WO2017071498A1 - Procédé et dispositif d'authentification d'identité - Google Patents

Procédé et dispositif d'authentification d'identité Download PDF

Info

Publication number
WO2017071498A1
WO2017071498A1 PCT/CN2016/102368 CN2016102368W WO2017071498A1 WO 2017071498 A1 WO2017071498 A1 WO 2017071498A1 CN 2016102368 W CN2016102368 W CN 2016102368W WO 2017071498 A1 WO2017071498 A1 WO 2017071498A1
Authority
WO
WIPO (PCT)
Prior art keywords
operation gesture
character
character string
string
data
Prior art date
Application number
PCT/CN2016/102368
Other languages
English (en)
Chinese (zh)
Inventor
杨霞
林陆一
郝允允
李轶峰
Original Assignee
腾讯科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 腾讯科技(深圳)有限公司 filed Critical 腾讯科技(深圳)有限公司
Publication of WO2017071498A1 publication Critical patent/WO2017071498A1/fr
Priority to US15/817,014 priority Critical patent/US10657244B2/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to an identity verification method and apparatus.
  • Information security is not only related to people's personal privacy, but also has a great relationship with people's personal property security. Therefore, how to ensure information security has always been a concern of people.
  • authentication is generally used to ensure information security.
  • the prior art in the case of a mobile phone, the prior art generally sets a corresponding lock screen password for the mobile phone. To unlock, the corresponding authentication information is provided to prevent strangers from using the mobile phone.
  • the user In the existing authentication method, the user generally inputs the corresponding password through the keyboard to provide authentication information.
  • this method is not very secure, and authentication information is easily stolen by illegal intruders, such as stealing passwords through keyboard hooks, and so on. Therefore, the prior art also proposes a scheme for authenticating using biometric features such as fingerprints, irises, or faces.
  • the user may collect biometric information such as a fingerprint, an iris, or a face through a fingerprint acquisition module, an iris acquisition module, or a camera, and then use the biometric information to encrypt an object that needs to be encrypted, such as a lock screen, or a pair.
  • biometric information such as a fingerprint, an iris, or a face
  • a fingerprint acquisition module such as a fingerprint acquisition module
  • iris acquisition module such as a camera
  • the album is encrypted, etc., if you want to access the object later, you only need to scan the fingerprint, iris or face.
  • the inventors of the present invention found that existing Although the method of using biometrics for identity verification can improve security, the device needs to configure corresponding acquisition modules, such as a fingerprint collection module or an iris acquisition module, and the algorithms involved are more complicated, and the processing efficiency is low.
  • the embodiment of the invention provides an identity verification method and device, which can simplify operation and improve processing efficiency while ensuring security.
  • An embodiment of the present invention provides an identity verification method, including:
  • the data access request indicating data that needs to be accessed
  • the authentication interface includes an authentication information input interface
  • the data is allowed to be accessed.
  • An embodiment of the present invention further provides an identity verification apparatus, including:
  • a receiving unit configured to receive a data access request, where the data access request indicates data that needs to be accessed
  • Activating unit configured to start an authentication interface of the data according to the data access request, where the authentication interface includes an authentication information input interface;
  • An acquiring unit configured to acquire a first operation gesture of the user on the touch panel when the authentication information input interface is activated
  • a generating unit configured to generate a corresponding first character string according to the preset rule according to the first operation gesture
  • a processing unit configured to: when the first string is matched with preset verification information, Allow access to the data.
  • the technical solution provided by the embodiment of the present invention does not need to receive the character input by the user through the keyboard, but acquires the operation gesture of the user through the touchpad, thereby avoiding theft of the authentication information by the keyboard hook.
  • the solution does not need to be equipped with an additional fingerprint or iris acquisition module, and does not require complicated processing, thereby greatly simplifying the operation and improving the processing efficiency.
  • FIG. 1 is a schematic diagram of a scenario of an identity verification method according to an embodiment of the present invention
  • FIG. 1b is a flowchart of an identity verification method according to an embodiment of the present invention.
  • FIG. 1c is a flowchart of a data encryption method according to an embodiment of the present invention.
  • FIG. 3 is still another flowchart of an identity verification method according to an embodiment of the present invention.
  • FIG. 4a is a schematic structural diagram of an identity verification apparatus according to an embodiment of the present invention.
  • FIG. 4b is another schematic structural diagram of an identity verification apparatus according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of hardware of an identity verification apparatus according to an embodiment of the present invention.
  • FIG. 5b is a schematic diagram of another hardware structure of an identity verification apparatus according to an embodiment of the present invention.
  • the embodiments of the present invention provide an identity verification method and apparatus, which are respectively described in detail below.
  • FIG. 1 is a schematic diagram of a scenario of an identity verification method according to an embodiment of the present invention.
  • the scenarios applied by the method include a touch panel of the terminal and the terminal.
  • the terminal stores data that the user wants to access, and the touchpad can be used for the user to perform tap or click operations.
  • a data access request can be sent to the terminal where the file is located.
  • the terminal may initiate an authentication interface of the data according to the data access request.
  • the authentication interface includes an authentication information input interface.
  • the terminal acquires a first operation gesture of the user on the touch panel, such as tapping or tapping, and then, according to the first operation gesture, generates a corresponding according to a preset rule.
  • the first string and use the first string for authentication. For example, it is determined whether the first string matches the preset verification information. If it matches, the user is allowed to access the data, such as accessing the file; otherwise, the user is denied access to the data.
  • an identity verification device which may be integrated in a terminal or other device that needs to be authenticated.
  • the identity verification device may be integrated in a tablet or a laptop, etc. Wait.
  • a touch panel which may be a hardware device of the terminal or the device itself, or an external device.
