WO2017202156A1 - 身份验证方法和装置 - Google Patents
身份验证方法和装置 Download PDFInfo
- Publication number
- WO2017202156A1 WO2017202156A1 PCT/CN2017/080855 CN2017080855W WO2017202156A1 WO 2017202156 A1 WO2017202156 A1 WO 2017202156A1 CN 2017080855 W CN2017080855 W CN 2017080855W WO 2017202156 A1 WO2017202156 A1 WO 2017202156A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- target
- program
- business
- identity verification
- authentication
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/017—Gesture based interaction, e.g. based on a set of recognized hand gestures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4418—Suspend and resume; Hibernate and awake
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G06F9/485—Task life-cycle, e.g. stopping, restarting, resuming execution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/12—Fingerprints or palmprints
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Definitions
- the present invention relates to information technology, and in particular, to an identity verification method and apparatus.
- Authentication is usually used to authenticate users when they open a client or when they enter a client to perform a specific business operation, thereby improving the security of the business.
- a logic code for performing authentication is embedded in a business logic code that needs to be authenticated in a client, thereby realizing identity of the user. Verified operation.
- the present invention provides an identity verification method and apparatus for solving the technical problem that the operation of maintaining the identity verification logic in the prior art is not convenient enough.
- an authentication method including:
- An authentication program is invoked for authentication to obtain an authentication result, wherein the authentication program is independent of the target business process.
- an authentication device including:
- a pause module for detecting that the target business program is suspended when the target business program is executed
- a verification module configured to invoke an authentication program to perform authentication to obtain an authentication result, wherein the authentication program is independent of the target business program.
- the identity verification method and apparatus when detecting the execution of the target business program, suspending the target business program to continue to run, and then executing the identity verification program, and the business program and the identity verification program are independent of each other, that is, It is said that the coupling between the business process and the authentication program is low.
- the business processes of multiple business scenarios need to be authenticated, only multiple business processes need to be detected, and a set of authentication procedures can be used to complete the authentication. The process solves the technical problem that the authentication program is not convenient enough to maintain.
- FIG. 1 is a schematic flowchart of an identity verification method according to Embodiment 1 of the present invention.
- Figure 2 is a schematic diagram of a control program
- FIG. 3 is a schematic diagram of an authentication method in the prior art
- FIG. 5 is a schematic flowchart of an identity verification method according to Embodiment 2 of the present invention.
- FIG. 6 is a schematic structural diagram of an identity verification apparatus according to Embodiment 3 of the present invention.
- FIG. 7 is a schematic structural diagram of another identity verification apparatus according to Embodiment 4 of the present invention.
- FIG. 1 is a schematic flowchart diagram of an identity verification method according to Embodiment 1 of the present invention.
- a terminal device such as a mobile phone
- usually one or more services are involved, and the implementation of each service depends on at least one service program.
- the service program of the service currently operated by the user is called Target business process.
- each of the service programs mentioned herein may be a separate application, or an application may be formed by each service program, which is not limited in this embodiment.
- the method provided by this embodiment may be executed by a control program different from the target service program, which runs on the foregoing terminal device, and the program for executing the method is used to start the operation of the target service but does not obtain the service related information.
- the program for executing the method is used to start the operation of the target service but does not obtain the service related information.
- the user is authenticated, the information security of the business related information is guaranteed.
- the authentication method includes:
- Step 101 When detecting the execution of the target business program, suspending execution of the target business program.
- the target function for displaying the service interface for example, the startAPP method function, marks the execution of the business program to the target process for processing the business interface, and therefore, the execution can be determined by detecting the business program that calls the target function.
- the entire business process of the target process when the business process is executed to the target process, it means that the target program starts running.
- the program for executing the method of the embodiment may specifically detect the calling interface of the target function, so as to achieve the purpose of knowing the business program that calls the target function.
- the target process that needs to be authenticated can be predetermined from all the services, thereby After detecting the business process of executing the target process, it is further necessary to determine whether the detected business process is a target process that needs to be authenticated, and suspend the running of the business process only when the business process is the target business process.
- the target business process execution target process When the target business process execution target process is detected, the target business process is suspended, thereby suspending the target business process to continue running. Since it is detected that the target business process starts to execute the target process for displaying the business interface, the target business continues to run, and thus the execution result of the target process, that is, the display information of the service interface, is not generated yet, thereby The service interface is also not displayed on the user's terminal device.
