WO2017028390A1 - Procédé d'authentification d'identité, terminal et serveur - Google Patents

Procédé d'authentification d'identité, terminal et serveur Download PDF

Info

Publication number
WO2017028390A1
WO2017028390A1 PCT/CN2015/095592 CN2015095592W WO2017028390A1 WO 2017028390 A1 WO2017028390 A1 WO 2017028390A1 CN 2015095592 W CN2015095592 W CN 2015095592W WO 2017028390 A1 WO2017028390 A1 WO 2017028390A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
fingerprint
identity
verification
server
Prior art date
Application number
PCT/CN2015/095592
Other languages
English (en)
Chinese (zh)
Inventor
曹义
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2017028390A1 publication Critical patent/WO2017028390A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Definitions

  • the present invention relates to the field of terminal technologies, and in particular, to an identity verification method, a terminal, and a server.
  • Password authentication means that after the user inputs the account information, the user also needs to provide a password for identity verification.
  • the terminal matches the password provided by the user with the preset password. If the matching is successful, the identity verification succeeds, otherwise the identity verification fails.
  • Fingerprint authentication is performed after the user inputs the account information, and the user also needs to provide fingerprint information for identity verification.
  • the terminal matches the fingerprint information provided by the user with the preset fingerprint information. If the matching is successful, the identity verification succeeds, otherwise the identity verification fails.
  • the present invention is based on the above problems, and proposes a new technical solution, which can improve the security and reliability of identity verification, and save production costs, thereby improving the user experience.
  • an identity verification method for a terminal, a package Include: generating an identity verification request according to the received identity verification instruction; sending the identity verification request to a server connected to the terminal, where the server controls the target terminal verification with the fingerprint verification function according to the identity verification request User fingerprint information received by the target terminal; and receiving a fingerprint information verification result from the server; determining whether to pass the identity verification according to the fingerprint information verification result.
  • the terminal by transmitting an authentication request generated according to an authentication instruction from a user to a server connected to the terminal, determining, by the server, a target terminal having a fingerprint authentication function according to the identity verification request, and notifying the identity verification request
  • the target terminal the user can input the user fingerprint information in the target terminal, and then the target terminal verifies the user fingerprint information.
  • the terminal determines whether to pass the verification according to the received fingerprint information verification result verified by the target terminal sent by the server. Authentication, the entire authentication process does not have a hard requirement on whether the terminal has the fingerprint verification function. Thus, the fingerprint verification is performed for the terminal without increasing the hardware cost of the terminal.
  • the terminal when the user owns multiple terminals, as long as one of the terminals supports fingerprint verification, the terminal can be used as the target terminal, and other terminals can indirectly use their fingerprint verification function for identity verification, which is not only improved compared with related technologies.
  • the security and reliability of authentication and the cost of production save the user experience.
  • the identity verification request includes identity information of the terminal, where the server determines, according to the identity information, the target terminal corresponding to the terminal; or the identity verification request includes The location information of the terminal, for the server to select the target terminal for the terminal within a predetermined distance range of the terminal according to the location information.
  • the identity request may include the identity information of the terminal (such as a user account).
  • the server may determine, according to the identity information of the terminal, that the terminal is fingerprinted or supported.
  • the target terminal for verification.
  • the identity request may further include location information of the terminal, so that the server may select the target terminal within a predetermined distance range of the terminal according to the received location information of the terminal.
  • the identity information and the location information of the terminal may also be included in the identity request.
  • the identity request includes but is not limited to the identity information and the location information, as long as the function of the solution can be implemented.
  • the attribute information of the terminal is applicable to this scheme.
  • a terminal comprising: a request generating unit that generates an identity verification request according to the received identity verification instruction; and a sending unit that sends the identity verification request a server connected to the terminal, wherein the server controls the target terminal having the fingerprint verification function to verify the user fingerprint information received by the target terminal according to the identity verification request; and the receiving unit receives the information from the server The fingerprint information verification result; the determining unit determines whether to pass the identity verification according to the fingerprint information verification result.
  • the terminal by transmitting an authentication request generated according to an authentication instruction from a user to a server connected to the terminal, determining, by the server, a target terminal having a fingerprint authentication function according to the identity verification request, and notifying the identity verification request
  • the target terminal the user can input the user fingerprint information in the target terminal, and then the target terminal verifies the user fingerprint information.
  • the terminal determines whether to pass the verification according to the received fingerprint information verification result verified by the target terminal sent by the server. Authentication, the entire authentication process does not have a hard requirement on whether the terminal has the fingerprint verification function. Thus, the fingerprint verification is performed for the terminal without increasing the hardware cost of the terminal.
  • the terminal when the user owns multiple terminals, as long as one of the terminals supports fingerprint verification, the terminal can be used as the target terminal, and other terminals can indirectly use their fingerprint verification function for identity verification, which is not only improved compared with related technologies.
  • the security and reliability of authentication and the cost of production save the user experience.
  • the identity verification request includes identity information of the terminal, where the server determines, according to the identity information, the target terminal corresponding to the terminal; or the identity verification request includes The location information of the terminal, for the server to select the target terminal for the terminal within a predetermined distance range of the terminal according to the location information.
