WO2019136802A1 - 密码更改方法、装置、终端设备及存储介质 - Google Patents
密码更改方法、装置、终端设备及存储介质 Download PDFInfo
- Publication number
- WO2019136802A1 WO2019136802A1 PCT/CN2018/077271 CN2018077271W WO2019136802A1 WO 2019136802 A1 WO2019136802 A1 WO 2019136802A1 CN 2018077271 W CN2018077271 W CN 2018077271W WO 2019136802 A1 WO2019136802 A1 WO 2019136802A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- account
- target
- mobile terminal
- banking service
- user
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Definitions
- the present application relates to the field of information security, and in particular, to a password changing method, apparatus, terminal device, and storage medium.
- the user When registering a financial account, based on account information security considerations, the user is required to enter real and valid personal information, such as the ID number and mobile phone number.
- the ID number and mobile phone number may change due to time or other factors, resulting in the invalidation of personal information when the account is registered.
- the personal information needs to be input to determine the current password to retrieve the corresponding account.
- the personal information is invalid or forgotten, the user cannot input the personal information accurately, and finally the user fails to be located. Get back blocked. For example, when a user wants to change a password, personal information needs to be verified.
- dynamic code is usually accepted as the main user authentication method by registering mobile phone number, but not all users' mobile phone numbers are always the same, and some users cannot be authenticated because the registered mobile phone number is invalid or changed.
- the user needs to call the customer service or visit the business counter to report the password problem, and then reset the password after the relevant identity verification. This not only increases the workload of the staff, but also consumes the user's time. However, if the verification process of password reset is reduced, the security of the user account is often not guaranteed.
- the embodiment of the present application provides a password change method, device, terminal device, and storage medium, and solves the problem of low password reset efficiency under the premise of ensuring security of a user account.
- an embodiment of the present application provides a password change method, including the following steps:
- the password change request including user identity information and mobile terminal information
- the embodiment of the present application provides a password changing apparatus, including:
- a password change request obtaining module configured to obtain a password change request, where the password change request includes user identity information and mobile terminal information;
- a user account querying module configured to respectively query a corresponding user identity account and a mobile terminal account based on the user identity information and the mobile terminal information;
- a target user account obtaining module configured to perform account information matching based on the user identity account and the mobile terminal account, to acquire a target user account
- a target banking service obtaining module configured to acquire a target banking service based on the banking service when there is a banking service corresponding to the target user account;
- the password change request response module is configured to perform identity verification based on the target banking service, and respond to the password change request according to the identity verification result.
- a third aspect of the present application provides a terminal device including a memory, a processor, and computer readable instructions stored in the memory and executable on the processor, the processor executing the computer readable instructions Implement the following steps:
- the password change request including user identity information and mobile terminal information
- a fourth aspect of the present application provides a computer readable storage medium storing computer readable instructions that, when executed by a processor, implement the following steps:
- the password change request including user identity information and mobile terminal information
- the password change request is triggered to trigger the password change process.
- the target user account can be quickly located, and the target user account can be quickly located when the user is unsure of the account information. If there is a target banking service corresponding to the target user account, the identity is verified based on the target banking service, and the password change request is responded according to the identity verification result, thereby ensuring security.
- the password change method quickly locates the target user account through two query information, and performs identity verification of the password change request based on the identity verification corresponding to the banking service of the target user account, and the password can be performed online even if the mobile phone is lost or the mobile phone number is replaced. Changes improve the efficiency of password changes while ensuring the security of user accounts.
- Embodiment 1 is a flowchart of a method for changing a password in Embodiment 1 of the present application
- step S40 in FIG. 1 is a flow chart of a specific embodiment of step S40 in FIG. 1;
- FIG. 3 is a flow chart of a specific embodiment of the step S50 of Figure 1;
- FIG. 5 is a flow chart of a specific embodiment of the step S60 of Figure 4;
- FIG. 6 is a schematic block diagram of a password changing apparatus in Embodiment 2 of the present application.
- FIG. 7 is a schematic diagram of a terminal device in Embodiment 4 of the present application.
- Fig. 1 is a flow chart showing a method of changing a password in the embodiment.
- the password change method is applied to various terminals to solve the problem of low password reset efficiency under the premise of ensuring the security of the user account.