  • FIG. 1b is a flowchart of an identity verification method according to an embodiment of the present invention. As shown in FIG. 1b, the specific process of the identity verification method may include the following steps:
  • Step 101 Receive a data access request.
  • a data access request triggered by a user is received, or a data access request sent by another device is received, where the data access request indicates data that needs to be accessed, and the data may include specific information, a file, and a terminal application.
  • the data access request may specifically be a screen unlock request, an application access request or a file access request, and the like.
  • Step 102 Start an authentication interface of the data according to the data access request, where the authentication interface includes an authentication information input interface.
  • the screen unlocking interface of the terminal may be activated according to the unlocking request of the screen, wherein the screen unlocking interface may further include an authentication information input interface, such as a password input box or an input area.
  • an authentication information input interface such as a password input box or an input area.
  • Step 103 Acquire an operation gesture of the user on the touch panel when the authentication information input interface is activated. For example, touch the touchpad or click on the touchpad, etc., simply tap or tap.
  • the embodiment of the present invention refers to the operation gesture as a first operation gesture.
  • the manner of activating the authentication information input interface may be various. For example, when determining a user selection, such as clicking or sliding, the authentication information input interface may determine the authentication information input interface. It is activated; or, when the input cursor is flashing at the authentication information input interface, such as the password input box, it can be determined that the authentication information input interface is activated.
  • the touch panel refers to an input device that uses a sliding operation of a finger on the board to move the cursor.
  • the touch method may include a pressure touch (Force Touch) or other touch.
  • Step 104 Generate a corresponding character string according to the preset rule according to the first operation gesture.
  • the embodiment of the present invention refers to the character string as the first character string.
  • the first character string may be a binary string, a decimal string, or a hexadecimal string.
  • the preset rule can be set according to the needs of the actual application. For example, you can set the tap to indicate “1”, click to indicate “0”, or set Tap to indicate “0”, tap to indicate “1”, or alternatively, to correspond to other operation gestures and characters, such as circle to indicate “A”, and so on.
  • the first character string is a binary character string
  • the operation gesture taps to indicate “1”, and the tap “0” is taken as an example.
  • the step “generates the corresponding according to the preset operation rule according to the first operation gesture.
  • the first string can include:
  • the character 1 is generated; when the first operation gesture is determined to be a tap, the character 0 is generated; and the generated characters are arranged in the order of the first operation gesture to form a binary character string.
  • the first character string is a binary character string
  • the operation gesture taps to indicate “0”, and the click “1” is taken as an example.
  • the step “generates according to the preset operation rule according to the first operation gesture.
  • the corresponding first string may include:
  • the character 0 is generated; when the first operation gesture is determined to be a tap, the character 1 is generated; and the generated characters are arranged in the order of the first operation gesture to form a binary string.
  • decimal string or a hexadecimal string is similar, just set the correspondence between the operation gesture and each character in advance.
  • corresponding prompt information may also be generated and displayed on the authentication interface to indicate the correspondence between the operation gesture and the character.
  • Step 105 When the first string is determined to match the preset verification information, the data is allowed to be accessed, for example, the user or other device is allowed to access the data.
  • determining whether the first string matches the preset verification information There are a variety of ways, for example, you can use any of the following methods:
  • the first character string is consistent with the preset verification information, and if they are consistent, determining that the first character string matches the preset verification information; if not, determining The first string does not match the preset verification information.
  • the first character string and the verification information can be directly compared at this time. If they are consistent, it indicates that the decryption password is correct. Therefore, it can be determined that the authentication is passed, that is, the first string is determined to match the preset verification information; if not, the decryption password is incorrect, so it can be determined that the identity verification fails. That is, it is determined that the first character string does not match the preset verification information.
  • the first character string is calculated according to a preset algorithm, and a calculation result is obtained, determining whether the calculation result is consistent with the preset verification information, and if the agreement is consistent, determining the first A string matches the preset verification information; if not, it is determined that the first string does not match the preset verification information.
  • the encrypted password is not directly saved as the verification information, but the encrypted password is calculated according to a preset algorithm, and the calculation result is saved as the verification information.
  • the first character string needs to be calculated according to the preset algorithm, and then the calculation result is compared with the verification information. If the calculation result is consistent with the verification information, it indicates that the decryption password is correct. Therefore, it may be determined that the identity verification is passed, that is, the first character string is determined to match the preset verification information; if the calculation result is inconsistent with the verification information, the decryption is performed.
  • the password is incorrect, so you can be sure that the authentication is not passed, that is, OK
  • the first string does not match the preset verification information.
  • the preset algorithm may be determined according to the requirements of the actual application.
  • the data access request may be rejected, for example, returning prompt information indicating that the verification fails, and the like.
  • FIG. 1c is a flowchart of a data encryption method according to an embodiment of the present invention. As shown in FIG. 1c, the method includes the following steps:
  • Step S1 Receive a data encryption request indicating data that needs to be encrypted.