  • the identity request may include the identity information of the terminal (such as a user account).
  • the server may determine, according to the identity information of the terminal, that the terminal is fingerprinted or supported.
  • the target terminal for verification.
  • the identity request may further include location information of the terminal, so that the server may select the target terminal within a predetermined distance range of the terminal according to the received location information of the terminal.
  • the identity information and the location information of the terminal may also be included in the identity request.
  • the identity request includes but is not limited to the identity information and the location information, as long as the function of the solution can be implemented.
  • the attribute information of the terminal is applicable to this scheme.
  • an authentication method for a server, comprising: receiving an identity verification request of a terminal connected to the server; and controlling fingerprint verification according to the identity verification request of the terminal.
  • the target terminal of the function verifies the user fingerprint received by the target terminal And receiving the fingerprint information verification result from the target terminal; and sending the fingerprint information verification result to the terminal, so that the terminal determines whether to pass the identity verification according to the fingerprint information verification result.
  • the target terminal having the fingerprint verification function is determined according to the received identity verification request from the terminal, and the target terminal is controlled to open the fingerprint verification function, and the user fingerprint information received by the target terminal is verified, and then The received fingerprint information verification result returned from the target terminal is sent to the terminal, so that the terminal determines whether to pass the identity verification according to the fingerprint information verification result, and the entire identity verification process does not have a hard requirement for the terminal to have the fingerprint verification function, and the server serves as the communication.
  • the intermediary controls the target terminal with the fingerprint verification function to perform the fingerprint verification process, thus implementing fingerprint verification for the terminal without increasing the hardware cost of the terminal.
  • the terminal when the user owns multiple terminals, as long as one of the terminals supports fingerprint verification, the terminal can be used as the target terminal, and other terminals can use the fingerprint verification function to perform identity verification indirectly through the server, compared with related technologies. It not only improves the security and reliability of authentication, but also saves production costs, thereby improving the user experience.
  • the server when an unexpected situation occurs in the target terminal (for example, downtime, insufficient power, etc.), the server will provide feedback information to the terminal according to the actual situation, for example, an unexpected prompt may be given, or the current optimal authentication may be selected for the terminal. The way and give hints for the user to choose, further improving the applicability of authentication.
  • the identity verification request includes the identity information of the terminal, and before the controlling the target terminal having the fingerprint verification function to verify the user fingerprint information received by the target terminal, the method further includes: And associating the identity information of the terminal with any terminal having a fingerprint verification function according to the received setting command, for setting the any terminal after receiving the identity verification request of the terminal For the target terminal.
  • the server acts as a communication intermediary and controller for the terminal to perform fingerprint verification indirectly through the target terminal, and firstly establishes an association relationship between the terminal and the target terminal.
  • the identity information of the terminal may be determined according to the received setting command.
  • the server may determine the set or according to the identity information of the terminal.
  • a target terminal capable of supporting fingerprint verification of a terminal.
  • the identity verification request includes location information of the terminal, and verifying, by the target terminal having the fingerprint verification function, that the target terminal receives the Before the fingerprint information, the method further includes: determining at least one other terminal within a predetermined distance range of the terminal; selecting, in the at least one other terminal, a terminal having the smallest distance from the terminal as the target terminal, or receiving according to the And a selection command to select the target terminal for the terminal in the at least one other terminal.
  • the identity verification request may further include location information of the terminal.
  • at least one other terminal within a predetermined distance range of the terminal may also be determined as the target terminal.
  • the server may be based on the received terminal.
  • the location information is selected within a predetermined distance of the terminal to select the target terminal.
  • the identity information and the location information of the terminal may also be included in the identity request.
  • the identity request includes but is not limited to the identity information and the location information, as long as the function of the solution can be implemented.
  • the attribute information of the terminal is applicable to this scheme.
  • the server may also prompt the at least one other terminal that meets the condition to the terminal, so that the user can select the target terminal according to actual needs, and the server selects the target terminal for the terminal in at least one other terminal when receiving the selection command, thereby improving the target terminal.
  • the flexibility and diversity of the target terminal selection method enhances the user experience.
  • the method before receiving the identity verification request of the terminal connected to the server, the method further includes: receiving initial fingerprint information of the terminal from any other terminal; and having, in the control, Before the target terminal of the fingerprint verification function verifies the user fingerprint information received by the target terminal, the method further includes: sending the initial fingerprint information of the terminal to the selected target terminal, for the target terminal to perform Fingerprint verification.
  • the initial fingerprint information of the user from any other terminal received before the identity verification is performed is stored, and the initial fingerprint information is sent to the control target terminal before the received user fingerprint information is verified.
  • the selected target terminal is used for the target terminal to match the user fingerprint information with the initial fingerprint information, that is, as long as the user who has entered the fingerprint information on other terminals having the fingerprint verification function can perform identity When verifying, select the terminal that has entered the fingerprint information as the target terminal.