- the password change method includes the following steps:
- the password change request refers to a request by the user for a password change.
- User identity information refers to information that is related to the identity of the user and that uniquely identifies the user.
- the user identity information includes a document number, a username, or a user number.
- the user number refers to the identification number assigned to the user, and one user corresponds to a unique user number.
- the mobile terminal information refers to information of the mobile terminal used by the user, and the mobile terminal information may be a mobile phone number.
- S20 Query the corresponding user identity account and the mobile terminal account respectively based on the user identity information and the mobile terminal information.
- a user When a user registers a related account, the user will be prompted to complete relevant information (name, ID type, ID number, email address, etc.) at the time of account registration or after successful account registration.
- relevant information name, ID type, ID number, email address, etc.
- the user is required to register the account by filling in personal information (document number and/or user name, etc.) + mobile phone number + login password during the registration phase.
- personal information (document number and/or user name, etc.) + mobile phone number + login password during the registration phase.
- the relevant personal information can be determined by the user after the registration is completed. perfect.
- each user account and corresponding user information are stored in the user information association table as shown in Table 1, so as to subsequently query and obtain the corresponding user account or user information based on the user information association table.
- the user identity account refers to the user account queried by the user identity information
- the mobile terminal account refers to the user account queried by the mobile terminal information.
- the user identity information including but not limited to the ID number, user name or user number
- the user information association table is queried according to the user identity information, and the queried user account is determined as the user identity.
- the mobile terminal information such as the mobile phone number
- the user information association table is queried according to the mobile terminal information, and the queried user account is determined as the mobile terminal account.
- a unique user account can be corresponding to any of the following user information. Therefore, both the user identity information and the mobile terminal information can be used to query the corresponding user account to confirm whether there is a user account corresponding to the user identity information or the mobile terminal information in the system.
- the user identity information or the mobile terminal information is set correspondingly.
- the user identity account or mobile terminal account is empty.
- S30 Perform account information matching based on the user identity account and the mobile terminal account to obtain the target user account.
- the target user account is the user account for which the password change is to be made. After the user identity account and the mobile terminal account are acquired through the user identity information and the mobile terminal information respectively, the user identity account and the mobile terminal account are matched to determine the target user account.
- the user After confirming the target user account, the user needs to be authenticated to confirm that they have permission to change the password.
- the registered mobile phone receives the dynamic code as the user authentication method.
- This authentication method cannot successfully authenticate the user when the registered mobile phone number is invalid or changed.
- this method of authentication is also insecure when the user's mobile phone is stolen or lost.
- a target banking service is selected from the banking service corresponding to the target user account by using the banking service corresponding to the target user account, and the identity verification of the target user account is performed by the identity verification corresponding to the target banking service. The efficiency of password changes can be improved while ensuring the security of user accounts.
- S50 Perform identity verification based on the target banking service, and respond to the password change request according to the authentication result.
- the identity verification refers to the process of confirming the identity of the user through certain means. After obtaining the target banking service, the identity verification of the password change request of the target user account is performed by the identity verification corresponding to the target banking service. Respond to the password change request based on the authentication result.
- the response password change request includes two ways of agreeing to password change and rejecting password change. Agree to make a password change when authentication passes, and refuse to make a password change when authentication fails.
- the password change request is triggered to trigger the password change process.
- the user identity information and the mobile terminal information respectively query the corresponding user identity account and the mobile terminal account, and perform account information matching based on the user identity account and the mobile terminal account to acquire the target user account, that is, the target is performed through the user identity information and the mobile terminal information.
- the user account is located to quickly locate the target user account; if there is a banking service corresponding to the target user account, the target banking service is obtained based on the banking service; the identity is verified based on the target banking service, and the password change request is responded according to the identity verification result.
- the password change method quickly locates the target user account through the user identity information and the mobile terminal information, and performs identity verification of the password change request based on the identity verification corresponding to the banking service of the target user account, even if the mobile phone is lost or the mobile phone number is replaced. Password changes are made online, improving the efficiency of password changes while ensuring the security of user accounts.
- the account information matching is performed based on the user identity account and the mobile terminal account, and the target user account is obtained, which specifically includes:
- the user identity account and the mobile terminal account correspond to the same user account corresponding to the user identity account and the mobile terminal account.