  • the data encryption request may specifically be a lock screen password setting request, a file encryption request, or an application encryption request, and the like.
  • Step S2 Acquire an encrypted password according to the data encryption request.
  • the operation gesture of the user on the touch panel (referred to as a second operation gesture for convenience of description) may be acquired according to the data encryption request, and corresponding to the second operation gesture according to the preset rule.
  • the second string is converted into an encrypted password.
  • the second string may be a binary string, a decimal string, or a hexadecimal string.
  • the preset rule can be based on the needs of the actual application. Make settings, for example, you can set a tap to indicate “1”, a tap to indicate “0”, or a tap to indicate “0”, a tap to indicate “1”, or another operation gesture and character Correspondence, such as circle means "A", and so on.
  • the second character string is a binary character string
  • the operation gesture taps to indicate “1”, and the tap “0” is taken as an example.
  • the step “generates the corresponding according to the preset operation rule according to the second operation gesture.
  • the second string can include:
  • the character 1 is generated; when the second operation gesture is determined to be a tap, the character 0 is generated; and the generated characters are arranged in the order of the first operation gesture to form a binary character string.
  • the second character string is a binary character string
  • the operation gesture taps to indicate “0”, and the click “1” is taken as an example.
  • the step “generates according to the second operation gesture according to the preset rule.
  • the corresponding second string may include:
  • the character 0 is generated; when the second operation gesture is determined to be a tap, the character 1 is generated; and the generated characters are arranged in the order of the first operation gesture to form a binary character string.
  • decimal string or a hexadecimal string is similar, just set the correspondence between the operation gesture and each character in advance.
  • the second character string when the second character string is converted into an encrypted password, the second character string may be directly used as a password, or the second character string may be converted according to a certain rule, and the converted Two strings are used as passwords.
  • the subsequent conversion of the second character string is also required after the subsequent identity verification. Can be used as a decryption password.
  • Step S3 Encrypt the data by using the encrypted password, and convert the encrypted password into verification information for storage.
  • the encrypted password may be directly saved as the verification information, or the encrypted password may be calculated according to a preset algorithm, and then the calculation result is saved as the verification information.
  • the preset algorithm and the algorithm used in subsequent authentication should be consistent.
  • encryption rules and the decryption rules should be consistent.
  • the technical solution provided by the embodiment of the present invention does not need to receive the characters input by the user through the keyboard, but acquires the operation gesture of the user through the touchpad, thereby avoiding being stolen by the keyboard hook.
  • the possibility of authenticating information and improving information security does not need to be equipped with an additional fingerprint or iris acquisition module, and does not require complicated processing, thereby greatly simplifying the operation and improving the processing efficiency.
  • the identity verification device is specifically integrated in a terminal having a touch panel, and the data access request is specifically a screen unlock request as an example.
  • FIG. 2 is another flowchart of an identity verification method according to an embodiment of the present invention. As shown in FIG. 2, the specific process of the identity verification method may include the following steps:
  • Step 201 The terminal receives a screen unlock request about the terminal triggered by the user.
  • the user can trigger the screen unlock request by sliding or clicking the unlock trigger button.
  • Step 202 The terminal starts the screen unlocking interface according to the screen unlocking request.
  • the screen unlocking interface includes an authentication information input interface, such as a password input box or an input area.
  • Step 203 When the authentication information input interface is activated, the terminal acquires a first operation gesture of the user on the touch panel, such as an operation gesture such as tapping or tapping.
  • the authentication information input interface may be activated in various manners. For example, when determining a user selection, such as clicking or sliding, the authentication information input interface may determine the authentication information input interface. It is activated; or, when the input cursor is flashing at the authentication information input interface, such as the password input box, it can be determined that the authentication information input interface is activated or the like.
  • Step 204 The terminal generates a corresponding first character string according to the preset rule according to the first operation gesture. For example, when the terminal determines that the first operation gesture is a tap, the terminal generates the character 1, and determines that the first operation gesture is a tap. The character 0 is generated, and the generated characters are arranged in the order of the first operation gesture to form a binary string.
  • the user inputs an operation gesture four times in succession. If the operation gesture input by the user for the first time is “tap”, the character “1” can be generated at this time, if the operation gesture input by the user for the second time and the operation gesture input for the third time are “tap” ", then it can be determined that the second and third characters are all "0". If the operation gesture input by the user for the fourth time is "tap”, it can be determined that the fourth character is "1", according to these operation gestures The order of these characters is arranged to determine that the binary string is "1001".
  • corresponding prompt information may also be generated and displayed on the screen unlocking interface to indicate the correspondence between the operation gesture and the character. For example, the user may be prompted: “1 indicates a tap, 0 means tap, please enter gestures in order.
  • the correspondence between the first operation gesture and each character may be other than the case described in the foregoing embodiment, and the first operation gesture may be converted into a binary string, or may be converted into Strings in other formats can be set according to the needs of the actual application.
  • Step 205 The terminal determines whether the first string matches the preset verification information. If yes, step 206 is performed. If not, the screen unlock request is rejected, for example, returning. Verify that the message does not pass, and so on.