  • a server comprising: a first receiving unit that receives an identity verification request of a terminal connected to the server; and a control verification unit that controls according to the identity verification request of the terminal
  • the target terminal having the fingerprint verification function verifies the user fingerprint information received by the target terminal; the second receiving unit receives the fingerprint information verification result from the target terminal; the first sending unit sends the fingerprint information verification result to The terminal is provided by the terminal according to the terminal
  • the fingerprint information verification result determines whether or not the authentication is performed.
  • the target terminal having the fingerprint verification function is determined according to the received identity verification request from the terminal, and the target terminal is controlled to open the fingerprint verification function, and the user fingerprint information received by the target terminal is verified, and then The received fingerprint information verification result returned from the target terminal is sent to the terminal, so that the terminal determines whether to pass the identity verification according to the fingerprint information verification result, and the entire identity verification process does not have a hard requirement for the terminal to have the fingerprint verification function, and the server serves as the communication.
  • the intermediary controls the target terminal with the fingerprint verification function to perform the fingerprint verification process, thus implementing fingerprint verification for the terminal without increasing the hardware cost of the terminal.
  • the terminal when the user owns multiple terminals, as long as one of the terminals supports fingerprint verification, the terminal can be used as the target terminal, and other terminals can use the fingerprint verification function to perform identity verification indirectly through the server, compared with related technologies. It not only improves the security and reliability of authentication, but also saves production costs, thereby improving the user experience.
  • the server when an unexpected situation occurs in the target terminal (for example, downtime, insufficient power, etc.), the server will provide feedback information to the terminal according to the actual situation, for example, an unexpected prompt may be given, or the current optimal authentication may be selected for the terminal.
  • an unexpected prompt may be given, or the current optimal authentication may be selected for the terminal.
  • the identity verification request includes identity information of the terminal
  • the server further includes: a setting unit, where the target terminal having the fingerprint verification function is controlled to verify that the target terminal receives Before the user fingerprint information, according to the received setting command, associating the identity information of the terminal with any terminal having a fingerprint verification function, for receiving the identity verification request of the terminal, Any one of the terminals is set as the target terminal.
  • the server acts as a communication intermediary and controller for the terminal to perform fingerprint verification indirectly through the target terminal, and firstly establishes an association relationship between the terminal and the target terminal.
  • the identity information of the terminal may be determined according to the received setting command.
  • the server may determine the set or according to the identity information of the terminal.
  • a target terminal capable of supporting fingerprint verification of a terminal.
  • the identity verification request includes location information of the terminal
  • the server further includes: a determining unit, where the target terminal having the fingerprint verification function is controlled to verify that the target terminal receives Determining at least one other terminal within a predetermined distance range of the terminal before the user fingerprint information; selecting a unit according to the received selection Commanding, in the at least one other terminal, selecting the target terminal for the terminal.
  • the identity verification request may further include location information of the terminal.
  • at least one other terminal within a predetermined distance range of the terminal may also be determined as the target terminal.
  • the server may be based on the received terminal.
  • the location information is selected within a predetermined distance of the terminal to select the target terminal.
  • the identity information and the location information of the terminal may also be included in the identity request.
  • the identity request includes but is not limited to the identity information and the location information, as long as the function of the solution can be implemented.
  • the attribute information of the terminal is applicable to this scheme.
  • the server may also prompt the at least one other terminal that meets the condition to the terminal, so that the user can select the target terminal according to actual needs, and the server selects the target terminal for the terminal in at least one other terminal when receiving the selection command, thereby improving the target terminal.
  • the flexibility and diversity of the target terminal selection method enhances the user experience.
  • the method further includes: receiving, by the third receiving unit, initial fingerprint information of the terminal from any other terminal before receiving the identity verification request of the terminal connected to the server; a second sending unit, before the controlling the target terminal having the fingerprint verification function to verify the user fingerprint information received by the target terminal, sending the initial fingerprint information of the terminal to the selected target terminal, For the target terminal to perform fingerprint verification.
  • the initial fingerprint information of the user from any other terminal received before the identity verification is performed is stored, and the initial fingerprint information is sent to the control target terminal before the received user fingerprint information is verified.
  • the selected target terminal is used for the target terminal to match the user fingerprint information with the initial fingerprint information, that is, as long as the user who has entered the fingerprint information on other terminals having the fingerprint verification function can perform identity When verifying, select the terminal that has entered the fingerprint information as the target terminal.
  • the fingerprint verification for the terminal is realized without increasing the hardware cost of the terminal, and compared with the related technology, the security and reliability of the identity verification are not only improved, and the production cost is saved, thereby improving The user experience.
  • FIG. 1 is a flow chart showing an identity verification method according to an embodiment of the present invention.
  • Figure 2 shows a block diagram of a terminal in accordance with one embodiment of the present invention
  • FIG. 3 shows a flow chart of an identity verification method according to another embodiment of the present invention.
