WO2019113765A1 - Face and electrocardiogram-based payment authentication method and terminal - Google Patents

Face and electrocardiogram-based payment authentication method and terminal Download PDF

Info

Publication number
WO2019113765A1
WO2019113765A1 PCT/CN2017/115557 CN2017115557W WO2019113765A1 WO 2019113765 A1 WO2019113765 A1 WO 2019113765A1 CN 2017115557 W CN2017115557 W CN 2017115557W WO 2019113765 A1 WO2019113765 A1 WO 2019113765A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
face
electrocardiogram
authentication
state
Prior art date
Application number
PCT/CN2017/115557
Other languages
French (fr)
Chinese (zh)
Inventor
张炽成
唐超旬
Original Assignee
福建联迪商用设备有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 福建联迪商用设备有限公司 filed Critical 福建联迪商用设备有限公司
Priority to PCT/CN2017/115557 priority Critical patent/WO2019113765A1/en
Priority to CN201780002070.2A priority patent/CN108401458A/en
Publication of WO2019113765A1 publication Critical patent/WO2019113765A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Definitions

  • the current payment authentication method mainly performs payment authentication through fingerprint or face recognition, which has the following disadvantages: biometrics Easy to be stolen: Fingerprint information is easier to take when the trader touches the item, and the non-living information, the facial image information is originally public, and it is easy to steal through video or photographing; the stolen biometrics are easy to use.
  • biometrics Easy to be stolen Fingerprint information is easier to take when the trader touches the item, and the non-living information, the facial image information is originally public, and it is easy to steal through video or photographing; the stolen biometrics are easy to use.
  • the stolen fingerprint and facial information can be used to attack the payment device by making fingerprint and image synthesis techniques respectively, thereby achieving the purpose of stealing.
  • S1 determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
  • the high-frequency information can prevent the problem of payment authentication attack by the image information synthesized by the computer; and at the same time, the payment authentication is performed according to the electrocardiogram information and the face image information, and the security of the payment is improved by the double authentication method, and the above
  • the ECG information is a living feature, and the attacker is not easy to camouflage the ECG to attack the payment authentication, making the payment more secure.
  • the present invention provides a payment authentication method based on a face and an electrocardiogram, comprising the following steps:
  • the problem of payment authentication attack and at the same time, according to the electrocardiogram information and the face image information, the payment authentication is performed, and the security of the payment is improved by the double authentication method, and the above-mentioned electrocardiogram information is a living feature, which can prevent theft and make payment. safer.
  • the method further includes:
  • S02 collecting ECG information while collecting face information;
  • the face information includes face video information and face image information;
  • the collected face information is the face video information and the face image information collected by the camera device when the user performs the corresponding face action according to the specified action information displayed, and the payment verification is improved by the above method. safety.
  • the S02 and the S03 further include:
  • the accuracy of data processing can be improved by the above method.
  • the new specified action information is randomly displayed, and the face information is collected again, and the ECG information is collected.
  • the first mathematical model of the face information under the stress state and the different models corresponding to the ECG information in different states can be established by the above method, so that the user can accurately determine the state of the user and improve the payment. Security.
  • S1 is specifically:
  • S2 is specifically:
  • the face feature parameters and the electrocardiogram feature parameters are encrypted and transmitted during the transmission process, which can prevent the user data from being stolen and cause a certain economic loss to the user; and at the same time, the saliency analysis can accurately determine the person. Whether the feature parameters corresponding to the face feature parameter and the reserved user face image information match, and can accurately determine whether the feature parameters corresponding to the ECG feature parameter and the reserved user ECG information match; the above double verification method improves the payment authentication Security.
  • determining whether there is high frequency information greater than a preset threshold in the face image information is specifically:
  • the above method it is possible to accurately calculate whether the face image information includes high frequency information, to prevent the image synthesized by the computer from being used for payment verification, and to improve the security of payment.
  • the location information in which the transaction is stored during the transaction process makes the transaction location traceable.
  • the present invention further provides a face and electrocardiogram-based payment authentication terminal, comprising a memory 1, a processor 2, and a computer program stored on the memory 1 and operable on the processor 2, the processing When the program 2 executes the program, the following steps are implemented:
  • S1 determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
  • the method further includes:
  • S02 collecting ECG information while collecting face information;
  • the face information includes face video information and face image information;
  • step S04 If they are consistent, step S1 is performed, otherwise the payment authentication fails.
  • the face information and the electrocardiogram information are separately subjected to noise reduction and filtering processing.
  • the face authentication and the ECG-based payment authentication terminal wherein the face specified action information required for displaying the payment verification in the S01 is specifically:
  • the face specifying action information is randomly generated, and the specified action information is displayed.
  • the steps further include: if the face information or the ECG information collection fails within a preset time, The new specified motion information is randomly displayed, and the ECG information is collected while the face information is re-acquired.
  • the above-mentioned face and electrocardiogram-based payment authentication terminal further includes:
  • All second feature parameters corresponding to the normal awake state, all third feature parameters corresponding to the sleep state, and all fourth feature parameters corresponding to the stress state are respectively fitted to obtain corresponding mathematical models in different states.
  • the S1 is specifically:
  • the S2 is specifically:
  • the payment authentication terminal based on the face and the electrocardiogram "determining whether there is high frequency information greater than a preset threshold in the face image information" is specifically:
  • the above-mentioned face and electrocardiogram-based payment authentication terminal further includes:
  • a first embodiment of the present invention is:
  • the invention provides a payment authentication method based on a face and an electrocardiogram, comprising the following steps:
  • step S0 randomly generate facial specified action information, display the specified action information; collect face information while collecting ECG information; the face information includes face video information and face image information; After performing noise reduction and filtering processing on the ECG information, it is determined whether the face action in the face video information is consistent with the specified action; if they are consistent, step S1 is performed, otherwise the payment authentication fails;
  • step S0 is re-executed
  • S1 determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
  • Embodiment 2 of the present invention is:
  • the invention provides a payment authentication method based on a face and an electrocardiogram, comprising the following steps:
  • the method adopted also defines the neural network, collects the original data, and classifies all the corresponding characteristic parameters in different states by the method of deep learning convolutional neural network. By training, correcting, and outputting the results, the corresponding mathematical models in different states can be obtained.
  • the default transaction terminal and the server are first authenticated. If the authentication fails, the payment authentication fails and the transaction is terminated.
  • the authentication succeeds, acquiring current location information of the transaction terminal; encrypting the current location information to obtain location encryption information; and transmitting the location encryption information to a server, so that the server saves the location encryption information in a preset Security log information;
  • the face specified action information is randomly generated, and the specified action information is displayed; while the face information is collected, the ECG information is collected; the face information includes the face video information and the face image information; After the face information and the ECG information are respectively subjected to noise reduction and filtering processing, it is determined whether the face action in the face video information is consistent with the specified action; if not, the payment authentication fails; otherwise, the following steps are performed:
  • the face feature parameter and the electrocardiogram feature parameter are encrypted and sent to the server, so that the server performs the feature parameter corresponding to the face feature parameter and the reserved user face image information by the F test method.
  • the analysis and the characteristic parameters corresponding to the ECG characteristic parameters and the reserved user ECG information are analyzed by the F-test to obtain the significance analysis results.
  • the significant analysis results include the facial feature parameter significance analysis results and the ECG characteristics. If the sexual analysis results are insufficient, it is judged that the payment authentication is not passed, and only two significant analysis results are significant, and the payment authentication is passed.
  • the third embodiment of the present invention is:
  • the present invention provides a face and electrocardiogram based payment authentication terminal comprising a memory, a processor and a computer program stored on the memory and operable on the processor, the processor implementing the program to implement the following steps:
  • step S0 randomly generate facial specified action information, display the specified action information; collect face information while collecting ECG information; the face information includes face video information and face image information; After performing noise reduction and filtering processing on the ECG information, it is determined whether the face action in the face video information is consistent with the specified action; if they are consistent, step S1 is performed, otherwise the payment authentication fails;
  • step S0 is re-executed
  • S1 determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
  • Embodiment 4 of the present invention is:
  • the present invention provides a face and electrocardiogram based payment authentication terminal comprising a memory, a processor and a computer program stored on the memory and operable on the processor, the processor implementing the program to implement the following steps:
  • the method adopted also defines the neural network, collects the original data, and classifies all the corresponding characteristic parameters in different states by the method of deep learning convolutional neural network. By training, correcting, and outputting the results, the corresponding mathematical models in different states can be obtained.
  • the default transaction terminal and the server are first authenticated. If the authentication fails, the payment authentication fails and the transaction is terminated.
  • the authentication succeeds, acquiring current location information of the transaction terminal; encrypting the current location information to obtain location encryption information; and transmitting the location encryption information to a server, so that the server saves the location encryption information in a preset Security log information;
  • the face specified action information is randomly generated, and the specified action information is displayed; while the face information is collected, the ECG information is collected; the face information includes the face video information and the face image information; After the face information and the ECG information are respectively subjected to noise reduction and filtering processing, it is determined whether the face action in the face video information is consistent with the specified action; if not, the payment authentication fails; otherwise, the following steps are performed:
  • the face feature parameter and the electrocardiogram feature parameter are encrypted and sent to the server, so that the server performs the feature parameter corresponding to the face feature parameter and the reserved user face image information by the F test method.
  • the analysis and the characteristic parameters corresponding to the ECG characteristic parameters and the reserved user ECG information are analyzed by the F-test to obtain the significance analysis results.
  • the significant analysis results include the facial feature parameter significance analysis results and the ECG characteristics. If the sexual analysis results are insufficient, then it is judged whether the payment authentication is passed, and only two significant analysis results are significant, and the payment authentication is passed.
  • Embodiment 5 of the present invention is:
  • the invention provides a POS machine, comprising an MCU (micro control module), a camera, an ECG acquisition module (electrocardiogram acquisition module) and a liquid crystal screen, wherein the MCU is electrically connected to the camera, the ECG acquisition module and the liquid crystal screen respectively;
  • MCU micro control module
  • ECG acquisition module electrocardiogram acquisition module
  • liquid crystal screen wherein the MCU is electrically connected to the camera, the ECG acquisition module and the liquid crystal screen respectively;
  • the POS software Before leaving the factory, the POS software undergoes extensive machine learning training, including tens of thousands of face information under normal emotions and coerced face information, as well as tens of thousands of normal awake state ECGs, sleep ECGs, and under stress conditions. ECG.
  • the recognition software fits into a calculation formula by using a deep learning convolutional neural network method for all training samples by reading specific parameters (the main steps are: defining neural networks, collecting raw data, classifying) Training, correction, and output results, and the relationship between these parameters and emotions, sleep, etc., so that the software for face recognition and ECG recognition has the ability to identify whether the source of information is under stress and sleep.
  • POS and transaction background authentication If the authentication fails, it means that the POS has no transaction authority and ends the transaction; if the authentication is successful, it means that the POS has the transaction authority, and the encryption of the POS and the transaction background is enabled.
  • the wireless module encrypts and uploads the current base station location at this time, and saves it as the content of the security log in the transaction background.
  • the POS prompts the trader to collect the ECG information by using the ECG acquisition device built in the POS machine or encrypted communication with the POS machine through the LCD screen, and the MCU randomly generates the face specified action (including blinking, opening mouth, turning head, etc.)
  • the LCD screen prompts the user to collect the face information of the specified action through the camera.
  • the camera collects the face information of the trader, and at the same time, the electrocardiogram collecting device delivers the collected single-lead ECG information to the MCU of the POS machine.
  • the MCU needs to decrypt the information to obtain the ECG plaintext information.
  • the MCU preprocesses the face information, including noise reduction and normalization processing.
  • the MCU checks the legality of the face information, including checking whether the face action is consistent with the prompt, checking whether there is high frequency information exceeding the threshold, calculating the main feature parameter, and returning the result obtained in the training in step 1 to check whether it is being If the state of coercion does not pass, it is judged as illegal information, rejected, and the transaction is terminated.
  • the MCU calculates the feature values of the face information, including the geometric features of the eyes, nose, mouth, and the like of the face.
  • the MCU encrypts the face information feature value and transmits it to the transaction background.
  • the face information of the uploaded face information and the face information of the cardholder reserved by the bank are analyzed by the F test method, and the transaction is judged according to the analysis result: if the significance is insufficient, the face recognition is indicated. Failure, telling the POS to end the transaction; if the significance is obvious, it indicates that the face recognition is successful, and the POS is allowed to allow the transaction.
  • the MCU pre-processes the ECG information, including intercepting the ECG waveform and denoising of a single cardiac cycle. For external acquisition devices, decryption operations are required before preprocessing.
  • step 11 Calculate the main characteristic parameters of the electrocardiogram, and bring back the results obtained in the training in step 1 to calculate whether the current trader is in a stressful or sleep state of nervous fear. If it is, it is considered illegal information, refused, and ended the transaction. ; otherwise continue to trade
  • the MCU calculates the amplitude, area and mean of the P wave, QRS complex and T wave of the electrocardiogram as the characteristic values of the electrocardiogram.
  • the MCU encrypts the ECG feature value and transmits it to the transaction background.
  • the ECG feature value uploaded by the transaction background and the cardholder's ECG information reserved by the bank are analyzed by the F-test. If the significance is insufficient, the ECG recognition fails, and the POS is notified to end the transaction; if the significance is obvious, It means that the ECG recognition is successful, the background transaction is performed, and the transaction result is notified to the POS.
  • the POS machine will prompt the trader to the transaction result.
  • the present invention provides a face and electrocardiogram-based payment authentication method and terminal, which can determine whether a user is in a sleep state through the electrocardiogram information, and prevent the user from being stolen in the sleep state;
  • a large number of spatial hopping occurs at the edges of the face, the edges of the eyes, the edges of the mouth, etc., and there is a large amount of high-frequency information corresponding to the frequency domain, so it is determined whether the image information of the face is
  • the presence of high-frequency information greater than a preset threshold can prevent the problem of the authentication authentication attack by the image information synthesized by the computer; and the present invention can effectively determine whether the user is in a coerced state by using the electrocardiogram information and the face image information to make payment It is safer and more reliable; the combination of face and ECG recognition can greatly reduce the risk of misappropriation and enhance transaction security and reliability.
  • the cardholder's face information and ECG information are transmitted to the server as encrypted information through encryption. Only the one-way uplink transmission of the characteristic parameters is allowed to avoid the leakage of sensitive information.
  • the above-mentioned ECG information is not easy to be stolen. Even if the ECG information is stolen, the attacker is not easy to camouflage the ECG to attack the POS, which effectively improves the security of the payment authentication and makes the transaction more secure and reliable.