  • the lock screen password is directly saved as the verification information when the lock screen password is set, the first character string and the verification information can be directly compared at this time. If the first string is consistent with the verification information, it indicates that the decryption password is correct. Therefore, it can be determined that the identity verification is passed, that is, the first string is determined to match the preset verification information; if not, the decryption password is incorrect, therefore, It can be determined that the authentication fails, that is, the first string is determined to not match the preset verification information.
  • the lock screen password is not directly saved as the verification information, but the lock screen password is calculated according to the preset algorithm.
  • the calculation result is saved as the verification information.
  • the first character string needs to be calculated according to the preset algorithm, and then the calculation result and the verification are performed. Information is compared. If the calculation result is consistent with the verification information, it indicates that the decryption password is correct, and the first character string is determined to match the preset verification information; otherwise, the decryption password is incorrect, and the first character string and the preset verification information are determined not to be determined. match.
  • the calculation result is saved as the verification information, that is, if "10100” is used as the verification information, then the first string is used. For "1010”, it is also necessary to add a "0" after the first string to compare the calculation result with the verification information.
  • the preset algorithm may be determined according to the needs of the actual application.
  • Step 206 The terminal unlocks the terminal screen.
  • the setting may also be performed by an operation gesture on the touch panel, for example, Use the following method to set the lock screen password:
  • Receiving a lock screen request triggered by the user, and acquiring a lock screen password according to the lock screen request for example, acquiring a second operation gesture of the user on the touch panel, and generating a corresponding second character according to the preset rule according to the second operation gesture String, convert the second string into a lock screen password, and then use the lock screen password to lock the screen.
  • the terminal when receiving the screen unlocking request, the terminal may start the screen unlocking interface according to the screen unlocking request, and when the authentication information input interface on the interface is activated, acquiring the user's touch
  • the first operation gesture on the board generates a corresponding first character string according to the preset rule according to the first operation gesture, and unlocks the screen when it is determined that the first character string matches the preset verification information. Since the solution does not need to receive the characters input by the user through the keyboard, but obtains the operation gesture of the user through the touchpad, the possibility of stealing the authentication information by the keyboard hook and improving the information security can be avoided. Sex. Moreover, the solution does not need to be equipped with an additional fingerprint or iris acquisition module, and does not require complicated processing, thereby greatly simplifying the operation and improving the processing efficiency.
  • the identity verification device is still specifically integrated in the terminal with the touch panel, but the data access request is specifically a file access request as an example.
  • FIG. 3 is still another flowchart of an identity verification method according to an embodiment of the present invention. As shown in FIG. 3, the specific process of the identity verification method may include the following steps:
  • Step 301 The terminal receives a file access request triggered by a user.
  • the user can trigger the file access request by sliding or clicking on the file icon.
  • Step 302 The terminal starts an authentication interface according to the file access request.
  • the authentication interface includes an authentication information input interface, such as a password input box or an input area.
  • Step 303 When the authentication information input interface is activated, the terminal acquires a first operation gesture of the user on the touch panel, such as an operation gesture such as tapping or tapping.
  • the authentication information input interface may be activated in various manners. For example, when determining a user selection, such as clicking or sliding, the authentication information input interface may determine the authentication information input interface. It is activated; or, when the input cursor is flashing at the authentication information input interface, such as the password input box, it can be determined that the authentication information input interface is activated or the like.
  • Step 304 The terminal generates a corresponding first character string according to the preset rule according to the first operation gesture. For example, when the terminal determines that the first operation gesture is a tap, the terminal generates a character 0, and determines that the first operation gesture is a tap. The character 1 is generated, and the generated characters are arranged in the order of the first operation gesture to form a binary character string.
  • the user inputs an operation gesture four times in succession. If the operation gesture input by the user for the first time is “tap”, the character “0” can be generated at this time, if the operation gesture input by the user for the second time and the operation gesture input for the third time are both “tap” ", then it can be determined that the second and third characters are all "1". If the operation gesture input by the user for the fourth time is "tap”, it can be determined that the fourth character is "0", according to these operation gestures The order of these characters is arranged to determine that the binary string is "0110".
  • corresponding prompt information may also be generated and displayed on the screen unlocking interface to indicate the correspondence between the operation gesture and the character. For example, the user may be prompted: “0 indicates a tap, 1 means tap, please enter gestures in order.
  • the correspondence between the first operation gesture and each character is described in addition to the above embodiment.
  • the first operation gesture can be converted into a string of other formats in addition to being converted into a binary string, which can be set according to the requirements of the actual application.
  • Step 305 The terminal determines whether the first string matches the preset verification information. If yes, step 306 is performed. If there is no match, the file access request is rejected, for example, returning the prompt information that the verification fails, and the like.
  • the first character string and the verification information may be directly compared at this time, and if they are consistent, the decryption password is correct. Therefore, it can be determined that the authentication is passed, that is, the first string is determined to match the preset verification information. If the first string is inconsistent with the verification information, the decryption password is incorrect. Therefore, it can be determined that the identity verification fails, that is, It is determined that the first string does not match the preset verification information.
