,自动识别用户生物特征信息即心电图波形进行身份确认,确认通过后才能读取支付鉴权信息进行免密支付。因此,既不影响用户的体验,又增加了支付的安全性。The solution of the embodiment of the present invention provides a method for double authentication of a wearable device for secret payment. The ECG chip is embedded on the wearable device, and the ECG chip can interact with the main chip on the wearable device; the ECG chip Collecting, storing, and comparing the ECG signature waveforms; when the mobile intelligent terminal needs to write the user payment authentication information for the first time, the ECG chip starts and automatically collects and stores the ECG characteristic waveform of the user. Before the mobile intelligent terminal directly reads the user payment authentication information, the user biometric information, that is, the ECG waveform, is automatically identified for identity confirmation, and the payment authentication information can be read to perform the confidential payment. Therefore, it does not affect the user's experience, but also increases the security of payment.
本发明实施例的总体设计框图如图6所示,移动智能终端可以通过蓝牙或红外等无线通信方式与开穿戴设备进行连接通信。可穿戴设备内置心 电芯片,心电芯片具备采集模块、存储模块和比对模块。可穿戴设备的主芯片和心电芯片之间可以通过硬件接口通信。心电芯片受控于可穿戴设备的主芯片。The overall design block diagram of the embodiment of the present invention is shown in FIG. 6. The mobile intelligent terminal can perform connection communication with the open wearable device through wireless communication methods such as Bluetooth or infrared. Wearable device built-in heart The electric chip has an acquisition module, a storage module and a comparison module. The main chip of the wearable device and the ECG chip can communicate through the hardware interface. The ECG chip is controlled by the main chip of the wearable device.
如图7所示,典型心电信号每一周期由P波、QRS波、T波组成。心电图中的各波形是众多心肌细胞动作电位在体表的综合效应。P波反映心房肌的除极过程,它的频率较低,主要在10~15Hz之间;QRS波反映了心室肌的除极过程,它的波形较陡峭,频率主要在10~40Hz之间;T波反映了心室肌的复极过程,频率主要在10~15Hz之间;As shown in FIG. 7, a typical electrocardiographic signal is composed of a P wave, a QRS wave, and a T wave. The waveforms in the electrocardiogram are the combined effects of many myocardial cell action potentials on the surface. P wave reflects the depolarization process of atrial muscle, its frequency is low, mainly between 10 ~ 15Hz; QRS wave reflects the depolarization process of ventricular muscle, its waveform is steep, the frequency is mainly between 10 ~ 40Hz; The T wave reflects the repolarization process of the ventricular muscle, and the frequency is mainly between 10 and 15 Hz;
身份识别假设心电信号波形在一定的时期内保持相对的稳定,这个条件正常人是基本满足的,即使在焦虑、压力、运动时因心率变化QRS波形仍然保持稳定,这样就保证了个体特征的稳定性、普遍性和可采集性。同时个体心电图间差异主要受体型、年龄、体重、情绪、性别、心脏位置、心脏大小、心脏几何形状、胸部构造、运动状况、心脏生理特征等影响,因此同样满足生物身份识别的唯一性要求。The identification assumes that the waveform of the ECG signal remains relatively stable for a certain period of time. This condition is basically satisfied by normal people. Even during anxiety, stress, and exercise, the QRS waveform remains stable due to heart rate changes, thus ensuring individual characteristics. Stability, universality and collectability. At the same time, the difference between the individual ECG main receptor type, age, weight, mood, gender, heart position, heart size, heart geometry, chest structure, exercise status, cardiac physiological characteristics, etc., therefore also meet the unique requirements of biological identification .
如图8所示,本发明实施例的免密支付的心电波形身份识别流程,如下:As shown in FIG. 8, the ECG waveform identification process for the confidential payment of the embodiment of the present invention is as follows:
步骤1,用户发起支付请求;Step 1: The user initiates a payment request;
步骤2,移动智能终端向可穿戴设备读取鉴权信息;Step 2: The mobile intelligent terminal reads the authentication information from the wearable device.
步骤3,可穿戴设备启动心电芯片;Step 3: The wearable device starts the ECG chip;
步骤4,心电芯片采集用户心电特征波形图;Step 4, the ECG chip collects a waveform diagram of the user's electrocardiogram;
步骤5,读取心电数据库存储的特征波形数据;Step 5, reading characteristic waveform data stored in the ECG database;
步骤6,心电芯片比对用户的心电特征数据;Step 6, the ECG chip compares the ECG characteristic data of the user;
步骤7,比对结果身份是否通过?Step 7, compare the results of the identity passed?
步骤8,如果通过,可以读取鉴权信息进行免密支付;Step 8, if passed, the authentication information can be read to perform secret-free payment;
步骤9,如果不通过,不能读取鉴权信息,免密支付失败。Step 9. If the authentication information is not passed, the authentication information cannot be read.
本发明实施例所述的可穿戴设备免密支付进行双重认证的方法,在移动智能终端向可穿戴设备直接读取用户支付鉴权信息之前,可穿戴设备自动识别用户生物特征信息心电图波形进行身份确认,既不影响用户的体验,又增加了支付的安全性。 The method for performing double authentication for the wearable device of the wearable device according to the embodiment of the present invention, before the mobile intelligent terminal directly reads the user payment authentication information from the wearable device, the wearable device automatically recognizes the user's biometric information ECG waveform for identity Confirmation does not affect the user's experience, but also increases the security of payment.
通过具体实施方式的说明,应当可对本发明为达成预定目的所采取的技术手段及功效得以更加深入且具体的了解,然而所附图示仅是提供参考与说明之用,并非用来对本发明加以限制。 The technical means and functions of the present invention for achieving the intended purpose can be more deeply and specifically understood by the description of the specific embodiments. However, the accompanying drawings are only for the purpose of illustration and description, and are not intended to limit.