Abstract

Provided are a face and electrocardiogram-based payment authentication method and a terminal. The method comprises the following steps: determining, according to electrocardiogram information, whether a user is in a sleeping state; determining, according to facial information, whether facial image information of the facial information contains high-frequency information greater than a preset threshold; and if both determination results are negative, performing a related matching operation according to the facial image information, the electrocardiogram information, and pre-stored facial image information and electrocardiogram information of the user, and determining, according to a match result, whether payment authentication is successful. The present invention can effectively determine, according to electrocardiogram information and facial image information, whether a user is in a compelled state or a sleeping state, thereby ensuring more secure and reliable transactions. The method combines face and electrocardiogram recognition techniques, thereby greatly reducing risks of unauthorized payments, and enhancing transaction security and reliability.

Description

一种基于人脸和心电图的支付认证方法及终端Payment authentication method and terminal based on face and electrocardiogram 技术领域Technical field
本发明涉及电子支付技术领域,尤其涉及一种基于人脸和心电图的支付认证方法及终端。The present invention relates to the field of electronic payment technologies, and in particular, to a payment authentication method and a terminal based on a face and an electrocardiogram.
背景技术Background technique
随着互联网技术的不断发展,通过智能移动终端进行网上购物已成为了人们生活中必不可少的一件事情,这也极大的方便了人们的生活。由于网上购物涉及到用户的敏感信息,因此在网上购物并进行支付时需要较安全的支付认证方式;现在的支付认证方式主要为通过指纹或脸部识别进行支付认证,其存在以下缺点:生物特征易被盗取:指纹信息在交易人接触物品的时候比较容易套取,且非活体信息,脸部图像信息原本就是公开的,通过视频或拍照都很容易盗取;盗取的生物特征易用于攻击,采用盗取的指纹和脸部信息可以分别通过制作指模和图像合成的技术对支付设备进行攻击,从而达到盗刷的目的。With the continuous development of Internet technology, online shopping through smart mobile terminals has become an indispensable part of people's lives, which is also very convenient for people's lives. Since online shopping involves sensitive information of users, it requires a more secure payment authentication method when shopping online and making payment. The current payment authentication method mainly performs payment authentication through fingerprint or face recognition, which has the following disadvantages: biometrics Easy to be stolen: Fingerprint information is easier to take when the trader touches the item, and the non-living information, the facial image information is originally public, and it is easy to steal through video or photographing; the stolen biometrics are easy to use. In the attack, the stolen fingerprint and facial information can be used to attack the payment device by making fingerprint and image synthesis techniques respectively, thereby achieving the purpose of stealing.
技术问题technical problem
本发明所要解决的技术问题是:本发明提供一种基于人脸和心电图的支付认证方法及终端,提高了支付认证的安全性。The technical problem to be solved by the present invention is that the present invention provides a payment authentication method and a terminal based on a face and an electrocardiogram, and improves the security of payment authentication.
技术解决方案Technical solution
为了解决上述技术问题,本发明提供了一种基于人脸和心电图的支付认证方法,包括以下步骤:In order to solve the above technical problem, the present invention provides a payment authentication method based on a face and an electrocardiogram, comprising the following steps:
S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
本发明还提供了一种基于人脸和心电图的支付认证终端,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现以下步骤:The present invention also provides a face and electrocardiogram-based payment authentication terminal comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, the processor implementing the program to implement the following steps :
S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
有益效果Beneficial effect
本发明的有益效果为:The beneficial effects of the invention are:
本发明提供的一种基于人脸和心电图的支付认证方法及终端,通过心电图信息,能够判断用户是否处于睡眠状态,防止用户在睡眠状态下,心电图信息被盗用的问题;由于通过计算机合成的图像,在脸部边缘、眼部边缘、嘴部边缘等合成拼接的地方出现大量空域的跳变,对应在频域则存在大量高频信息,故通过判断人脸图像信息中是否存在大于预设阈值的高频信息,能够防止通过计算机合成的图像信息对支付认证攻击的问题;并且同时根据心电图信息和人脸图像信息,进行支付认证,通过双重认证的方式提高了支付的安全性,且上述的心电图信息为活体特征,攻击者也不易伪装心电图对支付认证进行攻击,使支付更加安全。The invention provides a face and electrocardiogram-based payment authentication method and a terminal, which can determine whether a user is in a sleep state through the electrocardiogram information, and prevent the user from being stolen in the sleep state; the image synthesized by the computer A large number of spatial hopping occurs at the edge of the face, the edge of the eye, the edge of the mouth, etc., and there is a large amount of high-frequency information corresponding to the frequency domain, so it is determined whether the presence of the face image information is greater than a preset threshold. The high-frequency information can prevent the problem of payment authentication attack by the image information synthesized by the computer; and at the same time, the payment authentication is performed according to the electrocardiogram information and the face image information, and the security of the payment is improved by the double authentication method, and the above The ECG information is a living feature, and the attacker is not easy to camouflage the ECG to attack the payment authentication, making the payment more secure.
附图说明DRAWINGS
图1为根据本发明实施例的一种基于人脸和心电图的支付认证方法的主要步骤示意图;1 is a schematic diagram showing main steps of a face and electrocardiogram-based payment authentication method according to an embodiment of the present invention;
图2为根据本发明实施例的一种基于人脸和心电图的支付认证终端的结构示意图;2 is a schematic structural diagram of a face authentication and an electrocardiogram-based payment authentication terminal according to an embodiment of the present invention;
标号说明:Label description:
1、存储器;2、处理器。1, memory; 2, processor.
本发明的实施方式Embodiments of the invention
请参照图1,本发明提供了一种基于人脸和心电图的支付认证方法,包括以下步骤:Referring to FIG. 1, the present invention provides a payment authentication method based on a face and an electrocardiogram, comprising the following steps:
S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
从上述描述可知,通过心电图信息,能够判断用户是否处于睡眠状态,防止用户在睡眠状态下,心电图信息被盗用的问题;由于通过计算机合成的图像,在脸部边缘、眼部边缘、嘴部边缘等合成拼接的地方出现大量空域的跳变,对应在频域则存在大量高频信息,故通过判断人脸图像信息中是否存在大于预设阈值的高频信息,能够防止通过计算机合成的图像信息对支付认证攻击的问题;并且同时根据心电图信息和人脸图像信息,进行支付认证,通过双重认证的方式提高了支付的安全性,且上述的心电图信息为活体特征,能够防止被盗用,使支付更加安全。It can be seen from the above description that through the electrocardiogram information, it can be determined whether the user is in a sleep state, preventing the user from being stolen by the user in the sleep state; due to the image synthesized by the computer, at the edge of the face, the edge of the eye, and the edge of the mouth A large number of spatial hopping occurs in the place where the splicing is performed, and a large amount of high frequency information exists in the frequency domain. Therefore, by determining whether there is high frequency information larger than a preset threshold in the face image information, image information synthesized by the computer can be prevented. The problem of payment authentication attack; and at the same time, according to the electrocardiogram information and the face image information, the payment authentication is performed, and the security of the payment is improved by the double authentication method, and the above-mentioned electrocardiogram information is a living feature, which can prevent theft and make payment. safer.
进一步的,所述S1之前还包括:Further, before the S1, the method further includes:
S01:显示支付验证时所需要的脸部指定动作信息;S01: Display face specified action information required for payment verification;
S02:采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;S02: collecting ECG information while collecting face information; the face information includes face video information and face image information;
S03:判断人脸视频信息中的人脸动作是否与指定动作一致;S03: determining whether the face motion in the face video information is consistent with the specified action;
S04:若一致,则执行步骤S1,否则支付认证失败。S04: If they are consistent, step S1 is performed, otherwise the payment authentication fails.
从上述描述可知,采集的人脸信息为用户根据显示的指定动作信息进行相应的脸部动作时,通过摄像装置采集的人脸视频信息及人脸图像信息,通过上述方法,提高了支付验证的安全性。It can be seen from the above description that the collected face information is the face video information and the face image information collected by the camera device when the user performs the corresponding face action according to the specified action information displayed, and the payment verification is improved by the above method. safety.
进一步的,所述S02和S03之间还包括:Further, the S02 and the S03 further include:
对所述人脸信息和心电图信息分别进行降噪和滤波处理。The face information and the electrocardiogram information are separately subjected to noise reduction and filtering processing.
从上述描述可知,通过上述方法能够提高数据处理的准确性。As can be seen from the above description, the accuracy of data processing can be improved by the above method.
进一步的,所述S01中显示支付验证时所需要的脸部指定动作信息具体为:Further, the face specifying action information required for displaying the payment verification in the S01 is specifically:
随机生成脸部指定动作信息,显示所述指定动作信息。The face specifying action information is randomly generated, and the specified action information is displayed.
从上述描述可知,通过上述方法,能够防止不法分子盗用上一次支持验证时的人脸信息进行支付验证,提高了支付的安全性。As can be seen from the above description, by the above method, it is possible to prevent the fraudulent use of the face information at the time of last support verification to perform payment verification, thereby improving the security of payment.
进一步的,若在预设时间内人脸信息或心电图信息采集失败,则随机显示新的指定动作信息,并重新采集人脸信息的同时,采集心电图信息。Further, if the face information or the ECG information fails to be collected within the preset time, the new specified action information is randomly displayed, and the face information is collected again, and the ECG information is collected.
从上述描述可知,通过上述方法,能够防止支付认证信息被盗用,进一步提高了支付的安全性。As apparent from the above description, by the above method, it is possible to prevent the payment authentication information from being stolen, and the security of the payment is further improved.
进一步的,所述S1之前还包括:Further, before the S1, the method further includes:
获取多份处于被胁迫状态的第一人脸图像信息,计算得到每一份第一人脸图像信息的第一特征参数;Acquiring a plurality of first face image information in a state of being stressed, and calculating a first feature parameter of each first face image information;
拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型;Fitting all the first feature parameters to obtain a first mathematical model between the stressed state and the first feature parameter;
获取多份处于正常清醒状态的正常心电图信息、多份处于睡眠状态睡眠心电图信息和多份处于被胁迫状态的胁迫心电图信息;Obtaining multiple normal ECG information in a normal awake state, multiple sleep ECG information in a sleep state, and multiple stress ECG information in a state of being stressed;
计算得到每一份正常心电图信息的第二特征参数、每一份睡眠心电图信息的第三特征参数和每一份胁迫心电图信息的第四特征参数;Calculating a second characteristic parameter of each normal electrocardiogram information, a third characteristic parameter of each sleep electrocardiogram information, and a fourth characteristic parameter of each stress electrocardiogram information;
将正常清醒状态对应的所有第二特征参数、睡眠状态对应的所有第三特征参数和被胁迫状态对应的所有第四特征参数分别进行拟合,得到不同状态下对应的数学模型。All second feature parameters corresponding to the normal awake state, all third feature parameters corresponding to the sleep state, and all fourth feature parameters corresponding to the stress state are respectively fitted to obtain corresponding mathematical models in different states.
从上述描述可知,通过上述方法能够建立出处于被胁迫状态下人脸信息的第一数学模型,以及不同状态下心电图信息对应的不同模型,以便后续能准确判断用户所处的状态,提高了支付的安全性。It can be seen from the above description that the first mathematical model of the face information under the stress state and the different models corresponding to the ECG information in different states can be established by the above method, so that the user can accurately determine the state of the user and improve the payment. Security.