  • the encrypted password of the file is set, in order to enhance the security of the information, the encrypted password is not directly saved as the verification information, but the encrypted password is calculated according to the preset algorithm, and then the calculation is performed. The result is saved as the verification information.
  • the first character string needs to be calculated according to the preset algorithm, and then the calculation result and the verification information are further calculated. Compare. If the calculation result is consistent with the verification information, it indicates that the decryption password is correct, and the first character string is determined to match the preset verification information; otherwise, the decryption password is incorrect, and the first character string and the preset verification information are determined not to be determined. match.
  • the calculation result is saved as verification information, that is, "01100" is used as the verification information. If the first character string is "0110”, it is also necessary to add a "0" after the first character string. The calculation result is compared with the verification information.
  • the preset algorithm may be determined according to the needs of the actual application.
  • Step 306 The terminal allows the user to access the file, such as opening and browsing the file, or copying the file, and the like.
  • the setting may also be performed by an operation gesture on the touch panel. For example, you can set the encrypted password for a file in the following way:
  • Receiving a file encryption request triggered by the user, and acquiring an encrypted password according to the file encryption request for example, acquiring a second operation gesture of the user on the touch panel, and generating a corresponding second string according to the preset rule according to the second operation gesture Converting the second string to a lock screen password, and then encrypting the file with the encrypted password.
  • the terminal when receiving the file access request, the terminal may start the authentication interface according to the file access request, and obtain the user's touch when the authentication information input interface on the interface is activated.
  • the first operation gesture on the board generates a corresponding first character string according to the preset rule according to the first operation gesture, and allows the user to access the file when determining that the first character string matches the preset verification information. Since the solution does not need to receive the characters input by the user through the keyboard, but obtains the operation gesture of the user through the touchpad, the possibility of stealing the authentication information by the keyboard hook and improving the information security can be avoided. Sex. Moreover, the solution does not need to be equipped with an additional fingerprint or iris acquisition module, and does not require complicated processing, thereby greatly simplifying the operation and improving the processing efficiency.
  • FIG. 4 is a schematic structural diagram of an identity verification apparatus according to an embodiment of the present invention.
  • the identity verification apparatus may include a receiving unit 401, a starting unit 402, an obtaining unit 403, a generating unit 404, and a processing unit 405.
  • the receiving unit 401 is configured to receive a data access request, where the data access request indicates data that needs to be accessed.
  • the receiving unit 401 may receive a data access request triggered by a user, or receive a data access request sent by another device, where the data access request indicates data that needs to be accessed, and the data may include specific information, The file and the terminal application, etc., for example, the data access request may specifically be a screen unlock request, an application access request or a file access request, and the like.
  • the activation unit 402 is configured to start an authentication interface of the data according to the data access request, where the authentication interface includes an authentication information input interface.
  • the activation unit 402 can start the screen unlocking interface of the terminal according to the unlocking request of the screen, wherein the screen unlocking interface can further include an authentication information input interface, such as a password input box or an input area.
  • an authentication information input interface such as a password input box or an input area.
  • the obtaining unit 403 is configured to acquire a first operation gesture of the user on the touch panel when the authentication information input interface is activated.
  • the manner of activating the authentication information input interface may be various. For example, when determining a user selection, such as clicking or sliding, the authentication information input interface may determine the authentication information input interface. It is activated; or, when the input cursor is flashing at the authentication information input interface, such as the password input box, it can be determined that the authentication information input interface is activated.
  • the generating unit 404 is configured to generate a corresponding first character string according to the preset rule according to the first operation gesture.
  • the processing unit 405 is configured to allow access to the first character string when it matches the preset verification information.
  • the first string may be a binary string, a decimal string, or a hexadecimal string.
  • the preset rule can be set according to the requirements of the actual application. For example, the tap can be set to indicate “1”, the tap to indicate “0”, or the tap to indicate “0”, and the tap to indicate “1”, and Alternatively, it may be a correspondence between other operation gestures and characters, such as a circle indicating "A", and the like.
  • the generating unit 404 may be specifically configured to: when the first operation gesture is a tap, generate a character 1; and when the first operation gesture is a click, Generates a character 0; the generated characters are arranged in the order of the first operation gesture to form a binary string.
  • the generating unit 404 may be specifically configured to: when the first operation gesture is a tap, generate a character 0; and determine that the first operation gesture is a point. On time, character 1 is generated; the generated characters are arranged in the order of the first operation gesture to form a binary string.
  • decimal string or a hexadecimal string is similar, just set the correspondence between the operation gesture and each character in advance.
  • the generating unit 404 may also generate corresponding prompt information, and display the corresponding prompt information on the authentication interface to indicate the correspondence between the operation gesture and the character.
  • the method for determining whether the first character string and the preset verification information match may be multiple, that is, the processing unit 405 may adopt any one of the following manners.