- the user identity information in the password change request is the certificate number a1 and the mobile terminal information is the mobile phone number a4
- the user identity account queried based on the user identity information is the user A, and based on the mobile
- the user identity account queried by the terminal information is also user A.
- the user identity account and the mobile terminal account correspond to the same user account, that is, the user identity account and the mobile terminal account are both present and corresponding to each other. Therefore, the user identity account or the mobile terminal account can be used as the target user account.
- the existence of the user identity account means that the corresponding user account can be queried in the system through the user identity information
- the absence of the mobile terminal account means that the corresponding user account cannot be queried in the system through the mobile terminal information.
- the user identity account queried by the identity information is user A, and no corresponding user account is queried based on the mobile terminal information.
- the user identity account is used as the target user account, and then the appropriate identity verification mode is determined according to the target user account.
- the mobile terminal account exists and the user identity account does not exist, the mobile terminal account is used as the target user account.
- the existence of the mobile terminal account means that the corresponding user account can be queried in the system through the mobile terminal information, and the absence of the user identity account means that the corresponding user account cannot be queried in the system through the user identity information.
- the absence of the user identity account and the mobile terminal account means that the corresponding user account cannot be queried in the system through the user identity information, and the corresponding user account is not queried in the system through the mobile terminal information.
- the fact that the user identity account and the mobile terminal account do not correspond to each other means that the user identity account and the mobile terminal account can be queried through the user identity information and the mobile terminal information, but the user identity account and the mobile terminal account are not the same user.
- Account For example, (refer to Table 1), when the user identity information in the password change request is the certificate number a1 and the mobile terminal information is the mobile phone number b4, the user identity account queried based on the user identity information is user A, and based on the mobile The user identity account queried by the terminal information is user B. User A and User B are not the same user account. In this case, the user identity account and the mobile terminal account do not correspond.
- the prompt information refers to the information used to prompt the user. If the user identity account and the mobile terminal account do not exist or do not correspond to each other, a prompt message such as “cannot find the target account” or “the input information is incorrect” may be sent to prompt the user to re-enter.
- sending the prompt information is specifically: sending corresponding prompt information according to the query result.
- the prompt information such as “the target user account does not exist” may be sent to prompt the user to not query the user account through the user identity information and the mobile terminal information.
- the prompt information such as “user account inconsistency” may be sent to prompt the user that the user account queried by the user identity information and the mobile terminal information is inconsistent. Different prompt information is used to better prompt the user for specific query results, so that the user can perform targeted check and modification according to the corresponding prompt information.
- the target user location is performed by the user identity information and the mobile terminal information, and the target user account can be quickly located when the user is unsure of the account information, thereby improving the processing efficiency of the password change method.
- the target banking service is obtained based on the banking service, as shown in FIG. 2, which specifically includes the following steps:
- S41 Determine, according to the target user account, whether there is a platform banking service corresponding to the target user account.
- the banking business of the platform refers to the banking business in the system to which the user account belongs.
- the platform banking business refers to the Ping An banking business.
- the types of registered accounts corresponding to different service types are also different, so there is a level distinction.
- the higher the service level the higher the security requirements of the account.
- the account with higher service level needs to be authenticated by identity information, mobile phone number and bank card information.
- the mobile phone number is used as the main information of the account, such as part of the life business (mobile phone WIFI). Since the banking business has high requirements on the security of the account, based on the target user account, it is queried whether the user has handled the banking business of the platform.
- the target banking business refers to the banking business used for user authentication.
- services in the banking system such as debit cards, credit cards and virtual bank cards.
- the security level of different types of banking services is different.
- the security levels of the above three types of services are: debit card > credit card > virtual bank card.
- the third-party platform banking service may be selected as the target banking service, so as to be based on the target banking service.
- the authentication of the user account further ensures the security of the password change of the user account.
- the target banking service is determined by setting a reasonable selection method, and the third-party platform banking service is introduced when the user does not have the banking service of the platform, thereby improving the security of the password change of the user account.