进一步的,所述S1具体为:Further, the S1 is specifically:
根据获取得到的心电图信息和人脸信息中的人脸图像信息,分别计算得到心电图特征参数及人脸特征参数;Obtaining an electrocardiogram feature parameter and a face feature parameter according to the obtained electrocardiogram information and the face image information in the face information;
根据所述人脸特征参数和第一数学模型,判断用户是否处于被胁迫状态,以及根据心电图特征参数和不同状态下对应的数学模型,判断用户是否处于被胁迫状态或睡眠状态,以及判断人脸图像信息中是否存在大于预设阈值的高频信息。Determining whether the user is in a state of being coerced according to the face feature parameter and the first mathematical model, and determining whether the user is in a coerced state or a sleep state according to the electrocardiographic feature parameter and the corresponding mathematical model in different states, and determining the face Whether there is high frequency information larger than a preset threshold in the image information.
从上述描述可知,通过上述方法,能够准确地判断用处是否处于被胁迫状态、睡眠状态,以防止用户在被胁迫或睡觉状态下,被不法分子盗用用户信息,使用户带来巨大损失的问题。As can be seen from the above description, according to the above method, it is possible to accurately determine whether or not the use is in a state of being stressed or in a sleep state, so as to prevent the user from being misappropriated by the criminals in the state of being coerced or sleeping, causing a huge loss to the user.
进一步的,所述S2具体为:Further, the S2 is specifically:
若均否,则加密所述人脸特征参数及心电图特征参数,并发送至服务器,以使服务器将人脸特征参数与预留的用户人脸图像信息对应的特征参数进行显著性分析,以及将心电图特征参数与预留的用户心电图信息对应的特征参数进行显著性分析,得到显著性分析结果;根据所述显著性分析结果,判断支付认证是否通过。If yes, encrypting the face feature parameter and the electrocardiogram feature parameter, and sending the parameter to the server, so that the server performs significant analysis on the feature parameter corresponding to the face feature parameter and the reserved user face image information, and The characteristic parameters corresponding to the reserved user electrocardiogram information of the electrocardiogram characteristic parameter are significantly analyzed, and the significant analysis result is obtained; and according to the significance analysis result, whether the payment authentication is passed is determined.
从上述描述可知,传输过程中将人脸特征参数及心电图特征参数进行加密传输,能够防止用户数据被盗,使用户造成一定的经济损失的问题;同时通过显著性分析,能够准确地判断出人脸特征参数与预留的用户人脸图像信息对应的特征参数是否匹配,并能准确判断心电图特征参数与预留的用户心电图信息对应的特征参数是否匹配;上述双重验证的方式,提高了支付认证的安全性。It can be seen from the above description that the face feature parameters and the electrocardiogram feature parameters are encrypted and transmitted during the transmission process, which can prevent the user data from being stolen and cause a certain economic loss to the user; and at the same time, the saliency analysis can accurately determine the person. Whether the feature parameters corresponding to the face feature parameter and the reserved user face image information match, and can accurately determine whether the feature parameters corresponding to the ECG feature parameter and the reserved user ECG information match; the above double verification method improves the payment authentication Security.
进一步的,“判断人脸图像信息中是否存在大于预设阈值的高频信息”具体为:Further, "determining whether there is high frequency information greater than a preset threshold in the face image information" is specifically:
计算所述人脸图像信息对应的图像频域信息,判断所述图像频域信息中是否存在大于预设阈值的高频信息。Calculating image frequency domain information corresponding to the face image information, and determining whether there is high frequency information greater than a preset threshold in the image frequency domain information.
从上述描述可知,通过上述方法,能够准确计算出人脸图像信息是否包括高频信息,以防止通过计算机合成的图像用于支付验证,提高了支付的安全性。As can be seen from the above description, by the above method, it is possible to accurately calculate whether the face image information includes high frequency information, to prevent the image synthesized by the computer from being used for payment verification, and to improve the security of payment.
进一步的,所述S1之前还包括:Further, before the S1, the method further includes:
对预设的交易终端与服务器进行鉴权判断,若鉴权失败,则支付认证失败,结束交易;Performing an authentication judgment on the preset transaction terminal and the server, and if the authentication fails, the payment authentication fails, and the transaction is ended;
若鉴权成功,则获取所述交易终端的当前位置信息;If the authentication is successful, acquiring current location information of the transaction terminal;
加密所述当前位置信息,得到位置加密信息;Encrypting the current location information to obtain location encryption information;
发送所述位置加密信息至服务器,以使得服务器将所述位置加密信息保存在预设的安全日志信息中。Sending the location encryption information to the server, so that the server saves the location encryption information in preset security log information.
从上述描述可知,交易过程中存储交易时所处的位置信息,使交易位置可追溯。As can be seen from the above description, the location information in which the transaction is stored during the transaction process makes the transaction location traceable.
请参照图2,本发明还提供了一种基于人脸和心电图的支付认证终端,包括存储器1、处理器2及存储在存储器1上并可在处理器2上运行的计算机程序,所述处理器2执行所述程序时实现以下步骤:Referring to FIG. 2, the present invention further provides a face and electrocardiogram-based payment authentication terminal, comprising a memory 1, a processor 2, and a computer program stored on the memory 1 and operable on the processor 2, the processing When the program 2 executes the program, the following steps are implemented:
S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述处理器执行所述程序时,实现步骤S1之前还包括:Further, the above-mentioned face and electrocardiogram-based payment authentication terminal, when the processor executes the program, before the step S1 is implemented, the method further includes:
S01:显示支付验证时所需要的脸部指定动作信息;S01: Display face specified action information required for payment verification;
S02:采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;S02: collecting ECG information while collecting face information; the face information includes face video information and face image information;
S03:判断人脸视频信息中的人脸动作是否与指定动作一致;S03: determining whether the face motion in the face video information is consistent with the specified action;
S04:若一致,则执行步骤S1,否则支付认证失败。S04: If they are consistent, step S1 is performed, otherwise the payment authentication fails.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述S02和S03之间还包括:Further, the above-mentioned face and electrocardiogram-based payment authentication terminal further includes: between S02 and S03:
对所述人脸信息和心电图信息分别进行降噪和滤波处理。The face information and the electrocardiogram information are separately subjected to noise reduction and filtering processing.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述S01中显示支付验证时所需要的脸部指定动作信息具体为:Further, the face authentication and the ECG-based payment authentication terminal, wherein the face specified action information required for displaying the payment verification in the S01 is specifically:
随机生成脸部指定动作信息,显示所述指定动作信息。The face specifying action information is randomly generated, and the specified action information is displayed.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述处理器执行所述程序时,实现的步骤还包括:若在预设时间内人脸信息或心电图信息采集失败,则随机显示新的指定动作信息,并重新采集人脸信息的同时,采集心电图信息。Further, the above-mentioned face and electrocardiogram-based payment authentication terminal, when the processor executes the program, the steps further include: if the face information or the ECG information collection fails within a preset time, The new specified motion information is randomly displayed, and the ECG information is collected while the face information is re-acquired.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述S1之前还包括:Further, the above-mentioned face and electrocardiogram-based payment authentication terminal further includes:
获取多份处于被胁迫状态的第一人脸图像信息,计算得到每一份第一人脸图像信息的第一特征参数;Acquiring a plurality of first face image information in a state of being stressed, and calculating a first feature parameter of each first face image information;
拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型;Fitting all the first feature parameters to obtain a first mathematical model between the stressed state and the first feature parameter;
获取多份处于正常清醒状态的正常心电图信息、多份处于睡眠状态睡眠心电图信息和多份处于被胁迫状态的胁迫心电图信息;Obtaining multiple normal ECG information in a normal awake state, multiple sleep ECG information in a sleep state, and multiple stress ECG information in a state of being stressed;
计算得到每一份正常心电图信息的第二特征参数、每一份睡眠心电图信息的第三特征参数和每一份胁迫心电图信息的第四特征参数;Calculating a second characteristic parameter of each normal electrocardiogram information, a third characteristic parameter of each sleep electrocardiogram information, and a fourth characteristic parameter of each stress electrocardiogram information;
将正常清醒状态对应的所有第二特征参数、睡眠状态对应的所有第三特征参数和被胁迫状态对应的所有第四特征参数分别进行拟合,得到不同状态下对应的数学模型。All second feature parameters corresponding to the normal awake state, all third feature parameters corresponding to the sleep state, and all fourth feature parameters corresponding to the stress state are respectively fitted to obtain corresponding mathematical models in different states.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述S1具体为:Further, the above-mentioned face and electrocardiogram-based payment authentication terminal, the S1 is specifically:
根据获取得到的心电图信息和人脸信息中的人脸图像信息,分别计算得到心电图特征参数及人脸特征参数;Obtaining an electrocardiogram feature parameter and a face feature parameter according to the obtained electrocardiogram information and the face image information in the face information;
根据所述人脸特征参数和第一数学模型,判断用户是否处于被胁迫状态,以及根据心电图特征参数和不同状态下对应的数学模型,判断用户是否处于被胁迫状态或睡眠状态,以及判断人脸图像信息中是否存在大于预设阈值的高频信息。Determining whether the user is in a state of being coerced according to the face feature parameter and the first mathematical model, and determining whether the user is in a coerced state or a sleep state according to the electrocardiographic feature parameter and the corresponding mathematical model in different states, and determining the face Whether there is high frequency information larger than a preset threshold in the image information.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述S2具体为:Further, the above-mentioned face and electrocardiogram-based payment authentication terminal, the S2 is specifically:
若均否,则加密所述人脸特征参数及心电图特征参数,并发送至服务器,以使服务器将人脸特征参数与预留的用户人脸图像信息对应的特征参数进行显著性分析,以及将心电图特征参数与预留的用户心电图信息对应的特征参数进行显著性分析,得到显著性分析结果;根据所述显著性分析结果,判断支付认证是否通过。If yes, encrypting the face feature parameter and the electrocardiogram feature parameter, and sending the parameter to the server, so that the server performs significant analysis on the feature parameter corresponding to the face feature parameter and the reserved user face image information, and The characteristic parameters corresponding to the reserved user electrocardiogram information of the electrocardiogram characteristic parameter are significantly analyzed, and the significant analysis result is obtained; and according to the significance analysis result, whether the payment authentication is passed is determined.
进一步的,所述的一种基于人脸和心电图的支付认证终端,“判断人脸图像信息中是否存在大于预设阈值的高频信息”具体为:Further, the payment authentication terminal based on the face and the electrocardiogram, "determining whether there is high frequency information greater than a preset threshold in the face image information" is specifically:
计算所述人脸图像信息对应的图像频域信息,判断所述图像频域信息中是否存在大于预设阈值的高频信息。Calculating image frequency domain information corresponding to the face image information, and determining whether there is high frequency information greater than a preset threshold in the image frequency domain information.
进一步的,所述的一种基于人脸和心电图的支付认证终端,所述S1之前还包括:Further, the above-mentioned face and electrocardiogram-based payment authentication terminal further includes:
对预设的交易终端与服务器进行鉴权判断,若鉴权失败,则支付认证失败,结束交易;Performing an authentication judgment on the preset transaction terminal and the server, and if the authentication fails, the payment authentication fails, and the transaction is ended;
若鉴权成功,则获取所述交易终端的当前位置信息;If the authentication is successful, acquiring current location information of the transaction terminal;