- Step 102 Call an authentication program to perform identity verification to obtain an authentication result.
- the authentication program is independent of the target business process.
- the independence mentioned here means that there is no interface between the two programs, for example: calling the interface.
- the identity verification program is executed to obtain the authentication result.
- control program that executes the method provided by this embodiment cannot implement the function of identity verification. Therefore, the control program that executes the method of the embodiment can call the identity after the target service program is suspended. Verify the functionality of the authenticator and return the authentication results by the authenticator.
- 2 is a schematic diagram of a control program. As shown in FIG. 2, the control program executing the method suspends execution of the target business program when detecting the execution of the target business program, and the control program calls the identity verification program to the user. Authenticate to ensure the information security of business-related information.
- this implementation form realizes the separation of the authentication program from the business program.
- the methods are independent of each other.
- the method provided by the embodiment reduces the coupling degree between the identity verification program and the business program.
- the business process needs to determine whether it needs to be authenticated during the programming phase, and integrates the interface processing logic, authentication logic, and business processing logic required by the business program into the business program, and When business processes in multiple business scenarios require authentication, the authentication logic needs to be repeatedly written in different business processes.
- the method provided in this embodiment when detecting the execution of the target business program, suspends the target business program to continue running, and then executes the identity verification program, while the business program and the authentication program are independent of each other, in multiple business scenarios.
- the business process needs to be authenticated, only a plurality of business processes need to be detected, and a set of identity verification procedures can be used to complete the authentication process, which solves the technical problem that the identity verification program is not convenient to maintain.
- the interface between the authentication program and the business program is saved, as shown in FIG. 4, the business program in FIG. 4 passes through the calling interface with the authentication program, The authentication program makes a call.
- the method provided by the embodiment saves the interface between the identity verification program and the business program, and thus does not need to determine whether it needs to perform identity verification during the business program programming phase. And the process of reserving the calling interface of the calling authentication program, realizes that the authentic authentication program is independent of the business program.
- a person skilled in the art can implement identity verification on the user in the form of various identity verification methods based on the identity verification method disclosed in this embodiment. For example, at least one of a gesture, a fingerprint, and a character password can be used for identity verification.
- the form of identity verification is not limited in this embodiment.
- the feature information of the target process of the target business process may be identified according to the call request used when the target business function invokes the target function.
- the call request includes an identifier of the target business program, and the target process processes The identification of the business interface and/or the network address contained in the business interface processed by the target process.
- the target business process continues to run.
- the authentication result it is determined whether to continue to run the target business program. Specifically, if the authentication result is passed, the target business program is continuously run, and if the authentication result is a failure, the operation of the business program is exited.
- FIG. 5 is a schematic flowchart of an identity verification method according to Embodiment 2 of the present invention.
- an Alipay application is taken as an example to specifically describe an identity verification method, where an Alipay application includes multiple services, for example, payment , Yu Bao, word of mouth takeaway, red envelopes and ants gather treasure and so on. Since the payment service involves the security of the user's funds, it is necessary to authenticate the user when operating the payment service.
- the program for realizing the payment service is called a target business program, and the process for processing the payment service interface is called a target process, and the method includes:
- Step 201 After detecting that the user clicks the icon, the terminal device runs the target service program corresponding to the icon.
- Step 202 The target process in the target business program invokes the startAPP method function.
- the startAPP method function is used to process the business interface of each service, so that each service Before the business interface is displayed, you need to call the startAPP method function.
- the steps of displaying the service interface can be determined according to the case where the program calls the startAPP method function.
- the startAPP method function needs to be called before the business interface is displayed. According to this, the startAPP method function can be detected to determine the service that is running but does not display the service interface. program.
- Step 203 The gesture verification program detects the business program and the process that call the startAPP method function in real time, and uses the aspect technology to intercept the startAPP method function to continue to run when the target process of the target business program is detected.
- the business program Before displaying the business interface, the business program needs to write the content that needs to be displayed in the business interface into the request for calling the startAPP method function, thereby providing the content to be displayed and the related information of the business program to the startAPP method function, so that the startAPP method function
- the business interface is processed according to the content that needs to be displayed, and the processing result is returned to the business program, and the display step is executed by the business program.
- the information about the business program can be obtained from the request for calling the startAPP method function, that is, the identifier of the business program and the service interface processed by the process.
- the identifier, and the content that needs to be displayed from the service interface identifies whether the network address is included, and if so, the network address included in the service interface is also obtained.