- the identity verification is performed based on the target banking service, and the password change request is responded to according to the authentication result, as shown in FIG. 3, which specifically includes the following steps:
- S51 Generate and send an identity verification request corresponding to the target banking service based on the target banking service.
- the target user account is authenticated by the target banking service.
- the user can perform identity verification by generating an identity verification interface corresponding to the target banking service.
- the identity verification can be verified by the following four elements: a bank card number, an account opening name, an account opening document number, a login password/transaction password.
- the target banking service is a third-party platform banking service
- the following elements may be used for identity verification: a bank card number, an account opening name, an account opening document number, and an account opening bank information. Since the third-party platform banking business belongs to the banking business of other platforms, there may be risks if the user is required to input a login password or a transaction password for authentication. Therefore, other authentication elements can be used instead of the login password/transaction password for authentication.
- the target banking service is a third-party platform banking service
- the following elements may be used for identity verification: a bank card number, an account opening name, an account opening document number, and a mobile phone number.
- the user changes the mobile phone number, if the changed mobile phone number is bound to the third-party platform banking service, then the user can choose to use the third-party platform banking business as the target banking service for identity verification, and adopt the bank.
- the card element, account opening name, account number and mobile phone number are used to authenticate the user account. Further, it is also possible to increase the authentication method of the mobile phone verification code to increase the security of the identity verification.
- the identity verification of the user account can be performed by means of the identity verification of the banking service of the third-party platform.
- the security of user account authentication is also guaranteed without verification by login password or transaction password.
- S52 Obtain identity verification information corresponding to the identity verification request, and perform identity verification of the target user account.
- the user After sending the identity verification request corresponding to the target banking service, the user inputs the corresponding authentication information according to the identity verification request. After obtaining the authentication information, the identity of the target user account is performed.
- the authentication request verification passes, otherwise the authentication request verification fails.
- a password reset is performed when the authentication request is verified.
- the identity verification of the target user account is performed by the identity verification of the target banking service, and the account security level requirement of the banking service is relatively high.
- This verification method can directly perform online verification, and the premise of ensuring the security of the user account. The efficiency of password changes has been improved.
- the password changing method further includes the following steps:
- the user account When the user account is found to have no banking service, it indicates that there is no financial service in the target user account, and the security verification standard of the target user account can be reduced, and the verification is performed by a simple verification code.
- the matching is successful, that is, the verification is passed, and the password reset is performed.
- the verification code is used for verification, and the verification mode of the account is flexibly set, thereby improving the efficiency of password change.
- verification code verification is performed, as shown in FIG. 5, which specifically includes the following steps:
- the verification code may be generated and sent to the mobile terminal corresponding to the mobile terminal information to perform a subsequent verification process.
- the mobile terminal information binding request refers to a request for inviting a user to perform mobile terminal information binding on his account. After acquiring the binding information of the mobile terminal input by the user, the system generates a verification code, and sends the verification code to the mobile terminal corresponding to the binding information of the mobile terminal.
- S63 Acquire verification information and perform identity verification of the target user account.
- the verification information input by the user is obtained, and the verification information input by the user and the generated verification code are compared and matched to complete the identity verification of the target user account. Specifically, when the verification information input by the user is consistent with the generated verification code, the verification code verification passes; otherwise, if the verification information input by the user does not match the generated verification code, the verification code verification fails.
- different authentication processes are performed by determining whether the target user account has mobile terminal information, and the user is guided to perform mobile terminal information binding when the target user account does not have mobile terminal information, thereby ensuring that the user can modify the online manner. Complete the password change.
- Fig. 6 is a block diagram showing the principle of the password changing means corresponding to the password changing method in the first embodiment.
- the password changing apparatus includes a password change request acquisition module 10, a user account inquiry module 20, a target user account acquisition module 30, a target banking service acquisition module 40, and a password change request response module 50.
- the first step of the password change request obtaining module 10, the user account query module 20, the target user account obtaining module 30, the target banking service obtaining module 40, and the password change request response module 50 is the same as the password changing method in the first embodiment. In order to avoid redundancy, the present embodiment is not described in detail.
- the password change request obtaining module 10 is configured to obtain a password change request, where the password change request includes user identity information and mobile terminal information.
- the user account querying module 20 is configured to separately query the corresponding user identity account and the mobile terminal account based on the user identity information and the mobile terminal information.