加密所述当前位置信息,得到位置加密信息;Encrypting the current location information to obtain location encryption information;
发送所述位置加密信息至服务器,以使得服务器将所述位置加密信息保存在预设的安全日志信息中。Sending the location encryption information to the server, so that the server saves the location encryption information in preset security log information.
请参照图1,本发明的实施例一为:Referring to FIG. 1, a first embodiment of the present invention is:
本发明提供了一种基于人脸和心电图的支付认证方法,包括以下步骤:The invention provides a payment authentication method based on a face and an electrocardiogram, comprising the following steps:
S0:随机生成脸部指定动作信息,显示所述指定动作信息;采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;对所述人脸信息和心电图信息分别进行降噪和滤波处理后,判断人脸视频信息中的人脸动作是否与指定动作一致;若一致,则执行步骤S1,否则支付认证失败;S0: randomly generate facial specified action information, display the specified action information; collect face information while collecting ECG information; the face information includes face video information and face image information; After performing noise reduction and filtering processing on the ECG information, it is determined whether the face action in the face video information is consistent with the specified action; if they are consistent, step S1 is performed, otherwise the payment authentication fails;
其中,若在预设时间内人脸信息或心电图信息采集失败,则重新执行步骤S0;Wherein, if the face information or the ECG information collection fails within the preset time, step S0 is re-executed;
S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
本发明的实施例二为:Embodiment 2 of the present invention is:
本发明提供了一种基于人脸和心电图的支付认证方法,包括以下步骤:The invention provides a payment authentication method based on a face and an electrocardiogram, comprising the following steps:
获取多份处于被胁迫状态的第一人脸图像信息,计算得到每一份第一人脸图像信息的第一特征参数;拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型;Acquiring a plurality of first face image information in a state of being stressed, calculating a first feature parameter of each first face image information; fitting all the first feature parameters to obtaining a stressed state and a first feature parameter The first mathematical model between;
其中“拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型”具体为:Wherein "fitting all the first characteristic parameters to obtain a first mathematical model between the stressed state and the first characteristic parameter" is specifically:
读取每一份样本(第一人脸图像信息)对应的第一特征参数,通过深度学习卷积神经网络的方法对所有的第一特征参数进行拟合,即定义神经网络、收集原始数据、分类训练、校正、输出结果,得到被胁迫状态与第一特征参数之间的第一数学模型;Reading the first feature parameter corresponding to each sample (first face image information), and fitting all the first feature parameters by deep learning convolutional neural network, that is, defining a neural network, collecting original data, Sorting training, correcting, and outputting results, obtaining a first mathematical model between the stressed state and the first characteristic parameter;
获取多份处于正常清醒状态的正常心电图信息、多份处于睡眠状态睡眠心电图信息和多份处于被胁迫状态的胁迫心电图信息;计算得到每一份正常心电图信息的第二特征参数、每一份睡眠心电图信息的第三特征参数和每一份胁迫心电图信息的第四特征参数;将正常清醒状态对应的所有第二特征参数、睡眠状态对应的所有第三特征参数和被胁迫状态对应的所有第四特征参数分别进行拟合,得到不同状态下对应的数学模型;Obtaining multiple normal ECG information in normal awake state, multiple sleeping ECG information in sleep state, and multiple stress ECG information in stress state; calculating second characteristic parameters of each normal ECG information, each sleep a third characteristic parameter of the electrocardiogram information and a fourth characteristic parameter of each stress electrocardiogram information; all second characteristic parameters corresponding to the normal awake state, all third characteristic parameters corresponding to the sleep state, and all fourth corresponding to the stressed state The characteristic parameters are respectively fitted to obtain corresponding mathematical models in different states;
其中,通过拟合,得到不同状态下对应的数学模型,所采用的方法同样通过深度学习卷积神经网络的方法分别对不同状态下对应的所有的特征参数进行定义神经网络、收集原始数据、分类训练、校正、输出结果,即可得到不同状态下对应的数学模型。Among them, through the fitting, the corresponding mathematical models in different states are obtained. The method adopted also defines the neural network, collects the original data, and classifies all the corresponding characteristic parameters in different states by the method of deep learning convolutional neural network. By training, correcting, and outputting the results, the corresponding mathematical models in different states can be obtained.
在支付时,先对预设的交易终端与服务器进行鉴权判断,若鉴权失败,则支付认证失败,结束交易;In the payment, the default transaction terminal and the server are first authenticated. If the authentication fails, the payment authentication fails and the transaction is terminated.
若鉴权成功,则获取所述交易终端的当前位置信息;加密所述当前位置信息,得到位置加密信息;发送所述位置加密信息至服务器,以使得服务器将所述位置加密信息保存在预设的安全日志信息中;If the authentication succeeds, acquiring current location information of the transaction terminal; encrypting the current location information to obtain location encryption information; and transmitting the location encryption information to a server, so that the server saves the location encryption information in a preset Security log information;
在鉴权成功后,随机生成脸部指定动作信息,显示所述指定动作信息;采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;对所述人脸信息和心电图信息分别进行降噪和滤波处理后,判断人脸视频信息中的人脸动作是否与指定动作一致;若不一致,支付认证失败;否则,执行以下步骤:After the authentication succeeds, the face specified action information is randomly generated, and the specified action information is displayed; while the face information is collected, the ECG information is collected; the face information includes the face video information and the face image information; After the face information and the ECG information are respectively subjected to noise reduction and filtering processing, it is determined whether the face action in the face video information is consistent with the specified action; if not, the payment authentication fails; otherwise, the following steps are performed:
根据获取得到的心电图信息和人脸信息中的人脸图像信息,分别计算得到心电图特征参数及人脸特征参数;Obtaining an electrocardiogram feature parameter and a face feature parameter according to the obtained electrocardiogram information and the face image information in the face information;
根据所述人脸特征参数和第一数学模型,判断用户是否处于被胁迫状态,以及根据心电图特征参数和不同状态下对应的数学模型,判断用户是否处于被胁迫状态或睡眠状态,以及判断人脸图像信息中是否存在大于预设阈值的高频信息;Determining whether the user is in a state of being coerced according to the face feature parameter and the first mathematical model, and determining whether the user is in a coerced state or a sleep state according to the electrocardiographic feature parameter and the corresponding mathematical model in different states, and determining the face Whether there is high frequency information greater than a preset threshold in the image information;
若均否,则加密所述人脸特征参数及心电图特征参数,并发送至服务器,以使服务器将人脸特征参数与预留的用户人脸图像信息对应的特征参数通过F检验法进行显著性分析,以及将心电图特征参数与预留的用户心电图信息对应的特征参数通过F检验法进行显著性分析,得到显著性分析结果;显著性分析结果包括人脸特征参数显著性分析结果和心电图特征显著性分析结果,若其中任意一项显著性不足,则判断支付认证不通过,只有两项显著性分析结果显著性均明显,支付认证通过。If yes, the face feature parameter and the electrocardiogram feature parameter are encrypted and sent to the server, so that the server performs the feature parameter corresponding to the face feature parameter and the reserved user face image information by the F test method. The analysis and the characteristic parameters corresponding to the ECG characteristic parameters and the reserved user ECG information are analyzed by the F-test to obtain the significance analysis results. The significant analysis results include the facial feature parameter significance analysis results and the ECG characteristics. If the sexual analysis results are insufficient, it is judged that the payment authentication is not passed, and only two significant analysis results are significant, and the payment authentication is passed.
请参照图2,本发明的实施例三为:Referring to FIG. 2, the third embodiment of the present invention is:
本发明提供了一种基于人脸和心电图的支付认证终端,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现以下步骤:The present invention provides a face and electrocardiogram based payment authentication terminal comprising a memory, a processor and a computer program stored on the memory and operable on the processor, the processor implementing the program to implement the following steps:
S0:随机生成脸部指定动作信息,显示所述指定动作信息;采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;对所述人脸信息和心电图信息分别进行降噪和滤波处理后,判断人脸视频信息中的人脸动作是否与指定动作一致;若一致,则执行步骤S1,否则支付认证失败;S0: randomly generate facial specified action information, display the specified action information; collect face information while collecting ECG information; the face information includes face video information and face image information; After performing noise reduction and filtering processing on the ECG information, it is determined whether the face action in the face video information is consistent with the specified action; if they are consistent, step S1 is performed, otherwise the payment authentication fails;
其中,若在预设时间内人脸信息或心电图信息采集失败,则重新执行步骤S0;Wherein, if the face information or the ECG information collection fails within the preset time, step S0 is re-executed;
S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
本发明的实施例四为:Embodiment 4 of the present invention is:
本发明提供了一种基于人脸和心电图的支付认证终端,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现以下步骤:The present invention provides a face and electrocardiogram based payment authentication terminal comprising a memory, a processor and a computer program stored on the memory and operable on the processor, the processor implementing the program to implement the following steps:
获取多份处于被胁迫状态的第一人脸图像信息,计算得到每一份第一人脸图像信息的第一特征参数;拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型;Acquiring a plurality of first face image information in a state of being stressed, calculating a first feature parameter of each first face image information; fitting all the first feature parameters to obtaining a stressed state and a first feature parameter The first mathematical model between;
其中“拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型”具体为:Wherein "fitting all the first characteristic parameters to obtain a first mathematical model between the stressed state and the first characteristic parameter" is specifically:
读取每一份样本(第一人脸图像信息)对应的第一特征参数,通过深度学习卷积神经网络的方法对所有的第一特征参数进行拟合,即定义神经网络、收集原始数据、分类训练、校正、输出结果,得到被胁迫状态与第一特征参数之间的第一数学模型;Reading the first feature parameter corresponding to each sample (first face image information), and fitting all the first feature parameters by deep learning convolutional neural network, that is, defining a neural network, collecting original data, Sorting training, correcting, and outputting results, obtaining a first mathematical model between the stressed state and the first characteristic parameter;
获取多份处于正常清醒状态的正常心电图信息、多份处于睡眠状态睡眠心电图信息和多份处于被胁迫状态的胁迫心电图信息;计算得到每一份正常心电图信息的第二特征参数、每一份睡眠心电图信息的第三特征参数和每一份胁迫心电图信息的第四特征参数;将正常清醒状态对应的所有第二特征参数、睡眠状态对应的所有第三特征参数和被胁迫状态对应的所有第四特征参数分别进行拟合,得到不同状态下对应的数学模型;Obtaining multiple normal ECG information in normal awake state, multiple sleeping ECG information in sleep state, and multiple stress ECG information in stress state; calculating second characteristic parameters of each normal ECG information, each sleep a third characteristic parameter of the electrocardiogram information and a fourth characteristic parameter of each stress electrocardiogram information; all second characteristic parameters corresponding to the normal awake state, all third characteristic parameters corresponding to the sleep state, and all fourth corresponding to the stressed state The characteristic parameters are respectively fitted to obtain corresponding mathematical models in different states;
其中,通过拟合,得到不同状态下对应的数学模型,所采用的方法同样通过深度学习卷积神经网络的方法分别对不同状态下对应的所有的特征参数进行定义神经网络、收集原始数据、分类训练、校正、输出结果,即可得到不同状态下对应的数学模型。Among them, through the fitting, the corresponding mathematical models in different states are obtained. The method adopted also defines the neural network, collects the original data, and classifies all the corresponding characteristic parameters in different states by the method of deep learning convolutional neural network. By training, correcting, and outputting the results, the corresponding mathematical models in different states can be obtained.