- Step 204 The gesture verification program matches the target process of the target service program with the policy in the policy set to determine whether the identity verification is required. If there is no matching policy, step 205 is performed, and if yes, step 206 is performed.
- the policy set includes multiple policies, and each policy records an identifier of the business program, and further may include an identifier of the service interface processed by the process and/or a network address included in the service interface.
- the identity of the business process is recorded in the policy because only part of the business needs in all the services. Authenticating, rather than all the services in the application, requires authentication. For example, the balance treasure and payment business in Alipay need to be authenticated, while the word-of-mouth take-away does not require authentication. Therefore, the policy set can be configured in advance according to the feature information of the business program that needs to be authenticated, and/or the feature information of the process that needs to be authenticated.
- the identifier of the business interface recorded in the policy is because a business program may contain more than one business interface, and only needs to be authenticated when the user needs to display a specific business interface. Therefore, the identifier of the specific service interface is added to the policy.
- the network address included in the business interface is recorded in the policy because only when some business interfaces display a link to the page containing the user information, the user needs to be authenticated before the display of the service interface, if the service interface does not contain This type of link to a network address that contains a user information page eliminates the need for user authentication.
- Step 205 When there is no matching policy, it indicates that the service does not need to perform identity verification, end the gesture verification program, and continue to execute the startAPP method function. After the startAPP method function is completed, the service interface of the target service is displayed.
- Step 206 When there is a matching policy, it indicates that the service needs to be authenticated, and the gesture verification program displays an interface for gesture verification.
- the gesture verification program implements authentication by calling a specific authentication program or function.
- Step 207 The gesture verification program determines whether the identity verification is passed according to the gesture pattern input by the user. If yes, step 208 is performed; otherwise, step 209 is performed.
- the standard gesture pattern is pre-stored in the gesture verification program, and the gesture pattern input by the user is compared with the standard gesture pattern. If the same, the identity verification is determined to pass, otherwise it is determined that the identity verification fails.
- Step 208 End the gesture verification program operation, and continue to execute the startAPP method function, and after the execution of the startAPP method function is completed, display the service interface of the target service.
- Step 209 The gesture verification program continues to display the interface for gesture verification until the number of inputs reaches a preset limit, and exits the target business process.
- all the currently running business programs in the application to which the target business program belongs may be forcibly exited while exiting the target business program.
- FIG. 6 is a schematic structural diagram of an identity verification apparatus according to Embodiment 3 of the present invention. As shown in FIG. 6, the method includes: a suspension module 32 and a verification module 33.
- the suspending module 32 is configured to suspend execution of the target service program when detecting the execution of the target business program.
- the verification module 33 is configured to invoke an authentication program to perform authentication to obtain an authentication result.
- the authentication program is independent of the target business process. And the authentication program is used to authenticate with at least one of gestures, fingerprints, and character passwords.
- the identity verification apparatus when the execution of the target business program is detected, the suspension module 32 suspends the target business program to continue running, and in turn, the verification module 33 performs the identity verification step, and the business program and the identity verification program. Independent of each other, that is to say, the degree of coupling between the business program and the authentication program is low.
- the business processes of multiple business scenarios need to be authenticated, only multiple business processes need to be detected, and a set of identity can be used.
- the verification process completes the authentication process and solves the technical problem that the authentication program is not convenient to maintain.
- FIG. 7 is a schematic structural diagram of another identity verification apparatus according to Embodiment 4 of the present invention. As shown in FIG. 7, on the basis of the identity verification apparatus provided in FIG. 6, the identity verification apparatus further includes: a detection module 30.
- the detecting module 30 is configured to detect a service program that executes a target process.
- the suspension module 32 is specifically configured to suspend execution of the target business program when the target business process execution target process is detected.
- the target process is used to process the business interface, including calling the objective function, and the objective function is used to display the business interface.
- the target function may be a startAPP method function.
- the identity verification device further includes: a recovery module 34, an exit module 35, a matching module 36, and a configuration module 37.
- the recovery module 34 is configured to continue to run the target service program if the authentication result is a pass.
- the exiting module 35 is configured to exit the running of the business program if the authentication result is a failure.
- the matching module 36 is configured to match feature information of the target business program and/or feature information of a process to which the target business program is executed with a preset policy set.
- the suspending module 32 is specifically configured to determine that there is a matching policy in the policy set before suspending the target service program to continue running.