Claims (13)

  1. 一种授权认证方法,其特征在于,包括:An authorization authentication method, characterized in that it comprises:
    当需要获取授权认证信息时,采集当前使用者的心电图波形进行身份确认;When the authorization authentication information needs to be obtained, the current user's ECG waveform is collected for identity confirmation;
    在当前使用者通过身份确认后,进行授权认证信息的获取。After the current user is authenticated by the identity, the authorization authentication information is acquired.
  2. 根据权利要求1所述的授权认证方法,其特征在于,采集当前使用者的心电图波形进行身份确认,包括:The authorization authentication method according to claim 1, wherein the current user's electrocardiogram waveform is collected for identity confirmation, including:
    采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。The current user's ECG waveform is compared with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
  3. 根据权利要求1或2所述的授权认证方法,其特征在于,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;The authorization authentication method according to claim 1 or 2, wherein the authorization authentication information comprises: authentication information required for payment, a payment password required for payment, a verification code required for payment, Or the login password required when logging in;
    所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。The electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  4. 一种授权认证方法,其特征在于,在通信终端侧执行的流程包括:An authorization authentication method, characterized in that the process performed on the communication terminal side includes:
    当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;在当前使用者通过身份确认的情况下,进行授权认证信息的获取。When the authorization authentication information needs to be obtained, the wearable device is triggered to collect the current user's ECG waveform for identity confirmation, and receives the identity confirmation result sent by the wearable device; and when the current user confirms by the identity, the authorization authentication information is performed. Obtain.
  5. 根据权利要求4所述的授权认证方法,其特征在于,所述触发可穿戴设备采集当前使用者的心电图波形进行身份确认,包括:The authorization authentication method according to claim 4, wherein the triggering the wearable device to collect the current user's electrocardiogram waveform for identity confirmation comprises:
    触发可穿戴设备采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。Trigger the wearable device to collect the current user's ECG waveform and compare it with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
  6. 根据权利要求4或5所述的授权认证方法,其特征在于,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;The authorization authentication method according to claim 4 or 5, wherein the authorization authentication information comprises: authentication information required for payment, a payment password required for payment, a verification code required for payment, Or the login password required when logging in;
    所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。 The electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  7. 一种授权认证方法,其特征在于,在可穿戴设备侧执行的流程包括:An authorization authentication method, characterized in that the process performed on the wearable device side includes:
    在通信终端的触发下,采集当前使用者的心电图波形进行身份确认,并将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。Under the trigger of the communication terminal, the current user's electrocardiogram waveform is collected for identity confirmation, and the result of the identity confirmation is sent to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity. .
  8. 根据权利要求7所述的授权认证方法,其特征在于,所述采集当前使用者的心电图波形进行身份确认,包括:The authorization authentication method according to claim 7, wherein the collecting the current user's electrocardiogram waveform for identity confirmation comprises:
    采集当前使用者的心电图波形与预先存储的用户心电图波形进行比对,若相符,则通过身份确认,否则身份确认失败。The current user's ECG waveform is compared with the pre-stored user's ECG waveform. If they match, the identity is confirmed, otherwise the identity confirmation fails.
  9. 根据权利要求7或8所述的授权认证方法,其特征在于,所述授权认证信息,包括:支付时所需的鉴权信息、支付时所需的支付密码、支付时所需的验证码、或者登录时所需的登录密码;The authorization authentication method according to claim 7 or 8, wherein the authorization authentication information comprises: authentication information required for payment, a payment password required for payment, a verification code required for payment, Or the login password required when logging in;