- the target user account obtaining module 30 is configured to perform account information matching based on the user identity account and the mobile terminal account to acquire the target user account.
- the target banking service obtaining module 40 is configured to acquire the target banking service based on the banking service when there is a banking service corresponding to the target user account.
- the password change request response module 50 is configured to perform identity verification based on the target banking service, and respond to the password change request according to the identity verification result.
- the target user account obtaining module 30 is further configured to: when the user identity account and the mobile terminal account are both present and the two correspond to each other, the user identity account or the mobile terminal account is used as the target user account; and the user identity account exists and moves.
- the terminal account does not exist, the user identity account is used as the target user account; when the mobile terminal account exists and the user identity account does not exist, the mobile terminal account is used as the target user account.
- the target user account obtaining module 30 is further configured to send the prompt information when neither the user identity account nor the mobile terminal account exists or the two do not correspond.
- the target banking service obtaining module 40 includes the platform banking service determining unit 41, the platform target banking service obtaining unit 42 and the third-party platform target banking service acquiring unit 43.
- the platform banking service determining unit 41 is configured to determine, according to the target user account, whether there is a platform banking service corresponding to the target user account.
- the platform target banking service obtaining unit 42 is configured to select the banking service of the platform with the highest security level when the banking service of the platform exists, as the target banking service.
- the third-party platform target banking service obtaining unit 43 is configured to obtain the third-party platform banking service corresponding to the target user account as the target banking service when there is no banking service of the platform.
- the password change request response module 50 includes an identity verification request transmitting unit 51, a target user account identity verifying unit 52, and a password resetting unit 53.
- the authentication request sending unit 51 is configured to generate and send an identity verification request corresponding to the target banking service based on the target banking service.
- the target user account authentication unit 52 is configured to obtain identity verification information corresponding to the identity verification request, and perform identity verification of the target user account.
- the password reset unit 53 is configured to perform password reset when the authentication request is verified.
- the password changing device further includes a verification code verification module 60 and a password reset module 70.
- the verification code verification module 60 is configured to perform verification code verification when there is no banking service in the target user account.
- the password resetting module 70 is configured to perform a password reset when the verification code verification is passed.
- the verification code verification module 60 includes a verification code generation and transmission unit 61, a mobile terminal binding unit 62, and an identity verification unit 63.
- the verification code generating and transmitting unit 61 is configured to generate a verification code and transmit it to the mobile terminal corresponding to the mobile terminal information when the mobile terminal information exists in the target user account.
- the mobile terminal binding unit 62 is configured to: when the target user account does not have the mobile terminal information, send the mobile terminal information binding request, acquire the binding information of the mobile terminal, generate a verification code, and send the mobile terminal to the mobile terminal corresponding to the binding information of the mobile terminal. in.
- the authentication unit 63 obtains the verification information and performs identity verification of the target user account.
- the embodiment provides a computer readable storage medium having computer readable instructions stored thereon, and the computer readable instructions are implemented by the processor to implement the password changing method in Embodiment 1. To avoid repetition, Let me repeat. Alternatively, when the computer readable instructions are executed by the processor, the functions of the modules/units in the password changing module in Embodiment 2 are implemented. To avoid repetition, details are not described herein again.
- FIG. 7 is a schematic diagram of a terminal device according to an embodiment of the present application.
- the terminal device 80 of this embodiment includes a processor 81, a memory 82, and computer readable instructions 83 stored in the memory 82 and operable on the processor 81.
- the processor 81 executes the steps of the password changing method in the first embodiment, such as steps S10 to S50 shown in FIG. 1, when the computer readable instructions 83 are executed.
- the functions of the modules/units of the foregoing embodiment 2 are implemented, such as the password change request acquisition module 10, the user account query module 20, and the target user account acquisition module 30 shown in FIG.
- the functions of the target banking service acquisition module 40 and the password change request response module 50 are implemented, such as the password change request acquisition module 10, the user account query module 20, and the target user account acquisition module 30 shown in FIG. The functions of the target banking service acquisition module 40 and the password change request response module 50.
- computer readable instructions 83 may be partitioned into one or more modules/units, one or more modules/units being stored in memory 82 and executed by processor 81 to complete the application.