在支付时,先对预设的交易终端与服务器进行鉴权判断,若鉴权失败,则支付认证失败,结束交易;In the payment, the default transaction terminal and the server are first authenticated. If the authentication fails, the payment authentication fails and the transaction is terminated.
若鉴权成功,则获取所述交易终端的当前位置信息;加密所述当前位置信息,得到位置加密信息;发送所述位置加密信息至服务器,以使得服务器将所述位置加密信息保存在预设的安全日志信息中;If the authentication succeeds, acquiring current location information of the transaction terminal; encrypting the current location information to obtain location encryption information; and transmitting the location encryption information to a server, so that the server saves the location encryption information in a preset Security log information;
在鉴权成功后,随机生成脸部指定动作信息,显示所述指定动作信息;采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;对所述人脸信息和心电图信息分别进行降噪和滤波处理后,判断人脸视频信息中的人脸动作是否与指定动作一致;若不一致,支付认证失败;否则,执行以下步骤:After the authentication succeeds, the face specified action information is randomly generated, and the specified action information is displayed; while the face information is collected, the ECG information is collected; the face information includes the face video information and the face image information; After the face information and the ECG information are respectively subjected to noise reduction and filtering processing, it is determined whether the face action in the face video information is consistent with the specified action; if not, the payment authentication fails; otherwise, the following steps are performed:
根据获取得到的心电图信息和人脸信息中的人脸图像信息,分别计算得到心电图特征参数及人脸特征参数;Obtaining an electrocardiogram feature parameter and a face feature parameter according to the obtained electrocardiogram information and the face image information in the face information;
根据所述人脸特征参数和第一数学模型,判断用户是否处于被胁迫状态,以及根据心电图特征参数和不同状态下对应的数学模型,判断用户是否处于被胁迫状态或睡眠状态,以及判断人脸图像信息中是否存在大于预设阈值的高频信息;Determining whether the user is in a state of being coerced according to the face feature parameter and the first mathematical model, and determining whether the user is in a coerced state or a sleep state according to the electrocardiographic feature parameter and the corresponding mathematical model in different states, and determining the face Whether there is high frequency information greater than a preset threshold in the image information;
若均否,则加密所述人脸特征参数及心电图特征参数,并发送至服务器,以使服务器将人脸特征参数与预留的用户人脸图像信息对应的特征参数通过F检验法进行显著性分析,以及将心电图特征参数与预留的用户心电图信息对应的特征参数通过F检验法进行显著性分析,得到显著性分析结果;显著性分析结果包括人脸特征参数显著性分析结果和心电图特征显著性分析结果,若其中任意一项显著性不足,则判断支付认证是否通过,只有两项显著性分析结果显著性均明显,支付认证通过。If yes, the face feature parameter and the electrocardiogram feature parameter are encrypted and sent to the server, so that the server performs the feature parameter corresponding to the face feature parameter and the reserved user face image information by the F test method. The analysis and the characteristic parameters corresponding to the ECG characteristic parameters and the reserved user ECG information are analyzed by the F-test to obtain the significance analysis results. The significant analysis results include the facial feature parameter significance analysis results and the ECG characteristics. If the sexual analysis results are insufficient, then it is judged whether the payment authentication is passed, and only two significant analysis results are significant, and the payment authentication is passed.
本发明的实施例五为:Embodiment 5 of the present invention is:
本发明提供了一种POS机,包括MCU(微控制模块)、摄像头、ECG采集模块(心电图采集模块)和液晶屏,所述MCU分别与摄像头、ECG采集模块和液晶屏电连接;The invention provides a POS machine, comprising an MCU (micro control module), a camera, an ECG acquisition module (electrocardiogram acquisition module) and a liquid crystal screen, wherein the MCU is electrically connected to the camera, the ECG acquisition module and the liquid crystal screen respectively;
1)出厂前,POS的软件经过大量的机器学习训练,包括上万份正常情绪下的人脸信息与被胁迫的人脸信息以及上万份正常清醒状态心电图、睡眠心电图和被胁迫状态下的心电图。识别软件通过对每一份训练样本进行特定参数的读取,通过对所有训练样本利用深度学习卷积神经网络的方法拟合成一个计算公式(主要步骤有:定义神经网络、收集原始数据、分类训练、校正、输出结果),得出这些参数与情绪、睡眠等结果的关系,从而使得人脸识别与心电图识别的软件具有识别信息来源是否处于胁迫及睡眠的能力。1) Before leaving the factory, the POS software undergoes extensive machine learning training, including tens of thousands of face information under normal emotions and coerced face information, as well as tens of thousands of normal awake state ECGs, sleep ECGs, and under stress conditions. ECG. The recognition software fits into a calculation formula by using a deep learning convolutional neural network method for all training samples by reading specific parameters (the main steps are: defining neural networks, collecting raw data, classifying) Training, correction, and output results, and the relationship between these parameters and emotions, sleep, etc., so that the software for face recognition and ECG recognition has the ability to identify whether the source of information is under stress and sleep.
2)POS与交易后台进行鉴权:若鉴权失败,则表示POS没有交易权限,结束交易;若鉴权成功,则表示POS有交易权限,开启POS与交易后台的加密,若POS机内置有无线模块,则此时加密上传当前基站位置,作为交易后台的安全日志的内容保存下来。2) POS and transaction background authentication: If the authentication fails, it means that the POS has no transaction authority and ends the transaction; if the authentication is successful, it means that the POS has the transaction authority, and the encryption of the POS and the transaction background is enabled. The wireless module encrypts and uploads the current base station location at this time, and saves it as the content of the security log in the transaction background.
3)POS通过液晶屏提示交易人使用内置于POS机或与POS机加密通信的心电图采集装置采集其心电图信息,同时MCU随机生成脸部指定动作(包括眨眼、张嘴、转头等动作),通过液晶屏提示用户通过摄像头采集该指定动作的人脸信息。3) The POS prompts the trader to collect the ECG information by using the ECG acquisition device built in the POS machine or encrypted communication with the POS machine through the LCD screen, and the MCU randomly generates the face specified action (including blinking, opening mouth, turning head, etc.) The LCD screen prompts the user to collect the face information of the specified action through the camera.
4)摄像头采集交易人的人脸信息,同时,心电图采集装置将采集到的单导联的心电图信息交给POS机的MCU。对于外置的心电图采集装置,MCU需要解密信息获取心电图明文信息。4) The camera collects the face information of the trader, and at the same time, the electrocardiogram collecting device delivers the collected single-lead ECG information to the MCU of the POS machine. For an external ECG acquisition device, the MCU needs to decrypt the information to obtain the ECG plaintext information.
5)MCU对人脸信息进行预处理,包括降噪和归一化处理等。5) The MCU preprocesses the face information, including noise reduction and normalization processing.
6)MCU检查人脸信息合法性,包括检查人脸动作是否与提示一致、检查是否存在超过阈值的高频信息、计算主要特征参数带回步骤1中训练得到的结果进行结算,检查是否处于被胁迫的状态,若检查不通过,则判为非法信息,予以拒绝,结束交易。6) The MCU checks the legality of the face information, including checking whether the face action is consistent with the prompt, checking whether there is high frequency information exceeding the threshold, calculating the main feature parameter, and returning the result obtained in the training in step 1 to check whether it is being If the state of coercion does not pass, it is judged as illegal information, rejected, and the transaction is terminated.
7)MCU计算人脸信息特征值,包括脸部的眼、鼻、口等的几何特征等。7) The MCU calculates the feature values of the face information, including the geometric features of the eyes, nose, mouth, and the like of the face.
8)MCU将人脸信息特征值加密后传给交易后台。8) The MCU encrypts the face information feature value and transmits it to the transaction background.
9)交易后台将上传的人脸信息特征值与银行预留的持卡人人脸信息通过F检验法进行显著性分析,根据分析结果判断是否允许交易:若显著性不足,则表明人脸识别失败,告知POS结束交易;若显著性明显,则表明人脸识别成功,告知POS允许交易。9) The face information of the uploaded face information and the face information of the cardholder reserved by the bank are analyzed by the F test method, and the transaction is judged according to the analysis result: if the significance is insufficient, the face recognition is indicated. Failure, telling the POS to end the transaction; if the significance is obvious, it indicates that the face recognition is successful, and the POS is allowed to allow the transaction.
10)MCU对心电图信息进行预处理,包括截取单心动周期的心电图波形、去噪。对于外置采集装置,需要在预处理之前做解密操作。10) The MCU pre-processes the ECG information, including intercepting the ECG waveform and denoising of a single cardiac cycle. For external acquisition devices, decryption operations are required before preprocessing.
11)计算心电图的各主要特征参数,带回步骤1中训练得到的结果进行计算,得出当前交易人是否处于紧张害怕的胁迫状态或睡眠状态,若是则认为是非法信息,予以拒绝,结束交易;否则继续交易11) Calculate the main characteristic parameters of the electrocardiogram, and bring back the results obtained in the training in step 1 to calculate whether the current trader is in a stressful or sleep state of nervous fear. If it is, it is considered illegal information, refused, and ended the transaction. ; otherwise continue to trade
12)MCU计算心电图P波、QRS波群和T波的波幅、面积和均值作为心电图的特征值。12) The MCU calculates the amplitude, area and mean of the P wave, QRS complex and T wave of the electrocardiogram as the characteristic values of the electrocardiogram.
13)MCU将心电图特征值加密后传给交易后台。13) The MCU encrypts the ECG feature value and transmits it to the transaction background.
14)交易后台将上传的心电图特征值与银行预留的持卡人心电图信息通过F检验法进行显著性分析:若显著性不足,则表示心电图识别失败,告知POS结束交易;若显著性明显,则表示心电图识别成功,进行后台交易,并将交易结果告知POS。14) The ECG feature value uploaded by the transaction background and the cardholder's ECG information reserved by the bank are analyzed by the F-test. If the significance is insufficient, the ECG recognition fails, and the POS is notified to end the transaction; if the significance is obvious, It means that the ECG recognition is successful, the background transaction is performed, and the transaction result is notified to the POS.
15)POS机将交易结果提示给交易人。15) The POS machine will prompt the trader to the transaction result.
综上所述,本发明提供的一种基于人脸和心电图的支付认证方法及终端,通过心电图信息,能够判断用户是否处于睡眠状态,防止用户在睡眠状态下,心电图信息被盗用的问题;由于通过计算机合成的图像,在脸部边缘、眼部边缘、嘴部边缘等合成拼接的地方出现大量空域的跳变,对应在频域则存在大量高频信息,故通过判断人脸图像信息中是否存在大于预设阈值的高频信息,能够防止通过计算机合成的图像信息对支付认证攻击的问题;同时本发明通过对心电图信息及人脸图像信息能够有效地判断用户是否处于被胁迫状态,使支付更加安全可靠;通过人脸与心电图识别结合的方法可以很大程度降低盗用风险,加强交易安全性和可靠性。持卡人的人脸信息与心电图信息作为敏感信息通过加密方式传输至服务器,只允许单向上行传输加密的特征参数,避免了敏感信息泄露。上述的心电图信息不易被盗取,即便心电图信息被盗取,攻击者也不易伪装心电图对POS进行攻击,有效提升了支付认证的安全性,使交易更加安全可靠。In summary, the present invention provides a face and electrocardiogram-based payment authentication method and terminal, which can determine whether a user is in a sleep state through the electrocardiogram information, and prevent the user from being stolen in the sleep state; Through computer-synthesized images, a large number of spatial hopping occurs at the edges of the face, the edges of the eyes, the edges of the mouth, etc., and there is a large amount of high-frequency information corresponding to the frequency domain, so it is determined whether the image information of the face is The presence of high-frequency information greater than a preset threshold can prevent the problem of the authentication authentication attack by the image information synthesized by the computer; and the present invention can effectively determine whether the user is in a coerced state by using the electrocardiogram information and the face image information to make payment It is safer and more reliable; the combination of face and ECG recognition can greatly reduce the risk of misappropriation and enhance transaction security and reliability. The cardholder's face information and ECG information are transmitted to the server as encrypted information through encryption. Only the one-way uplink transmission of the characteristic parameters is allowed to avoid the leakage of sensitive information. The above-mentioned ECG information is not easy to be stolen. Even if the ECG information is stolen, the attacker is not easy to camouflage the ECG to attack the POS, which effectively improves the security of the payment authentication and makes the transaction more secure and reliable.