    所述心电图波形,包括:心电信号中的P波、QRS波、T波中的至少之一的波形。The electrocardiogram waveform includes a waveform of at least one of a P wave, a QRS wave, and a T wave in the electrocardiographic signal.
  10. 一种授权认证装置,其特征在于,设置于通信终端中,所述装置包括:An authorization authentication device is provided in a communication terminal, the device comprising:
    触发采集模块,用于当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;The triggering module is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
    授权认证模块,用于在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The authorization authentication module is configured to obtain the authorization authentication information when the current user confirms by identity.
  11. 一种授权认证装置,其特征在于,设置于可穿戴设备中,所述装置包括:An authorization authentication device is provided in a wearable device, the device comprising:
    采集比对模块,用于在通信终端的触发下,采集当前使用者的心电图波形进行身份确认;The acquisition comparison module is configured to collect the current user's electrocardiogram waveform for identity confirmation under the trigger of the communication terminal;
    结果输出模块,用于将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。 The result output module is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
  12. 一种通信终端,其特征在于,包括通信总线、收发装置、存储器以及处理器,其中:A communication terminal, comprising: a communication bus, a transceiver, a memory, and a processor, wherein:
    所述通信总线,用于实现所述收发装置、所述存储器以及所述处理器之间的连接通信;The communication bus is configured to implement connection communication between the transceiver device, the memory, and the processor;
    所述存储器中存储一组程序代码,且处理器调用存储器中存储的程序代码,用于执行以下操作:The memory stores a set of program codes, and the processor calls the program code stored in the memory to perform the following operations:
    所述收发装置,用于当需要获取授权认证信息时,触发可穿戴设备采集当前使用者的心电图波形进行身份确认,并接收可穿戴设备发送的身份确认结果;The transceiver device is configured to trigger the wearable device to collect the current user's ECG waveform for identity confirmation when receiving the authorization authentication information, and receive the identity confirmation result sent by the wearable device;
    所述处理器,用于在当前使用者通过身份确认的情况下,进行授权认证信息的获取。The processor is configured to obtain the authorization authentication information when the current user confirms by identity.
  13. 一种可穿戴设备,其特征在于,包括通信总线、收发装置、存储器以及处理器,其中:A wearable device, comprising: a communication bus, a transceiver, a memory, and a processor, wherein:
    所述通信总线,用于实现所述收发装置、所述存储器以及所述处理器之间的连接通信;The communication bus is configured to implement connection communication between the transceiver device, the memory, and the processor;
    所述存储器中存储一组程序代码,且处理器调用存储器中存储的程序代码,用于执行以下操作:The memory stores a set of program codes, and the processor calls the program code stored in the memory to perform the following operations:
    所述处理器,用于在通信终端的触发下,采集当前使用者的心电图波形进行身份确认;The processor is configured to collect, according to a trigger of the communication terminal, an ECG waveform of the current user for identity confirmation;
    所述收发装置,用于将身份确认的结果发送给通信终端,以供通信终端在当前使用者通过身份确认的情况下,进行授权认证信息的获取。 The transceiver device is configured to send the result of the identity confirmation to the communication terminal, so that the communication terminal obtains the authorization authentication information when the current user confirms by the identity.
PCT/CN2015/085877 2015-06-30 2015-07-31 Authorization and authentication method and apparatus, and related devices WO2017000357A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510372722.4 2015-06-30
CN201510372722.4A CN106326705A (en) 2015-06-30 2015-06-30 Authorization authentication method and device and relevant equipment

Publications (1)

Publication Number Publication Date
WO2017000357A1 true WO2017000357A1 (en) 2017-01-05

Family

ID=57607557

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/085877 WO2017000357A1 (en) 2015-06-30 2015-07-31 Authorization and authentication method and apparatus, and related devices

Country Status (2)