  • Figure 4 shows a block diagram of a server in accordance with one embodiment of the present invention
  • Figure 5 shows a schematic diagram of an identity verification system in accordance with one embodiment of the present invention
  • FIG. 6 shows a flow chart of an identity verification method according to still another embodiment of the present invention.
  • FIG. 1 shows a flow chart of an identity verification method in accordance with one embodiment of the present invention.
  • an identity verification method is used for a terminal, including: Step 102, generating an identity verification request according to the received identity verification instruction; Step 104, sending the identity verification request to a server connected to the terminal, wherein the server controls, according to the identity verification request, a target terminal having a fingerprint verification function to verify user fingerprint information received by the target terminal; and step 106, and receiving fingerprint information verification from the server. As a result; step 108, determining whether to pass the identity verification according to the fingerprint information verification result.
  • the terminal by transmitting an authentication request generated according to an authentication instruction from a user to a server connected to the terminal, determining, by the server, a target terminal having a fingerprint authentication function according to the identity verification request, and notifying the identity verification request
  • the target terminal the user can input the user fingerprint information in the target terminal, and then the target terminal verifies the user fingerprint information.
  • the terminal determines whether to pass the verification according to the received fingerprint information verification result verified by the target terminal sent by the server. Authentication, the entire authentication process does not have a hard requirement on whether the terminal has the fingerprint verification function. Thus, the fingerprint verification is performed for the terminal without increasing the hardware cost of the terminal.
  • the terminal when the user owns multiple terminals, as long as one of the terminals supports fingerprint verification, the terminal can be used as the target terminal, and other terminals can indirectly make Using its fingerprint verification function for authentication, compared with related technologies, not only improves the security and reliability of authentication, but also saves production costs, thereby improving the user experience.
  • the identity verification request includes identity information of the terminal, where the server determines, according to the identity information, the target terminal corresponding to the terminal; or the identity verification request includes The location information of the terminal, for the server to select the target terminal for the terminal within a predetermined distance range of the terminal according to the location information.
  • the identity request may include the identity information of the terminal (such as a user account).
  • the server may determine, according to the identity information of the terminal, that the terminal is fingerprinted or supported.
  • the target terminal for verification.
  • the identity request may further include location information of the terminal, so that the server may select the target terminal within a predetermined distance range of the terminal according to the received location information of the terminal.
  • the identity information and the location information of the terminal may also be included in the identity request.
  • the identity request includes but is not limited to the identity information and the location information, as long as the function of the solution can be implemented.
  • the attribute information of the terminal is applicable to this scheme.
  • Figure 2 shows a block diagram of a terminal in accordance with one embodiment of the present invention.
  • the terminal 200 of an embodiment of the present invention includes: a request generating unit 202, generating an identity verification request according to the received identity verification instruction; and a sending unit 204, sending the identity verification request to the a server connected to the terminal 200, wherein the server controls the target terminal having the fingerprint verification function to verify the user fingerprint information received by the target terminal according to the identity verification request; and the receiving unit 206 receives the fingerprint information from the server
  • the verification result deterministic unit 208 determines whether to pass the identity verification according to the verification result of the fingerprint information.
  • the target terminal having the fingerprint authentication function is determined according to the identity verification request via the server, and the authentication request is requested Informing the target terminal
  • the user can input the user fingerprint information at the target terminal, and then the target terminal verifies the user fingerprint information.
  • the terminal 200 determines the fingerprint information verification result verified by the target terminal sent by the server. Whether it is authenticated, the entire authentication process is final Whether the terminal 200 has the fingerprint verification function has no hard requirement, and thus, the terminal 200 performs fingerprint verification without increasing the hardware cost of the terminal 200.
  • the terminal 200 can be used as the target terminal, and the other terminals 200 can indirectly use the fingerprint verification function for identity verification, and related technologies. Compared, it not only improves the security and reliability of authentication, but also saves production costs, thereby improving the user experience.
  • the identity verification request includes identity information of the terminal 200, where the server determines, according to the identity information, the target terminal corresponding to the terminal 200; or the identity verification.
  • the request includes location information of the terminal 200 for the server to select the target terminal for the terminal 200 within a predetermined distance range of the terminal 200 according to the location information.
  • the identity request may include identity information (such as a user account) of the terminal 200.
  • the server may determine, according to the identity information of the terminal 200, that the terminal is set or can support the terminal. 200 target terminal for fingerprint verification.
  • the identity request may further include location information of the terminal 200.
  • the server may select the target terminal within a predetermined distance range of the terminal 200 according to the received location information of the terminal 200.
  • the identity information and the location information of the terminal 200 may also be included in the identity request.
  • the identity request includes, but is not limited to, identity information and location information, as long as the solution can be implemented.
  • the attribute information of the functional terminal 200 is applicable to the present scheme.
  • FIG. 3 shows a flow chart of an identity verification method according to another embodiment of the present invention.