Claims (20)

  1. 一种基于人脸和心电图的支付认证方法,其特征在于,包括以下步骤:A payment authentication method based on a face and an electrocardiogram, characterized in that it comprises the following steps:
    S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
    S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
  2. 根据权利要求1所述的一种基于人脸和心电图的支付认证方法,其特征在于,所述S1之前还包括:The method for claim authentication based on a face and an electrocardiogram according to claim 1, wherein the S1 further comprises:
    S01:显示支付验证时所需要的脸部指定动作信息;S01: Display face specified action information required for payment verification;
    S02:采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;S02: collecting ECG information while collecting face information; the face information includes face video information and face image information;
    S03:判断人脸视频信息中的人脸动作是否与指定动作一致;S03: determining whether the face motion in the face video information is consistent with the specified action;
    S04:若一致,则执行步骤S1,否则支付认证失败。S04: If they are consistent, step S1 is performed, otherwise the payment authentication fails.
  3. 根据权利要求2所述的一种基于人脸和心电图的支付认证方法,其特征在于,所述S02和S03之间还包括:The method for claim authentication based on the face and the electrocardiogram according to claim 2, wherein the S02 and the S03 further comprise:
    对所述人脸信息和心电图信息分别进行降噪和滤波处理。The face information and the electrocardiogram information are separately subjected to noise reduction and filtering processing.
  4. 根据权利要求2所述的一种基于人脸和心电图的支付认证方法,其特征在于,所述S01中显示支付验证时所需要的脸部指定动作信息具体为:The face and electrocardiogram-based payment authentication method according to claim 2, wherein the face specifying action information required for displaying the payment verification in the S01 is specifically:
    随机生成脸部指定动作信息,显示所述指定动作信息。The face specifying action information is randomly generated, and the specified action information is displayed.
  5. 根据权利要求4所述的一种基于人脸和心电图的支付认证方法,其特征在于,若在预设时间内人脸信息或心电图信息采集失败,则随机显示新的指定动作信息,并重新采集人脸信息的同时,采集心电图信息。The face and electrocardiogram-based payment authentication method according to claim 4, wherein if the face information or the electrocardiogram information fails to be collected within the preset time, the new specified action information is randomly displayed and re-acquired At the same time as the face information, the ECG information is collected.
  6. 根据权利要求1所述的一种基于人脸和心电图的支付认证方法,其特征在于,所述S1之前还包括:The method for claim authentication based on a face and an electrocardiogram according to claim 1, wherein the S1 further comprises:
    获取多份处于被胁迫状态的第一人脸图像信息,计算得到每一份第一人脸图像信息的第一特征参数;Acquiring a plurality of first face image information in a state of being stressed, and calculating a first feature parameter of each first face image information;
    拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型;Fitting all the first feature parameters to obtain a first mathematical model between the stressed state and the first feature parameter;
    获取多份处于正常清醒状态的正常心电图信息、多份处于睡眠状态睡眠心电图信息和多份处于被胁迫状态的胁迫心电图信息;Obtaining multiple normal ECG information in a normal awake state, multiple sleep ECG information in a sleep state, and multiple stress ECG information in a state of being stressed;
    计算得到每一份正常心电图信息的第二特征参数、每一份睡眠心电图信息的第三特征参数和每一份胁迫心电图信息的第四特征参数;Calculating a second characteristic parameter of each normal electrocardiogram information, a third characteristic parameter of each sleep electrocardiogram information, and a fourth characteristic parameter of each stress electrocardiogram information;
    将正常清醒状态对应的所有第二特征参数、睡眠状态对应的所有第三特征参数和被胁迫状态对应的所有第四特征参数分别进行拟合,得到不同状态下对应的数学模型。All second feature parameters corresponding to the normal awake state, all third feature parameters corresponding to the sleep state, and all fourth feature parameters corresponding to the stress state are respectively fitted to obtain corresponding mathematical models in different states.
  7. 根据权利要求6所述的一种基于人脸和心电图的支付认证方法,其特征在于,所述S1具体为:The method for claim authentication based on a face and an electrocardiogram according to claim 6, wherein the S1 is specifically:
    根据获取得到的心电图信息和人脸信息中的人脸图像信息,分别计算得到心电图特征参数及人脸特征参数;Obtaining an electrocardiogram feature parameter and a face feature parameter according to the obtained electrocardiogram information and the face image information in the face information;
    根据所述人脸特征参数和第一数学模型,判断用户是否处于被胁迫状态,以及根据心电图特征参数和不同状态下对应的数学模型,判断用户是否处于被胁迫状态或睡眠状态,以及判断人脸图像信息中是否存在大于预设阈值的高频信息。Determining whether the user is in a state of being coerced according to the face feature parameter and the first mathematical model, and determining whether the user is in a coerced state or a sleep state according to the electrocardiographic feature parameter and the corresponding mathematical model in different states, and determining the face Whether there is high frequency information larger than a preset threshold in the image information.
  8. 根据权利要求7所述的一种基于人脸和心电图的支付认证方法,其特征在于,所述S2具体为:The method for claim authentication based on a face and an electrocardiogram according to claim 7, wherein the S2 is specifically:
    若均否,则加密所述人脸特征参数及心电图特征参数,并发送至服务器,以使服务器将人脸特征参数与预留的用户人脸图像信息对应的特征参数进行显著性分析,以及将心电图特征参数与预留的用户心电图信息对应的特征参数进行显著性分析,得到显著性分析结果;根据所述显著性分析结果,判断支付认证是否通过。If yes, encrypting the face feature parameter and the electrocardiogram feature parameter, and sending the parameter to the server, so that the server performs significant analysis on the feature parameter corresponding to the face feature parameter and the reserved user face image information, and The characteristic parameters corresponding to the reserved user electrocardiogram information of the electrocardiogram characteristic parameter are significantly analyzed, and the significant analysis result is obtained; and according to the significance analysis result, whether the payment authentication is passed is determined.
  9. 根据权利要求1或8所述的一种基于人脸和心电图的支付认证方法,其特征在于,“判断人脸图像信息中是否存在大于预设阈值的高频信息”具体为:A method for payment authentication based on a face and an electrocardiogram according to claim 1 or 8, wherein "determining whether there is high frequency information greater than a preset threshold in the face image information" is specifically:
    计算所述人脸图像信息对应的图像频域信息,判断所述图像频域信息中是否存在大于预设阈值的高频信息。Calculating image frequency domain information corresponding to the face image information, and determining whether there is high frequency information greater than a preset threshold in the image frequency domain information.
  10. 根据权利要求1所述的一种基于人脸和心电图的支付认证方法,其特征在于,所述S1之前还包括:The method for claim authentication based on a face and an electrocardiogram according to claim 1, wherein the S1 further comprises:
    对预设的交易终端与服务器进行鉴权判断,若鉴权失败,则支付认证失败,结束交易;Performing an authentication judgment on the preset transaction terminal and the server, and if the authentication fails, the payment authentication fails, and the transaction is ended;
    若鉴权成功,则获取所述交易终端的当前位置信息;If the authentication is successful, acquiring current location information of the transaction terminal;
    加密所述当前位置信息,得到位置加密信息;Encrypting the current location information to obtain location encryption information;
    发送所述位置加密信息至服务器,以使得服务器将所述位置加密信息保存在预设的安全日志信息中。Sending the location encryption information to the server, so that the server saves the location encryption information in preset security log information.
  11. 一种基于人脸和心电图的支付认证终端,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现以下步骤:A face and electrocardiogram-based payment authentication terminal includes a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor executes the program to implement the following steps:
    S1:根据心电图信息,判断用户是否处于睡眠状态;以及根据人脸信息,判断人脸信息中所包括的人脸图像信息中是否存在大于预设阈值的高频信息;S1: determining, according to the electrocardiogram information, whether the user is in a sleep state; and determining, according to the face information, whether high-frequency information greater than a preset threshold exists in the face image information included in the face information;