- the configuration module 37 is configured to configure the policy set according to the feature information of the service program that needs to be authenticated according to the need, and/or the feature information of the process that needs to be authenticated.
- the feature information includes an identifier of the target service program, an identifier of a service interface processed by the target process, and/or a network address included in a service interface processed by the target process.
- the aforementioned program can be stored in a computer readable storage medium.
- the program when executed, performs the steps including the foregoing method embodiments; and the foregoing storage medium includes: ROM, RAM, disk or A variety of media such as optical discs that can store program code.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Human Computer Interaction (AREA)
- Computing Systems (AREA)
- Multimedia (AREA)
- Telephone Function (AREA)
- User Interface Of Digital Computer (AREA)
- Debugging And Monitoring (AREA)
- Telephonic Communication Services (AREA)
- Stored Programmes (AREA)
- Exchange Systems With Centralized Control (AREA)
Abstract
Description
Claims (16)
- 一种身份验证方法,其特征在于,包括:侦测到执行目标业务程序时,暂停所述目标业务程序的执行;调用身份验证程序进行身份验证,以获得身份验证结果,其中,所述身份验证程序与所述目标业务程序相互独立。
- 根据权利要求1所述的身份验证方法,其特征在于,所述方法,还包括:对执行目标进程的业务程序进行侦测;其中,所述目标进程用于对业务界面进行处理;所述侦测到执行目标业务程序时,暂停所述目标业务程序的执行,包括:当侦测到所述目标业务程序执行所述目标进程时,暂停所述目标业务程序的执行。
- 根据权利要求2所述的身份验证方法,其特征在于,所述目标进程包括调用目标函数,所述目标函数用于对业务界面进行显示。
- 根据权利要求1-3任一项所述的身份验证方法,其特征在于,所述进行身份验证之后,还包括:若身份验证结果为通过,继续运行所述目标业务程序;若身份验证结果为失败,退出所述业务程序的运行。
- 根据权利要求1-3任一项所述的身份验证方法,其特征在于,所述暂停所述目标业务程序的执行之前,还包括:将所述目标业务程序的特征信息,和/或将所述目标业务程序所执行到的进程的特征信息与预设策略集进行匹配;若所述策略集中存在匹配的策略,则暂停所述目标业务程序继续运行。
- 根据权利要求5所述的身份验证方法,其特征在于,所述方法还 包括:根据需要进行身份验证的业务程序的特征信息,和/或需要进行身份验证的进程的特征信息,对所述策略集进行配置。
- 根据权利要求5所述的身份验证方法,其特征在于,所述特征信息包括所述目标业务程序的标识、所述目标进程所处理的业务界面的标识和/或所述目标进程所处理的业务界面所包含的网络地址。
- 根据权利要求1-3任一项所述的身份验证方法,其特征在于,所述身份验证程序用于采用手势、指纹和字符密码中至少一个进行身份验证。
- 一种身份验证装置,其特征在于,包括:暂停模块,用于侦测到执行目标业务程序时,暂停所述目标业务程序的执行;验证模块,用于调用身份验证程序进行身份验证,以获得身份验证结果,其中,所述身份验证程序与所述目标业务程序相互独立。
- 根据权利要求9所述的身份验证装置,其特征在于,所述装置,还包括:侦测模块,用于对执行目标进程的业务程序进行侦测;其中,所述目标进程用于对业务界面进行处理;所述暂停模块,具体用于当侦测到所述目标业务程序执行所述目标进程时,暂停所述目标业务程序的执行。
- 根据权利要求10所述的身份验证装置,其特征在于,所述目标进程包括调用目标函数,所述目标函数用于对业务界面进行显示。
- 根据权利要求9-11任一项所述的身份验证装置,其特征在于,所述装置,还包括:恢复模块,用于若身份验证结果为通过,继续运行所述目标业务程序;退出模块,用于若身份验证结果为失败,则退出所述业务程序的运行。
- 根据权利要求9-11任一项所述的身份验证装置,其特征在于,所述装置,还包括:匹配模块,用于将所述目标业务程序的特征信息,和/或将所述目标业务程序所执行到的进程的特征信息与预设策略集进行匹配;所述暂停模块,具体用于在暂停所述目标业务程序继续运行之前,确定若所述策略集中存在匹配的策略。
- 根据权利要求13所述的身份验证装置,其特征在于,所述装置,还包括:配置模块,用于根据需要进行身份验证的业务程序的特征信息,和/或需要进行身份验证的进程的特征信息,对所述策略集进行配置。
- 根据权利要求13所述的身份验证装置,其特征在于,所述特征信息包括所述目标业务程序的标识、所述目标进程所处理的业务界面的标识和/或所述目标进程所处理的业务界面所包含的网络地址。
- 根据权利要求9-11任一项所述的身份验证装置,其特征在于,所述身份验证程序用于采用手势、指纹和字符密码中至少一个进行身份验证。
Priority Applications (9)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP17802002.0A EP3467693B1 (en) | 2016-05-27 | 2017-04-18 | Identity verification method and apparatus |
JP2018562225A JP6910377B2 (ja) | 2016-05-27 | 2017-04-18 | アイデンティティ検証方法及び装置 |
MYPI2018001982A MY193602A (en) | 2016-05-27 | 2017-04-18 | Identity verification method and apparatus |
KR1020187037788A KR20190012210A (ko) | 2016-05-27 | 2017-04-18 | 신원 검증 방법 및 장치 |
SG11201810169YA SG11201810169YA (en) | 2016-05-27 | 2017-04-18 | Identity verification method and apparatus |
KR1020217023761A KR102412438B1 (ko) | 2016-05-27 | 2017-04-18 | 신원 검증 방법 및 장치 |
PH12018502461A PH12018502461A1 (en) | 2016-05-27 | 2018-11-22 | Identity verification method and apparatus |