  • an identity verification method is used for a server, including: Step 302, receiving an identity verification request of a terminal connected to the server; Step 304, according to the terminal An authentication request, controlling a target terminal having a fingerprint verification function to verify user fingerprint information received by the target terminal; step 306, receiving a fingerprint information verification result from the target terminal; and step 308, transmitting the fingerprint information verification result to The terminal, for the terminal to determine whether to pass the identity verification according to the fingerprint information verification result.
  • the server acts as a communication intermediary, and controls the target terminal with the fingerprint verification function to perform the fingerprint verification process. Fingerprint verification for the terminal without increasing the hardware cost of the terminal.
  • the terminal when the user owns multiple terminals, as long as one of the terminals supports fingerprint verification, the terminal can be used as the target terminal, and other terminals can use the fingerprint verification function to perform identity verification indirectly through the server, compared with related technologies. It not only improves the security and reliability of authentication, but also saves production costs, thereby improving the user experience.
  • the server when an unexpected situation occurs in the target terminal (for example, downtime, insufficient power, etc.), the server will provide feedback information to the terminal according to the actual situation, for example, an unexpected prompt may be given, or the current optimal authentication may be selected for the terminal.
  • an unexpected prompt may be given, or the current optimal authentication may be selected for the terminal.
  • the identity verification request includes identity information of the terminal
  • the identity information of the terminal is Any terminal having a fingerprint verification function is associated for setting the any terminal as the target terminal upon receiving the identity verification request of the terminal.
  • the server acts as a communication intermediary and controller for the terminal to perform fingerprint verification indirectly through the target terminal, and firstly establishes an association relationship between the terminal and the target terminal.
  • the identity information of the terminal may be determined according to the received setting command.
  • the server may determine the set or according to the identity information of the terminal.
  • a target terminal capable of supporting fingerprint verification of a terminal.
  • the identity verification request includes location information of the terminal, and before the step 304, further comprising: determining at least one other terminal within a predetermined distance range of the terminal; Determining, as the target terminal, a terminal having the smallest distance from the terminal among the at least one other terminal, or selecting the target terminal for the terminal in the at least one other terminal according to the received selection command.
  • the identity verification request may further include location information of the terminal.
  • at least one other terminal within a predetermined distance range of the terminal may also be determined as the target terminal.
  • the server may be based on the received terminal.
  • the location information is selected within a predetermined distance of the terminal to select the target terminal.
  • the identity information and the location information of the terminal may also be included in the identity request.
  • the identity request includes but is not limited to the identity information and the location information, as long as the function of the solution can be implemented.
  • the attribute information of the terminal is applicable to this scheme.
  • the server may also prompt the at least one other terminal that meets the condition to the terminal, so that the user can select the target terminal according to actual needs, and the server selects the target terminal for the terminal in at least one other terminal when receiving the selection command, thereby improving the target terminal.
  • the flexibility and diversity of the target terminal selection method enhances the user experience.
  • the method further includes: receiving initial fingerprint information of the terminal from any other terminal; and before the step 304, further comprising: The initial fingerprint information is sent to the selected target terminal for the target terminal to perform fingerprint verification.
  • the initial fingerprint information of the user from any other terminal received before the identity verification is performed is stored, and the initial fingerprint information is sent to the control target terminal before the received user fingerprint information is verified.
  • the selected target terminal is used for the target terminal to match the user fingerprint information with the initial fingerprint information, that is, as long as the user who has entered the fingerprint information on other terminals having the fingerprint verification function can perform identity When verifying, select the terminal that has entered the fingerprint information as the target terminal.
  • Figure 4 shows a block diagram of a server in accordance with one embodiment of the present invention.
  • the server 400 of an embodiment of the present invention includes: a first receiving unit 402, which receives an identity verification request of a terminal connected to the server 400; and a control verification unit 404, according to the terminal
  • the first verification unit 406 receives the fingerprint information verification result received by the target terminal, and the first sending unit 408, The fingerprint information verification result is sent to the terminal, so that the terminal determines whether to pass the identity verification according to the fingerprint information verification result.
  • the target terminal having the fingerprint verification function is determined according to the received identity verification request from the terminal, and the target terminal is controlled to open the fingerprint verification function, and the user fingerprint information received by the target terminal is verified, and then The received fingerprint information verification result returned from the target terminal is sent to the terminal, so that the terminal determines whether to pass the identity verification according to the fingerprint information verification result, and the entire identity verification process does not have a hard requirement on whether the terminal has the fingerprint verification function, and is used by the server 400.
  • the communication intermediary controls the target terminal with the fingerprint verification function to perform the fingerprint verification process, thus implementing fingerprint verification for the terminal without increasing the hardware cost of the terminal.
  • the terminal when the user owns multiple terminals, as long as one of the terminals supports fingerprint verification, the terminal can be used as the target terminal, and other terminals can use the fingerprint verification function to perform identity verification indirectly through the server 400, compared with related technologies. It not only improves the security and reliability of authentication, but also saves production costs, thereby improving the user experience.
  • the server 400 may provide feedback information to the terminal according to actual conditions, for example, may give an unexpected prompt, or select a current optimal identity for the terminal.