Country Link
CN (1) CN106326705A (en)
WO (1) WO2017000357A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111224972A (en) * 2019-12-31 2020-06-02 航天信息股份有限公司 Method and system for retrieving account/password based on facial features

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109840451A (en) * 2017-11-28 2019-06-04 深圳市岩尚科技有限公司 A kind of wearable ring of intelligence payment and its method of payment based on electrocardio identification
CN108614962A (en) * 2018-04-11 2018-10-02 努比亚技术有限公司 Safety identification control method, wearable device and computer readable storage medium
CN108647961A (en) * 2018-04-26 2018-10-12 华南理工大学 Digital cash wallet based on electrocardiosignal authentication

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103310142A (en) * 2013-05-22 2013-09-18 复旦大学 Man-machine fusion security authentication method based on wearable equipment
CN103702609A (en) * 2011-05-16 2014-04-02 纽罗斯凯公司 Bio signal based mobile device applications
CN103886204A (en) * 2014-03-24 2014-06-25 宇龙计算机通信科技(深圳)有限公司 Data storage device and method
CN103955823A (en) * 2014-05-14 2014-07-30 金陵科技学院 High-security portable collection and payment method
US20150028996A1 (en) * 2013-07-25 2015-01-29 Bionym Inc. Preauthorized wearable biometric device, system and method for use thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103702609A (en) * 2011-05-16 2014-04-02 纽罗斯凯公司 Bio signal based mobile device applications
CN103310142A (en) * 2013-05-22 2013-09-18 复旦大学 Man-machine fusion security authentication method based on wearable equipment
US20150028996A1 (en) * 2013-07-25 2015-01-29 Bionym Inc. Preauthorized wearable biometric device, system and method for use thereof
CN103886204A (en) * 2014-03-24 2014-06-25 宇龙计算机通信科技(深圳)有限公司 Data storage device and method
CN103955823A (en) * 2014-05-14 2014-07-30 金陵科技学院 High-security portable collection and payment method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111224972A (en) * 2019-12-31 2020-06-02 航天信息股份有限公司 Method and system for retrieving account/password based on facial features

Also Published As

Publication number Publication date
CN106326705A (en) 2017-01-11

Similar Documents

Publication Publication Date Title
US11720656B2 (en) Live user authentication device, system and method
WO2018000396A1 (en) Authentication method and communication terminal
US9472033B2 (en) Preauthorized wearable biometric device, system and method for use thereof
US10475260B2 (en) Wearable electronic device having user identification function and user authentication method
US9942760B2 (en) Wearable device and a method for storing credentials associated with an electronic device in said wearable device
WO2017000357A1 (en) Authorization and authentication method and apparatus, and related devices
WO2016150154A1 (en) Method, apparatus, device, and system used for mobile authentication
US9699182B2 (en) Electrocardiogram (ECG) biometric authentication
WO2016082229A1 (en) Identity authentication method and wearable device
AU2017258710B2 (en) Method and system for authenticating a session on a communication device
KR102507269B1 (en) Sensor for improving securit using biometric data, mobile device including the sensor and authentification method of the mobile device
CN106101135A (en) A kind of account login system based on face and fingerprint recognition and its implementation
US20140045459A1 (en) Communication apparatus using biometrics
US20150264045A1 (en) Biometric personal authentication
KR20190090732A (en) Method for payment based on biometrics, user equipment and system for payment using the same
CN106446627A (en) Method and device for carrying out identity authentication at electronic terminal
WO2020223807A1 (en) Live user authentication device, system and method and fraud or collusion prevention using same
EP4107638A1 (en) Wearable devices and related systems for authenticating a user with surface electromyogram (semg)-signals
TWI536963B (en) Measuring device for electrocardiogram and measuring method for the measuring device
CN113140302A (en) Authority management method of mobile electrocardiogram equipment, mobile electrocardiogram equipment and storage medium
JP6450803B2 (en) Information processing apparatus, application software activation system, and application software activation method
JP2018084859A (en) Authentication system, authentication control apparatus, authentication apparatus and program
Enamamu Bioelectrical user authentication
CN108903935A (en) A kind of ventricular premature beat recognition methods, identifying system and electronic equipment
Liebers et al. Single-Sign-On in Smart Homes using Continuous Authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15896887

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 16/05/2018)

122 Ep: pct application non-entry in european phase

Ref document number: 15896887

Country of ref document: EP

Kind code of ref document: A1