US16/200,318 US11176232B2 (en) | 2016-05-27 | 2018-11-26 | Identity verification method and apparatus |
US17/454,965 US20220075855A1 (en) | 2016-05-27 | 2021-11-15 | Identity verification method and apparatus |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610365906.2 | 2016-05-27 | ||
CN201610365906.2A CN107437013A (zh) | 2016-05-27 | 2016-05-27 | 身份验证方法和装置 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/200,318 Continuation US11176232B2 (en) | 2016-05-27 | 2018-11-26 | Identity verification method and apparatus |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017202156A1 true WO2017202156A1 (zh) | 2017-11-30 |
Family
ID=60411068
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2017/080855 WO2017202156A1 (zh) | 2016-05-27 | 2017-04-18 | 身份验证方法和装置 |
Country Status (10)
Country | Link |
---|---|
US (2) | US11176232B2 (zh) |
EP (1) | EP3467693B1 (zh) |
JP (1) | JP6910377B2 (zh) |
KR (2) | KR102412438B1 (zh) |
CN (1) | CN107437013A (zh) |
MY (1) | MY193602A (zh) |
PH (1) | PH12018502461A1 (zh) |
SG (1) | SG11201810169YA (zh) |
TW (1) | TW201741919A (zh) |
WO (1) | WO2017202156A1 (zh) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112766972A (zh) * | 2020-12-31 | 2021-05-07 | 未鲲(上海)科技服务有限公司 | 一种用户身份验证方法及系统 |
US20230186308A1 (en) * | 2021-12-09 | 2023-06-15 | Chime Financial, Inc. | Utilizing a fraud prediction machine-learning model to intelligently generate fraud predictions for network transactions |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101753311A (zh) * | 2010-01-14 | 2010-06-23 | 杨筑平 | 信息保密与身份认证方法和数字签名程序 |
CN103577237A (zh) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | 应用程序启动的控制方法及装置 |
CN104866750A (zh) * | 2015-03-31 | 2015-08-26 | 小米科技有限责任公司 | 应用启动方法和装置 |
CN106445587A (zh) * | 2016-09-08 | 2017-02-22 | 广东欧珀移动通信有限公司 | 应用程序安装控制方法及装置 |
Family Cites Families (53)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6728884B1 (en) * | 1999-10-01 | 2004-04-27 | Entrust, Inc. | Integrating heterogeneous authentication and authorization mechanisms into an application access control system |
JP2001331451A (ja) | 2000-05-19 | 2001-11-30 | Yamatake Sangyo Systems Co Ltd | セキュリティシステム |
US9578022B2 (en) * | 2001-08-21 | 2017-02-21 | Bookit Oy Ajanvarauspalvelu | Multi-factor authentication techniques |
US20030182626A1 (en) | 2002-03-22 | 2003-09-25 | Eran Davidov | On-demand creation of MIDlets |
US20060059569A1 (en) * | 2004-08-27 | 2006-03-16 | Microsoft Corporation | Application and device user verification from an operating system-based authentication service |
US8515490B2 (en) * | 2004-12-30 | 2013-08-20 | Alcatel Lucent | Method and apparatus for providing same session switchover between end-user terminals |
US8353011B2 (en) * | 2005-06-13 | 2013-01-08 | Nokia Corporation | Apparatus, method and computer program product providing mobile node identities in conjunction with authentication preferences in generic bootstrapping architecture (GBA) |
US7953980B2 (en) * | 2005-06-30 | 2011-05-31 | Intel Corporation | Signed manifest for run-time verification of software program identity and integrity |
US7721281B1 (en) * | 2005-07-01 | 2010-05-18 | Cisco Technology, Inc. | Methods and apparatus for securing local application execution |
EP1811412A1 (en) | 2005-08-04 | 2007-07-25 | Intelligent Wave Inc. | Computer control method using externally connected device and computer control system |