  • the processing unit 405 may be specifically configured to determine whether the first character string is consistent with the preset verification information, and if yes, determine that the first character string matches the preset verification information, and if not, determine the The first string does not match the preset verification information.
  • the processing unit 405 is specifically configured to calculate the first character string according to a preset algorithm, obtain a calculation result, and determine that the calculation result is consistent with the preset verification information, and if yes, determine the first character string. Matching with the preset verification information. If they are inconsistent, it is determined that the first character string does not match the preset verification information.
  • the preset algorithm may be determined according to the requirements of the actual application.
  • the processing unit 405 may further perform no operation or reject the data access request, for example, return a prompt indicating that the verification fails. Information, and so on.
  • the identity verification device may further include an encryption unit 406.
  • the receiving unit 401 is further configured to receive a data encryption request, where the data encryption request indicates data that needs to be encrypted.
  • the data encryption request may specifically be a lock screen password setting request, a file encryption request, or an application encryption request, and the like.
  • the encryption unit 406 can be configured to obtain an encrypted password according to the data encryption request, encrypt the data by using the encrypted password, and convert the encrypted password into verification information for storage.
  • the encryption unit 406 may be configured to acquire a second operation gesture of the user on the touch panel according to the data encryption request, and generate a corresponding second character according to the preset rule according to the second operation gesture. String, which converts the second string into an encrypted password.
  • the second string may be a binary string, a decimal string, or a hexadecimal string.
  • the preset rule can be set according to the requirements of the actual application.
  • the tap can be set to indicate “1”, the tap to indicate “0”, or the tap to indicate “0”, and the tap to indicate “1”, and Or, it can be other gestures and words Correspondence of characters, such as circle means "A", and so on.
  • the encryption unit 406 may be specifically configured to: when the second operation gesture is a tap, generate a character 1; and determine that the second operation gesture is a tap. , generating a character 0; arranging the generated characters in the order of the first operation gesture to form a binary string.
  • the encryption unit 406 may be specifically configured to: when the second operation gesture is a tap, generate a character 0; and determine that the second operation gesture is When clicked, the character 1 is generated; the generated characters are arranged in the order of the first operation gesture to form a binary string.
  • decimal string or a hexadecimal string is similar, just set the correspondence between the operation gesture and each character in advance.
  • the encryption unit 406 may directly use the second string as a password, or may convert the second string according to a certain rule, and convert the second string. After the second string as a password. However, it should be noted that if the second character string is converted and the converted second character string is used as the password, the subsequent conversion of the second character string is also required after the subsequent identity verification. Can be used as a decryption password.
  • the identity verification device may be specifically integrated in a terminal or other device that needs to perform identity verification.
  • the identity verification device may be specifically integrated in a tablet or a laptop, and the like.
  • These terminals or devices need to have a touch panel, which may be the terminal or the device itself or an external device.
  • each of the above units may be implemented as a separate entity, or may be implemented in any combination, as the same or several entities.
  • each of the above various units refer to the foregoing method embodiments.
  • the solution provided by the embodiment of the present invention does not need to obtain the authentication information.
  • the user inputs the characters through the keyboard, and the user's operation gesture is acquired through the touchpad. Therefore, the possibility of the keyboard hook stealing the authentication information can be avoided, and the information security is improved.
  • the solution does not need to be equipped with an additional fingerprint or iris acquisition module, and does not require complicated processing, thereby greatly simplifying the operation and improving the processing efficiency.
  • FIG. 5 is a schematic structural diagram of hardware of an identity verification apparatus according to an embodiment of the present invention. As shown in Figure 5a, the apparatus can include:
  • a processor 501 eg, a CPU
  • the non-volatile memory 502 is configured to store machine readable instructions, including receive instructions, start instructions, get instructions, generate instructions, and processing instructions that are executable by the processor 501.
  • the processor 501 is configured to read and execute a receiving instruction, a starting instruction, an obtaining instruction, a generating instruction, and a processing instruction stored in the non-volatile memory 502, to implement each of the identity verification devices shown in FIG. 4a.
  • the function of the module is configured to read and execute a receiving instruction, a starting instruction, an obtaining instruction, a generating instruction, and a processing instruction stored in the non-volatile memory 502, to implement each of the identity verification devices shown in FIG. 4a. The function of the module.
  • FIG. 5b is a schematic diagram of another hardware structure of an identity verification apparatus according to an embodiment of the present invention. As shown in Figure 5b, the apparatus can include:
  • a processor 501 eg, a CPU
  • the non-volatile memory 502 is configured to store machine readable instructions, including the received instructions, the start instructions, the get instructions, the generated instructions, and the instructions executable by the processor 501, as shown in FIG. 5a.
  • machine readable instructions including the received instructions, the start instructions, the get instructions, the generated instructions, and the instructions executable by the processor 501, as shown in FIG. 5a.
  • encrypted instructions that can be executed by the processor 501 are also included.
  • the processor 501 is configured to read and execute the receiving instruction, the starting instruction, the obtaining instruction, the generating instruction, the processing instruction, and the encryption instruction stored in the non-volatile memory 502 to implement the identity verification shown in FIG. 4b.
  • the storage medium may include a read only memory (ROM), a random access memory (RAM), a magnetic disk or an optical disk, and the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Telephone Function (AREA)
  • Collating Specific Patterns (AREA)