    S2:若均否,则根据人脸图像信息、心电图信息、预留的用户人脸图像信息和用户心电图信息,进行相关匹配操作,根据匹配结果,判断支付认证是否成功。S2: If no, the related matching operation is performed according to the face image information, the electrocardiogram information, the reserved user face image information, and the user's electrocardiogram information, and the payment authentication is determined according to the matching result.
  12. 根据权利要求11所述的一种基于人脸和心电图的支付认证终端,其特征在于,所述S1之前还包括:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 11, wherein before S1, the method further comprises:
    S01:显示支付验证时所需要的脸部指定动作信息;S01: Display face specified action information required for payment verification;
    S02:采集人脸信息的同时,采集心电图信息;所述人脸信息包括人脸视频信息及人脸图像信息;S02: collecting ECG information while collecting face information; the face information includes face video information and face image information;
    S03:判断人脸视频信息中的人脸动作是否与指定动作一致;S03: determining whether the face motion in the face video information is consistent with the specified action;
    S04:若一致,则执行步骤S1,否则支付认证失败。S04: If they are consistent, step S1 is performed, otherwise the payment authentication fails.
  13. 根据权利要求12所述的一种基于人脸和心电图的支付认证终端,其特征在于,所述S02和S03之间还包括:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 12, wherein the S02 and the S03 further comprise:
    对所述人脸信息和心电图信息分别进行降噪和滤波处理。The face information and the electrocardiogram information are separately subjected to noise reduction and filtering processing.
  14. 根据权利要求12所述的一种基于人脸和心电图的支付认证终端,其特征在于,所述S01中显示支付验证时所需要的脸部指定动作信息具体为:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 12, wherein the face specifying action information required for displaying the payment verification in the S01 is specifically:
    随机生成脸部指定动作信息,显示所述指定动作信息。The face specifying action information is randomly generated, and the specified action information is displayed.
  15. 根据权利要求14所述的一种基于人脸和心电图的支付认证终端,其特征在于,若在预设时间内人脸信息或心电图信息采集失败,则随机显示新的指定动作信息,并重新采集人脸信息的同时,采集心电图信息。The face authentication and electrocardiogram-based payment authentication terminal according to claim 14, wherein if the face information or the electrocardiogram information fails to be collected within a preset time, the new specified action information is randomly displayed and re-acquired. At the same time as the face information, the ECG information is collected.
  16. 根据权利要求11所述的一种基于人脸和心电图的支付认证终端,其特征在于,所述S1之前还包括:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 11, wherein before S1, the method further comprises:
    获取多份处于被胁迫状态的第一人脸图像信息,计算得到每一份第一人脸图像信息的第一特征参数;Acquiring a plurality of first face image information in a state of being stressed, and calculating a first feature parameter of each first face image information;
    拟合所有的第一特征参数,得到被胁迫状态与第一特征参数之间的第一数学模型;Fitting all the first feature parameters to obtain a first mathematical model between the stressed state and the first feature parameter;
    获取多份处于正常清醒状态的正常心电图信息、多份处于睡眠状态睡眠心电图信息和多份处于被胁迫状态的胁迫心电图信息;Obtaining multiple normal ECG information in a normal awake state, multiple sleep ECG information in a sleep state, and multiple stress ECG information in a state of being stressed;
    计算得到每一份正常心电图信息的第二特征参数、每一份睡眠心电图信息的第三特征参数和每一份胁迫心电图信息的第四特征参数;Calculating a second characteristic parameter of each normal electrocardiogram information, a third characteristic parameter of each sleep electrocardiogram information, and a fourth characteristic parameter of each stress electrocardiogram information;
    将正常清醒状态对应的所有第二特征参数、睡眠状态对应的所有第三特征参数和被胁迫状态对应的所有第四特征参数分别进行拟合,得到不同状态下对应的数学模型。All second feature parameters corresponding to the normal awake state, all third feature parameters corresponding to the sleep state, and all fourth feature parameters corresponding to the stress state are respectively fitted to obtain corresponding mathematical models in different states.
  17. 根据权利要求16所述的一种基于人脸和心电图的支付认证终端,其特征在于,所述S1具体为:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 16, wherein the S1 is specifically:
    根据获取得到的心电图信息和人脸信息中的人脸图像信息,分别计算得到心电图特征参数及人脸特征参数;Obtaining an electrocardiogram feature parameter and a face feature parameter according to the obtained electrocardiogram information and the face image information in the face information;
    根据所述人脸特征参数和第一数学模型,判断用户是否处于被胁迫状态,以及根据心电图特征参数和不同状态下对应的数学模型,判断用户是否处于被胁迫状态或睡眠状态,以及判断人脸图像信息中是否存在大于预设阈值的高频信息。Determining whether the user is in a state of being coerced according to the face feature parameter and the first mathematical model, and determining whether the user is in a coerced state or a sleep state according to the electrocardiographic feature parameter and the corresponding mathematical model in different states, and determining the face Whether there is high frequency information larger than a preset threshold in the image information.
  18. 根据权利要求17所述的一种基于人脸和心电图的支付认证终端,其特征在于,所述S2具体为:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 17, wherein the S2 is specifically:
    若均否,则加密所述人脸特征参数及心电图特征参数,并发送至服务器,以使服务器将人脸特征参数与预留的用户人脸图像信息对应的特征参数进行显著性分析,以及将心电图特征参数与预留的用户心电图信息对应的特征参数进行显著性分析,得到显著性分析结果;根据所述显著性分析结果,判断支付认证是否通过。If yes, encrypting the face feature parameter and the electrocardiogram feature parameter, and sending the parameter to the server, so that the server performs significant analysis on the feature parameter corresponding to the face feature parameter and the reserved user face image information, and The characteristic parameters corresponding to the reserved user electrocardiogram information of the electrocardiogram characteristic parameter are significantly analyzed, and the significant analysis result is obtained; and according to the significance analysis result, whether the payment authentication is passed is determined.
  19. 根据权利要求11或18所述的一种基于人脸和心电图的支付认证终端,其特征在于,“判断人脸图像信息中是否存在大于预设阈值的高频信息”具体为:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 11 or 18, wherein "determining whether there is high frequency information greater than a preset threshold in the face image information" is specifically:
    计算所述人脸图像信息对应的图像频域信息,判断所述图像频域信息中是否存在大于预设阈值的高频信息。Calculating image frequency domain information corresponding to the face image information, and determining whether there is high frequency information greater than a preset threshold in the image frequency domain information.
  20. 根据权利要求11所述的一种基于人脸和心电图的支付认证终端,其特征在于,所述S1之前还包括:The face authentication and the electrocardiogram-based payment authentication terminal according to claim 11, wherein before S1, the method further comprises:
    对预设的交易终端与服务器进行鉴权判断,若鉴权失败,则支付认证失败,结束交易;Performing an authentication judgment on the preset transaction terminal and the server, and if the authentication fails, the payment authentication fails, and the transaction is ended;
    若鉴权成功,则获取所述交易终端的当前位置信息;If the authentication is successful, acquiring current location information of the transaction terminal;
    加密所述当前位置信息,得到位置加密信息;Encrypting the current location information to obtain location encryption information;
    发送所述位置加密信息至服务器,以使得服务器将所述位置加密信息保存在预设的安全日志信息中。Sending the location encryption information to the server, so that the server saves the location encryption information in preset security log information.
PCT/CN2017/115557 2017-12-12 2017-12-12 Face and electrocardiogram-based payment authentication method and terminal WO2019113765A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2017/115557 WO2019113765A1 (en) 2017-12-12 2017-12-12 Face and electrocardiogram-based payment authentication method and terminal
CN201780002070.2A CN108401458A (en) 2017-12-12 2017-12-12 A kind of payment authentication method and terminal based on face and electrocardiogram