EP1768434A1 (en) * | 2005-09-21 | 2007-03-28 | Thomson Telecom Belgium | Method and a device to suspend the access to a service |
FR2891677A1 (fr) * | 2005-10-05 | 2007-04-06 | France Telecom | Procede d'authentification d'un client, fournisseurs d'identites et de services, signaux de requete d'authentification et d'assertion d'authentification, et programmes d'ordinateur correspondants |
US8613056B2 (en) * | 2006-05-26 | 2013-12-17 | Cisco Technology, Inc. | Extensible authentication and authorization of identities in an application message on a network device |
JP2007334490A (ja) | 2006-06-13 | 2007-12-27 | Yokogawa Electric Corp | ユーザ認証方法およびユーザ認証装置 |
EP3882797A1 (en) * | 2007-09-24 | 2021-09-22 | Apple Inc. | Embedded authentication systems in an electronic device |
JP2010257060A (ja) | 2009-04-22 | 2010-11-11 | Ntt Docomo Inc | 認証システム及び認証方法 |
US9208337B2 (en) * | 2009-09-22 | 2015-12-08 | Denise G. Tayloe | Systems, methods, and software applications for providing and identity and age-appropriate verification registry |
US8522308B2 (en) * | 2010-02-11 | 2013-08-27 | Verizon Patent And Licensing Inc. | Systems and methods for providing a spatial-input-based multi-user shared display experience |
JP5513957B2 (ja) | 2010-04-02 | 2014-06-04 | 株式会社ジャパンディスプレイ | 表示装置、認証方法、およびプログラム |
US8831677B2 (en) * | 2010-11-17 | 2014-09-09 | Antony-Euclid C. Villa-Real | Customer-controlled instant-response anti-fraud/anti-identity theft devices (with true-personal identity verification), method and systems for secured global applications in personal/business e-banking, e-commerce, e-medical/health insurance checker, e-education/research/invention, e-disaster advisor, e-immigration, e-airport/aircraft security, e-military/e-law enforcement, with or without NFC component and system, with cellular/satellite phone/internet/multi-media functions |
US9275337B2 (en) * | 2010-11-29 | 2016-03-01 | Biocatch Ltd. | Device, system, and method of detecting user identity based on motor-control loop model |
CN102096546A (zh) | 2010-12-29 | 2011-06-15 | 华为终端有限公司 | 一种操作系统的解锁方法及装置 |
AU2011101295B4 (en) * | 2011-06-13 | 2012-08-02 | Device Authority Ltd | Hardware identity in multi-factor authentication layer |
US8627096B2 (en) * | 2011-07-14 | 2014-01-07 | Sensible Vision, Inc. | System and method for providing secure access to an electronic device using both a screen gesture and facial biometrics |
US20160012445A1 (en) * | 2011-11-10 | 2016-01-14 | Antony-Euclid C. Villa-Real | Customer-controlled instant-response anti-fraud/anti-identity theft devices (with true-personal identity verification), methods and systems for secured global applications in personal/business e-banking, e-commerce, e-medical/health insurance checker, e-education/research/invention, e-disaster advisor, e-immigration, e-airport/aircraft security, e-military/e-law enforcement, with or without nfc component and system, with cellular/satellite phone/internet/multi-media functions |
CN102404727B (zh) * | 2011-11-24 | 2017-12-05 | 中兴通讯股份有限公司 | 移动终端的安全控制方法及装置 |
US9137246B2 (en) * | 2012-04-09 | 2015-09-15 | Brivas Llc | Systems, methods and apparatus for multivariate authentication |
US10122710B2 (en) * | 2012-04-19 | 2018-11-06 | Pq Solutions Limited | Binding a data transaction to a person's identity using biometrics |
US8457367B1 (en) * | 2012-06-26 | 2013-06-04 | Google Inc. | Facial recognition |