  • the verification method and prompts are provided for the user to select, which further improves the applicability of the authentication.
  • the identity verification request includes identity information of the terminal
  • the server 400 further includes: a setting unit 410, where the target terminal that controls the fingerprint verification function is used to verify the target terminal Before receiving the user fingerprint information, according to the received setting command, associating the identity information of the terminal with any terminal having a fingerprint verification function, for receiving the identity verification request of the terminal And setting any one of the terminals as the target terminal.
  • the server 400 acts as a communication intermediary and controller for indirectly performing fingerprint verification by the target terminal, and firstly establishes an association relationship between the terminal and the target terminal.
  • the identity of the terminal may be determined according to the received setting command.
  • the information is associated with any terminal having a fingerprint verification function, wherein the identity information of the terminal may be included in the identity verification request, such that when the identity request is sent to the server, the server may determine the set according to the identity information of the terminal.
  • a target terminal capable of supporting fingerprint verification of the terminal.
  • the identity verification request includes location information of the terminal
  • the server 400 further includes: a determining unit 412, where the control has a fingerprint Determining at least one other terminal within a predetermined distance range of the terminal before the target terminal of the verification function verifies the user fingerprint information received by the target terminal; the selecting unit 414, in the at least one other according to the received selection command The target terminal is selected for the terminal in the terminal.
  • the identity verification request may further include location information of the terminal.
  • at least one other terminal within a predetermined distance range of the terminal may also be determined as the target terminal.
  • the server may be based on the received terminal.
  • the location information is selected within a predetermined distance of the terminal to select the target terminal.
  • the identity information and the location information of the terminal may also be included in the identity request.
  • the identity request includes but is not limited to the identity information and the location information, as long as the function of the solution can be implemented.
  • the attribute information of the terminal is applicable to this scheme.
  • the server 400 can also prompt the at least one other terminal that meets the condition to the terminal, so that the user can select the target terminal according to actual needs, and the server 400 selects the target terminal for the terminal in at least one other terminal when receiving the selection command.
  • the user experience is enhanced by increasing the flexibility and diversity of the target terminal selection method.
  • the method further includes: a third receiving unit 416, receiving initial fingerprint information of the terminal from any other terminal before receiving the identity verification request of the terminal connected to the server 400 And the second sending unit 418, before the controlling the target terminal having the fingerprint verification function to verify the user fingerprint information received by the target terminal, sending the initial fingerprint information of the terminal to the selected a target terminal for performing fingerprint verification on the target terminal.
  • the initial fingerprint information of the user from any other terminal received before the identity verification is performed is stored, and the initial fingerprint information is sent to the control target terminal before the received user fingerprint information is verified.
  • the selected target terminal is used for the target terminal to match the user fingerprint information with the initial fingerprint information, that is, as long as the user who has entered the fingerprint information on other terminals having the fingerprint verification function can perform identity When verifying, select the terminal that has entered the fingerprint information as the target terminal.
  • Figure 5 shows a schematic diagram of an identity verification system in accordance with one embodiment of the present invention.
  • the embodiment provides a fingerprint terminal (terminal) when the client (such as WeChat, Alipay, etc., or a certain software) is logged in to the non-fingerprint terminal (the terminal does not support the fingerprint authentication, that is, the terminal). Support fingerprint authentication, that is, the target terminal) login method for authentication.
  • the non-fingerprint terminal is connected to the fingerprint terminal through a remote server.
  • the fingerprint terminal includes: a fingerprint module, a storage module, a communication module, and a processor CPU;
  • the non-fingerprint terminal includes: a storage module, a communication module, and a processor CPU;
  • the communication connection is made through the server.
  • FIG. 6 shows a flow chart of an identity verification method according to still another embodiment of the present invention.
  • the flow of the identity verification method according to still another embodiment of the present invention includes:
  • step 602 the user starts the client on the non-fingerprint terminal.
  • step 604 the user inputs the client account (ie, identity information) in the non-fingerprint terminal.
  • Step 606 The client on the non-fingerprint terminal requests fingerprint verification (that is, generates an identity verification request according to the received identity verification command), and notifies the server of the account to be logged in on the device (ie, sends the identity verification request to the location) Said server connected to the terminal).
  • Step 608 The server sends a fingerprint verification request to the client on the fingerprint terminal corresponding to the account (that is, the server controls the target terminal with the fingerprint verification function to verify the user received by the target terminal according to the identity verification request of the terminal. Fingerprint information).
  • Step 610 The client on the fingerprint terminal returns a fingerprint verification result to the server (that is, the server receives the fingerprint information verification result from the target terminal).
  • Step 612 The server returns a fingerprint verification result to the client on the non-fingerprint terminal (ie, the terminal receives the fingerprint information verification result from the server).
  • Step 614 If the fingerprint verification is passed, the client on the non-fingerprint terminal logs in; otherwise, the account verification fails.
  • the fingerprint verification is performed for the terminal without increasing the hardware cost of the terminal.
  • the terminal can be used as the target terminal, and other terminals are It can indirectly use its fingerprint verification function for authentication. Compared with related technologies, it not only improves the security and reliability of authentication, but also saves production costs, thereby improving the user experience.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Collating Specific Patterns (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