Abstract

La présente invention concerne un procédé et un dispositif d'authentification d'identité. Le procédé consiste à : recevoir une demande d'accès aux données (101) ; activer une interface d'authentification des données en fonction de la demande d'accès aux données, l'interface d'authentification comprenant une interface d'entrée d'informations d'authentification (102) ; lorsque l'interface d'entrée d'informations d'authentification est activée, acquérir un premier geste d'opération d'un utilisateur sur un pavé tactile (103) ; générer une première chaîne de caractères correspondante en fonction du premier geste d'opération en fonction d'une règle prédéfinie (104) ; et permettre un accès aux données lorsqu'il est déterminé que la première chaîne de caractères correspond à des informations d'authentification prédéfinies (105).
PCT/CN2016/102368 2015-10-26 2016-10-18 Procédé et dispositif d'authentification d'identité WO2017071498A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/817,014 US10657244B2 (en) 2015-10-26 2017-11-17 Identity authentication method and apparatus

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510703477.0 2015-10-26
CN201510703477.0A CN106611110A (zh) 2015-10-26 2015-10-26 一种身份验证方法和系统

Related Child Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/083305 Continuation-In-Part WO2017084288A1 (fr) 2015-10-26 2016-05-25 Procédé et dispositif de vérification d'identité

Publications (1)

Publication Number Publication Date
WO2017071498A1 true WO2017071498A1 (fr) 2017-05-04

Family

ID=58612916

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/102368 WO2017071498A1 (fr) 2015-10-26 2016-10-18 Procédé et dispositif d'authentification d'identité

Country Status (2)

Country Link
CN (1) CN106611110A (fr)
WO (1) WO2017071498A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110673491A (zh) * 2019-09-02 2020-01-10 北京安博智信教育科技有限公司 办公区域设备自动管理方法、装置、介质和电子设备
US11630884B2 (en) 2017-09-18 2023-04-18 Siemens Aktiengesellschaft Method for managing access to a device, and access system

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108229139A (zh) * 2018-01-24 2018-06-29 维沃移动通信有限公司 一种密码输入方法及移动终端
CN109753786A (zh) * 2018-12-29 2019-05-14 维沃移动通信有限公司 一种解锁方法及移动终端