US8839367B2 (en) * | 2012-07-30 | 2014-09-16 | Avalanche Cloud Corporation | Automating calls between separate and distinct applications for invoking an identity verification function |
US8970348B1 (en) * | 2012-08-28 | 2015-03-03 | Intuit Inc. | Using sequences of facial gestures to authenticate users |
US8904498B2 (en) * | 2012-10-17 | 2014-12-02 | Ca, Inc. | Biometric identification for mobile applications |
US9178883B2 (en) * | 2012-12-12 | 2015-11-03 | SocialSign.in, Inc. | Leveraging online identities to grant access to private networks |
US9367672B2 (en) * | 2013-03-13 | 2016-06-14 | Blackberry Limited | Method of locking an application on a computing device |
US9088574B2 (en) * | 2013-07-18 | 2015-07-21 | International Business Machines Corporation | Subscriber identity module-based authentication of a wireless device and applications stored thereon |
US9319419B2 (en) * | 2013-09-26 | 2016-04-19 | Wave Systems Corp. | Device identification scoring |
US9451445B2 (en) | 2014-05-30 | 2016-09-20 | Apple Inc. | Electronic subscriber identity module selection |
CN105205368A (zh) * | 2014-06-17 | 2015-12-30 | 艾尔希格(开曼)股份有限公司 | 电子装置的随验即用方法 |
US10484345B2 (en) * | 2014-07-31 | 2019-11-19 | Visa International Service Association | System and method for identity verification across mobile applications |
US9778749B2 (en) * | 2014-08-22 | 2017-10-03 | Google Inc. | Occluded gesture recognition |
US9465930B2 (en) * | 2014-08-29 | 2016-10-11 | Dropbox, Inc. | Fingerprint gestures |
CN104468522B (zh) * | 2014-11-07 | 2017-10-03 | 百度在线网络技术(北京)有限公司 | 一种声纹验证方法和装置 |
WO2016082229A1 (zh) * | 2014-11-29 | 2016-06-02 | 华为技术有限公司 | 一种身份认证方法及可穿戴设备 |
US10002478B2 (en) * | 2014-12-12 | 2018-06-19 | Qualcomm Incorporated | Identification and authentication in a shared acoustic space |
US10621658B1 (en) * | 2015-01-15 | 2020-04-14 | Wells Fargo Bank, N.A. | Identity verification services with identity score through external entities via application programming interface |
US10990974B1 (en) * | 2015-01-15 | 2021-04-27 | Wells Fargo Bank, N.A. | Identity verification services and user information provision via application programming interface |
US10997654B1 (en) * | 2015-01-15 | 2021-05-04 | Wells Fargo Bank, N.A. | Identity verification services through external entities via application programming interface |
CN106204035A (zh) * | 2015-04-30 | 2016-12-07 | 阿里巴巴集团控股有限公司 | 离线身份认证方法、智能终端及系统 |
CN105095746B (zh) * | 2015-07-02 | 2018-06-19 | 北京奇虎科技有限公司 | 应用程序启动鉴权方法及装置 |
US9842211B2 (en) * | 2015-10-28 | 2017-12-12 | Synaptics Incorporated | Systems and methods for biometric authentication |
CN108475304B (zh) * | 2015-12-29 | 2021-08-13 | 华为技术有限公司 | 一种关联应用程序和生物特征的方法、装置以及移动终端 |
US10631164B2 (en) * | 2016-03-31 | 2020-04-21 | Electronic Arts Inc. | Authentication identity management for mobile device applications |
US20170344729A1 (en) * | 2016-05-26 | 2017-11-30 | Mastercard International Incorporated | Systems and methods for identity authentication using software licenses |
-
2016
- 2016-05-27 CN CN201610365906.2A patent/CN107437013A/zh active Pending
-
2017
- 2017-03-13 TW TW106108193A patent/TW201741919A/zh unknown
- 2017-04-18 SG SG11201810169YA patent/SG11201810169YA/en unknown
- 2017-04-18 MY MYPI2018001982A patent/MY193602A/en unknown
- 2017-04-18 KR KR1020217023761A patent/KR102412438B1/ko active IP Right Grant
- 2017-04-18 WO PCT/CN2017/080855 patent/WO2017202156A1/zh unknown
- 2017-04-18 EP EP17802002.0A patent/EP3467693B1/en active Active
- 2017-04-18 KR KR1020187037788A patent/KR20190012210A/ko not_active IP Right Cessation