La présente invention concerne un procédé d'authentification d'identité, un terminal et un serveur. Le procédé d'authentification d'identité comprend les étapes consistant : à générer une demande d'authentification d'identité conformément à une instruction d'authentification d'identité reçue ; à transmettre la demande d'authentification d'identité à un serveur connecté à un terminal, de telle sorte que le serveur peut commander, en fonction de la demande d'authentification d'identité, un terminal cible ayant une fonction d'authentification par empreintes digitales pour authentifier des informations d'empreintes digitales d'un utilisateur reçues par le terminal cible ; à recevoir un résultat d'authentification d'informations d'empreintes digitales provenant du serveur ; à déterminer, selon le résultat d'authentification d'informations d'empreinte digitale, si l'authentification d'identité réussi. Au moyen de la solution technique de la présente invention, une authentification par empreinte digitale peut être effectuée pour un terminal sans augmenter le coût du matériel d'un terminal, et, par rapport à l'état de la technique, la sécurité et la fiabilité de l'authentification d'identité sont non seulement améliorées, mais le coût de production est réduit, de telle sorte que l'expérience de l'utilisateur est améliorée.
PCT/CN2015/095592 2015-08-18 2015-11-26 Procédé d'authentification d'identité, terminal et serveur WO2017028390A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510508977.9A CN105025039B (zh) 2015-08-18 2015-08-18 身份验证方法、终端和服务器
CN201510508977.9 2015-08-18