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848276A (zh) * 2010-04-16 2010-09-29 中山大学 手机屏幕的锁屏与解屏方法及系统
CN102455842A (zh) * 2010-10-21 2012-05-16 北京创新方舟科技有限公司 一种根据用户的敲击操作实现屏幕解锁的方法与设备
US20130314336A1 (en) * 2012-05-23 2013-11-28 Wistron Corporation Methods of rhythm touch unlock and related electronic device
CN104281389A (zh) * 2014-10-24 2015-01-14 广州三星通信技术研究有限公司 屏幕解锁方法和装置
CN104598786A (zh) * 2015-01-20 2015-05-06 广东欧珀移动通信有限公司 一种密码输入方法及装置

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9223952B2 (en) * 2012-09-28 2015-12-29 Intel Corporation Allowing varied device access based on different levels of unlocking mechanisms
CN103235903B (zh) * 2013-04-12 2015-12-23 广东欧珀移动通信有限公司 一种移动终端隐藏程序处理方法和装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848276A (zh) * 2010-04-16 2010-09-29 中山大学 手机屏幕的锁屏与解屏方法及系统
CN102455842A (zh) * 2010-10-21 2012-05-16 北京创新方舟科技有限公司 一种根据用户的敲击操作实现屏幕解锁的方法与设备
US20130314336A1 (en) * 2012-05-23 2013-11-28 Wistron Corporation Methods of rhythm touch unlock and related electronic device
CN104281389A (zh) * 2014-10-24 2015-01-14 广州三星通信技术研究有限公司 屏幕解锁方法和装置
CN104598786A (zh) * 2015-01-20 2015-05-06 广东欧珀移动通信有限公司 一种密码输入方法及装置

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11630884B2 (en) 2017-09-18 2023-04-18 Siemens Aktiengesellschaft Method for managing access to a device, and access system
CN110673491A (zh) * 2019-09-02 2020-01-10 北京安博智信教育科技有限公司 办公区域设备自动管理方法、装置、介质和电子设备
CN110673491B (zh) * 2019-09-02 2022-07-05 北京安博智信教育科技有限公司 办公区域设备自动管理方法、装置、介质和电子设备

Also Published As

Publication number Publication date
CN106611110A (zh) 2017-05-03

Similar Documents

Publication Publication Date Title
US11093626B2 (en) Security systems and methods for continuous authorized access to restricted access locations
US10182040B2 (en) Systems and methods for single device authentication
US9985993B2 (en) Query system and method to determine authentication capabilities
EP2939166B1 (fr) Système et procédé d'interrogation pour déterminer des capacités d'authentification
US9219732B2 (en) System and method for processing random challenges within an authentication framework
TWI770422B (zh) 用於操作物聯網設備的方法和系統
WO2016110101A1 (fr) Procédé et dispositif d'authentification d'empreintes digitales, terminal intelligent, et support de stockage informatique
WO2017020427A1 (fr) Procédé d'accès à un programme d'application, et terminal
WO2015188424A1 (fr) Dispositif de stockage de clé et procédé pour son utilisation
US20230267193A1 (en) Verification application, method, electronic device and computer program
KR20160097323A (ko) Nfc 인증 메커니즘
WO2017071498A1 (fr) Procédé et dispositif d'authentification d'identité
WO2017054304A1 (fr) Procédé et appareil pour stocker des informations de modèle d'empreinte digitale, et effectuer une authentification par adoption des informations d'empreinte digitale
US11449586B2 (en) Authenticated intention
US10474804B2 (en) Login mechanism for operating system
US10437971B2 (en) Secure authentication of a user of a device during a session with a connected server
KR101052294B1 (ko) 콘텐츠 보안 장치 및 콘텐츠 보안 방법
WO2017185683A1 (fr) Procédé et système d'authentification basés sur des informations d'identification biologique, et dispositif électronique
WO2016165537A1 (fr) Procédé et appareil de commande de terminal intelligent
KR102633314B1 (ko) 인증 정보 처리 방법 및 장치와 인증 정보 처리 방법 장치를 포함한 사용자 단말
WO2016155465A1 (fr) Procédé et appareil de traitement de données, et terminal
KR102038551B1 (ko) 얼굴 인식을 이용한 컴퓨팅 장치에 대한 로그인
US11500976B2 (en) Challenge-response method for biometric authentication
US9405891B1 (en) User authentication
KR20230124434A (ko) 전자 장치의 사용자 인증 방법 및 이를 수행하는 전자 장치

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16858933

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 20/09/2018)

122 Ep: pct application non-entry in european phase

Ref document number: 16858933

Country of ref document: EP

Kind code of ref document: A1