- 2017-04-18 JP JP2018562225A patent/JP6910377B2/ja active Active
-
2018
- 2018-11-22 PH PH12018502461A patent/PH12018502461A1/en unknown
- 2018-11-26 US US16/200,318 patent/US11176232B2/en active Active
-
2021
- 2021-11-15 US US17/454,965 patent/US20220075855A1/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101753311A (zh) * | 2010-01-14 | 2010-06-23 | 杨筑平 | 信息保密与身份认证方法和数字签名程序 |
CN103577237A (zh) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | 应用程序启动的控制方法及装置 |
CN104866750A (zh) * | 2015-03-31 | 2015-08-26 | 小米科技有限责任公司 | 应用启动方法和装置 |
CN106445587A (zh) * | 2016-09-08 | 2017-02-22 | 广东欧珀移动通信有限公司 | 应用程序安装控制方法及装置 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3467693A4 * |
Also Published As
Publication number | Publication date |
---|---|
PH12018502461A1 (en) | 2019-03-25 |
EP3467693A1 (en) | 2019-04-10 |
JP2019521424A (ja) | 2019-07-25 |
US20190095603A1 (en) | 2019-03-28 |
KR20190012210A (ko) | 2019-02-08 |
US11176232B2 (en) | 2021-11-16 |
CN107437013A (zh) | 2017-12-05 |
KR20210097817A (ko) | 2021-08-09 |
JP6910377B2 (ja) | 2021-07-28 |
SG11201810169YA (en) | 2018-12-28 |
EP3467693A4 (en) | 2019-05-08 |
US20220075855A1 (en) | 2022-03-10 |
TW201741919A (zh) | 2017-12-01 |
EP3467693B1 (en) | 2022-07-06 |
KR102412438B1 (ko) | 2022-06-22 |
MY193602A (en) | 2022-10-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11637824B2 (en) | Multi-factor authentication devices | |
US20220200987A1 (en) | Multi-factor secure operation authentication | |
US10788984B2 (en) | Method, device, and system for displaying user interface | |
US8595808B2 (en) | Methods and systems for increasing the security of network-based transactions | |
US8990909B2 (en) | Out-of-band challenge question authentication | |
WO2016110101A1 (zh) | 一种指纹认证方法、装置、智能终端和计算机存储介质 | |
US20240028686A1 (en) | Systems and methods for cross coupling risk analytics and one-time-passcodes | |
WO2018103687A1 (zh) | 一种基于指纹识别的安全支付方法及系统 | |
WO2019047148A1 (zh) | 一种密码验证方法、终端、计算机可读存储介质 | |
US11822638B1 (en) | Multi-channel authentication using smart cards | |
WO2017084569A1 (zh) | 在智能终端中获取登陆凭证的方法、智能终端以及操作系统 | |
US11902275B2 (en) | Context-based authentication of a user | |
US20210125194A1 (en) | Method and system for completing cross-channel transactions | |
US11663306B2 (en) | System and method for confirming a person's identity | |
WO2017202156A1 (zh) | 身份验证方法和装置 | |
CN109493079A (zh) | 支付认证方法和设备 | |
CN105871840B (zh) | 一种证书管理方法及系统 | |
WO2016165537A1 (zh) | 一种控制智能终端的方法及控制智能终端的装置 | |
WO2019242401A1 (zh) | 用户操作权限的控制方法、装置、存储介质及电子设备 | |
KR20220093316A (ko) | 교차 결합 위험성 분석 및 일회성 암호를 위한 시스템 및 방법 | |
US9405891B1 (en) | User authentication | |
US20150350203A1 (en) | Mobile device, method of authenticating a user, computer program, article of manufacture, display | |
EP4046041A1 (en) | Using multi-factor authentication as a labeler for machine learning- based authentication | |
WO2018006350A1 (zh) | 一种基于图片密码开启智能门禁的方法及系统 | |
WO2018006351A1 (zh) | 一种基于图片密码管理智能门禁的方法及智能门禁系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
ENP | Entry into the national phase |
Ref document number: 2018562225 Country of ref document: JP Kind code of ref document: A |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17802002 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20187037788 Country of ref document: KR Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2017802002 Country of ref document: EP Effective date: 20190102 |