Publications (1)

Publication Number Publication Date
WO2017028390A1 true WO2017028390A1 (fr) 2017-02-23

Family

ID=54414743

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/095592 WO2017028390A1 (fr) 2015-08-18 2015-11-26 Procédé d'authentification d'identité, terminal et serveur

Country Status (2)

Country Link
CN (1) CN105025039B (fr)
WO (1) WO2017028390A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022022479A1 (fr) * 2020-07-30 2022-02-03 华为技术有限公司 Procédé et appareil de commande de dispositif
CN114867017A (zh) * 2022-03-22 2022-08-05 支付宝(杭州)信息技术有限公司 一种身份认证方法、装置、设备及系统

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107563842A (zh) * 2017-08-08 2018-01-09 上海斐讯数据通信技术有限公司 一种基于指纹识别的购票系统及购票方法
CN107770284A (zh) * 2017-11-09 2018-03-06 四川研宝科技有限公司 一种基于用户生理特征和地理位置的数据交互系统及方法
CN107862193A (zh) * 2017-11-09 2018-03-30 四川研宝科技有限公司 一种基于用户生理特征的数据交互系统及方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1420659A (zh) * 2001-10-31 2003-05-28 雅马哈株式会社 通过网络认证和验证用户和计算机的方法和设备
US20040135801A1 (en) * 2003-01-15 2004-07-15 Thompson Gregory K. Authentication device, system and methods
CN103186769A (zh) * 2011-12-31 2013-07-03 大唐电信(天津)通信终端制造有限公司 一种指纹验证的方法、系统及一种指纹采集器
CN104640112A (zh) * 2013-11-15 2015-05-20 深圳市腾讯计算机系统有限公司 一种身份鉴权方法、装置及系统

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060206723A1 (en) * 2004-12-07 2006-09-14 Gil Youn H Method and system for integrated authentication using biometrics
US20110083018A1 (en) * 2009-10-06 2011-04-07 Validity Sensors, Inc. Secure User Authentication
CN102306286A (zh) * 2011-08-24 2012-01-04 宇龙计算机通信科技(深圳)有限公司 身份识别方法、身份识别系统及身份识别终端
CN104182670B (zh) * 2013-05-21 2017-12-22 百度在线网络技术(北京)有限公司 通过穿戴式设备进行认证的方法和穿戴式设备
CN103634292B (zh) * 2013-10-11 2017-05-24 金硕澳门离岸商业服务有限公司 通信信息传输方法和系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1420659A (zh) * 2001-10-31 2003-05-28 雅马哈株式会社 通过网络认证和验证用户和计算机的方法和设备
US20040135801A1 (en) * 2003-01-15 2004-07-15 Thompson Gregory K. Authentication device, system and methods
CN103186769A (zh) * 2011-12-31 2013-07-03 大唐电信(天津)通信终端制造有限公司 一种指纹验证的方法、系统及一种指纹采集器
CN104640112A (zh) * 2013-11-15 2015-05-20 深圳市腾讯计算机系统有限公司 一种身份鉴权方法、装置及系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022022479A1 (fr) * 2020-07-30 2022-02-03 华为技术有限公司 Procédé et appareil de commande de dispositif
CN114867017A (zh) * 2022-03-22 2022-08-05 支付宝(杭州)信息技术有限公司 一种身份认证方法、装置、设备及系统

Also Published As

Publication number Publication date
CN105025039A (zh) 2015-11-04
CN105025039B (zh) 2018-09-14

Similar Documents

Publication Publication Date Title
US12011094B2 (en) Multi-factor authentication with increased security
WO2017028390A1 (fr) Procédé d'authentification d'identité, terminal et serveur
US10171241B2 (en) Step-up authentication for single sign-on
CN111093197B (zh) 权限认证方法、权限认证系统和计算机可读存储介质
US8955076B1 (en) Controlling access to a protected resource using multiple user devices
US8402552B2 (en) System and method for securely accessing mobile data
KR101451359B1 (ko) 사용자 계정 회복
US7581111B2 (en) System, method and apparatus for transparently granting access to a selected device using an automatically generated credential
CN106161348B (zh) 一种单点登录的方法、系统以及终端
CN107241329B (zh) 账号登录处理方法及装置
US9853971B2 (en) Proximity based authentication using bluetooth
EP3335142B1 (fr) Système d'authentification de dispositifs
US20170041320A1 (en) Credential-free identification and authentication
US20150013003A1 (en) Verification application, method, electronic device and computer program
KR20240023589A (ko) 온라인 서비스 서버와 클라이언트 간의 상호 인증 방법 및 시스템
US10354243B2 (en) Authentication method and a server
JP6343928B2 (ja) 携帯端末、認証システム、認証方法、および、認証プログラム
CN109428869B (zh) 钓鱼攻击防御方法和授权服务器
JP6273240B2 (ja) 継承システム、サーバ装置、端末装置、継承方法及び継承プログラム
CN107483466B (zh) 一种Web应用中用户登录验证方法及装置
US10546115B2 (en) Method for authenticating a user device during the process of logging into a server
CN117134983A (zh) 一种基于前后置的信息交换方法及系统
CN115913743A (zh) 一种终端安全登录方法及装置
TWI406190B (zh) 存取控制系統與電腦系統
CN116962088A (zh) 登录认证方法、零信任控制器及电子设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15901594

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15901594

Country of ref document: EP

Kind code of ref document: A1