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/115557 WO2019113765A1 (en) 2017-12-12 2017-12-12 Face and electrocardiogram-based payment authentication method and terminal

Publications (1)

Publication Number Publication Date
WO2019113765A1 true WO2019113765A1 (en) 2019-06-20

Family

ID=63095097

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/115557 WO2019113765A1 (en) 2017-12-12 2017-12-12 Face and electrocardiogram-based payment authentication method and terminal

Country Status (2)

Country Link
CN (1) CN108401458A (en)
WO (1) WO2019113765A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110782247B (en) * 2019-10-23 2023-07-21 广东盛迪嘉电子商务股份有限公司 Intelligent watch payment method based on face recognition

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030037264A1 (en) * 2001-08-15 2003-02-20 Tadashi Ezaki Authentication processing system, authentiation processing method, authentication device, and computer program
CN102231213A (en) * 2011-06-29 2011-11-02 哈尔滨工业大学深圳研究生院 ECG (electrocardiograph) access card identity identification method and system
CN104850827A (en) * 2015-04-23 2015-08-19 小米科技有限责任公司 Fingerprint identification method and apparatus
CN105279641A (en) * 2014-06-12 2016-01-27 中兴通讯股份有限公司 Internet payment registration authentication and implementation methods and devices
CN105320947A (en) * 2015-11-04 2016-02-10 博宏信息技术有限公司 Face in-vivo detection method based on illumination component
CN105550878A (en) * 2015-06-23 2016-05-04 宇龙计算机通信科技(深圳)有限公司 Authorization request processing method and apparatus
CN105611531A (en) * 2015-10-30 2016-05-25 东莞酷派软件技术有限公司 Terminal control method, terminal control device and terminal
CN105718874A (en) * 2016-01-18 2016-06-29 北京天诚盛业科技有限公司 Method and device of in-vivo detection and authentication
CN105809442A (en) * 2014-12-30 2016-07-27 北京奇虎科技有限公司 High-security payment system and method
CN106127014A (en) * 2016-08-31 2016-11-16 珠海市魅族科技有限公司 A kind of biological information recognition method and terminal
CN106156730A (en) * 2016-06-30 2016-11-23 腾讯科技(深圳)有限公司 The synthetic method of a kind of facial image and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101679271B1 (en) * 2015-06-09 2016-11-24 엘지전자 주식회사 Mobile terminal and method for controlling the same
CN105761378B (en) * 2016-01-29 2018-06-05 广州御银科技股份有限公司 A kind of automatic identification merchandises and reduces the device and method of loss extremely
KR101803397B1 (en) * 2017-05-08 2017-12-01 주식회사 올아이티탑 System for relaying financial transaction with multiple safety function using face and finger-print or/and finger-vein at the same time and method for processing thereof

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030037264A1 (en) * 2001-08-15 2003-02-20 Tadashi Ezaki Authentication processing system, authentiation processing method, authentication device, and computer program
CN102231213A (en) * 2011-06-29 2011-11-02 哈尔滨工业大学深圳研究生院 ECG (electrocardiograph) access card identity identification method and system
CN105279641A (en) * 2014-06-12 2016-01-27 中兴通讯股份有限公司 Internet payment registration authentication and implementation methods and devices
CN105809442A (en) * 2014-12-30 2016-07-27 北京奇虎科技有限公司 High-security payment system and method
CN104850827A (en) * 2015-04-23 2015-08-19 小米科技有限责任公司 Fingerprint identification method and apparatus
CN105550878A (en) * 2015-06-23 2016-05-04 宇龙计算机通信科技(深圳)有限公司 Authorization request processing method and apparatus
CN105611531A (en) * 2015-10-30 2016-05-25 东莞酷派软件技术有限公司 Terminal control method, terminal control device and terminal
CN105320947A (en) * 2015-11-04 2016-02-10 博宏信息技术有限公司 Face in-vivo detection method based on illumination component
CN105718874A (en) * 2016-01-18 2016-06-29 北京天诚盛业科技有限公司 Method and device of in-vivo detection and authentication
CN106156730A (en) * 2016-06-30 2016-11-23 腾讯科技(深圳)有限公司 The synthetic method of a kind of facial image and device
CN106127014A (en) * 2016-08-31 2016-11-16 珠海市魅族科技有限公司 A kind of biological information recognition method and terminal

Also Published As

Publication number Publication date
CN108401458A (en) 2018-08-14

Similar Documents

Publication Publication Date Title
WO2019113776A1 (en) Face and voiceprint-based payment authentication method, and terminal
AU2020201558B2 (en) System and method for authorizing access to access-controlled environments
US11120111B2 (en) Authentication based on correlation of multiple pulse signals
Crouse et al. Continuous authentication of mobile user: Fusion of face image and inertial measurement unit data
CN108804884B (en) Identity authentication method, identity authentication device and computer storage medium
US9892576B2 (en) Biometrics identification module and personal wearable electronics network based authentication and transaction processing
WO2016150154A1 (en) Method, apparatus, device, and system used for mobile authentication
US20220122051A1 (en) Method and system for securing transactions in a point of sale
US20190332757A1 (en) Method and apparatus for authenticating a user of a computing device
US10360555B2 (en) Near field authentication through communication of enclosed content sound waves
WO2018094584A1 (en) Payment and identity authentication system based on biometric feature recognition
WO2017088693A1 (en) Feature recognition-based identity verification method
US20100226545A1 (en) Vein pattern management system, vein pattern registration apparatus, vein pattern authentication apparatus, vein pattern registration method, vein pattern authentication method, program, and vein data configuration
US11494474B2 (en) Brain activity-based authentication
JP2011023854A (en) Information processing apparatus, information processing method, and program
US20190065874A1 (en) System and method of authentication using image of a user
CN103793640A (en) Method and system for applying biological identification technology to USB Key
CN109426963B (en) Biometric system for authenticating biometric requests
WO2015188434A1 (en) Internet payment registration authentication, implementation method and device
CN104486306B (en) Identity authentication method is carried out based on finger hand vein recognition and cloud service
US11829460B2 (en) Systems and methods for biometric authentication via face covering
WO2019113765A1 (en) Face and electrocardiogram-based payment authentication method and terminal
JP2015524968A (en) How to authenticate users of contactless chip cards
JP5723930B2 (en) Information processing apparatus and information processing system
CN115906028A (en) User identity verification method and device and self-service terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17935021

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17935021

Country of ref document: EP

Kind code of ref document: A1