- the one or more modules/units may be an instruction segment of a series of computer readable instructions 83 capable of performing a particular function for describing the execution of computer readable instructions 83 in the terminal device 80.
- the computer readable instructions 83 may be divided into a password change request acquisition module 10, a user account query module 20, a target user account acquisition module 30, a target banking service acquisition module 40, and a password change request response module 50 as shown in FIG.
- the specific functions of each module are as described in Embodiment 2, and are not described herein.
- the terminal device 80 can be a computing device such as a desktop computer, a notebook, a palmtop computer, and a cloud server.
- the terminal device may include, but is not limited to, a processor 81, a memory 82. It will be understood by those skilled in the art that FIG. 7 is merely an example of the terminal device 80 and does not constitute a limitation of the terminal device 80, and may include more or less components than those illustrated, or may combine certain components or different components.
- the terminal device may further include an input/output device, a network access device, a bus, and the like.
- the processor 81 may be a central processing unit (CPU), or may be other general-purpose processors, a digital signal processor (DSP), an application specific integrated circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc.
- the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
- the memory 82 may be an internal storage unit of the terminal device 80, such as a hard disk or a memory of the terminal device 80.
- the memory 82 may also be an external storage device of the terminal device 80, such as a plug-in hard disk provided on the terminal device 80, a smart memory card (SMC), a Secure Digital (SD) card, and a flash memory card (Flash). Card) and so on.
- the memory 82 may also include both an internal storage unit of the terminal device 80 and an external storage device.
- Memory 82 is used to store computer readable instructions as well as other programs and data required by the terminal device.
- the memory 82 can also be used to temporarily store data that has been output or is about to be output.
- each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
- the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
- the integrated modules/units if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium.
- the present application implements all or part of the processes in the foregoing embodiments, and may also be implemented by computer readable instructions, which may be stored in a computer readable storage medium.
- the computer readable instructions when executed by a processor, may implement the steps of the various method embodiments described above.
- the computer readable instructions comprise computer readable instruction code, which may be in the form of source code, an object code form, an executable file or some intermediate form or the like.
- the computer readable storage medium may include any entity or device capable of carrying the computer readable instruction code, a recording medium, a USB flash drive, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a read only memory (ROM, Read- Only Memory), Random Access Memory (RAM), electrical carrier signals, telecommunications signals, and software distribution media. It should be noted that the content contained in the computer readable storage medium may be appropriately increased or decreased according to the requirements of legislation and patent practice in a jurisdiction, for example, in some jurisdictions, according to legislation and patent practice, computer readable The storage medium does not include an electrical carrier signal and a telecommunication signal.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
一种密码更改方法、装置、终端设备及存储介质。该密码更改方法包括:获取密码更改请求;密码更改请求包括用户身份信息和移动终端信息(S10),基于用户身份信息和移动终端信息,分别查询对应的用户身份账户和移动终端账户(S20);基于用户身份账户和移动终端账户进行账户信息匹配,获取目标用户账户(S30);若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务(S40);基于目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求(S50)。该密码更改方法通过用户身份信息和移动终端信息快速定位出目标用户账户,并基于目标用户账户的银行业务对应的身份验证来进行该密码更改请求的身份验证,在确保用户账户安全性的前提下提高了密码更改的效率。
Description
本专利申请以2018年01月12日提交的申请号为201810031176.1,名称为“密码更改方法、装置、终端设备及存储介质”的中国发明专利申请为基础,并要求其优先权。
本申请涉及信息安全领域,尤其涉及一种密码更改方法、装置、终端设备及存储介质。
在注册金融账户时,基于账户信息安全的考虑需要用户录入真实有效的个人信息,例如证件号和手机号。证件号和手机号可能因时间推移或其他因素发生变更,导致账户注册时的个人信息失效。当用户忘记密码而执行密码找回时,需要输入个人信息以确定当前密码找回对应的账户,而个人信息的失效或遗忘时,会导致用户无法准确输入个人信息,最终致使定位用户失败,密码找回受阻。例如,当用户要修改密码时,需要对个人信息进行验证。在互联网行业中通常以注册手机号接收动态码作为主要的用户身份验证方式,但不是所有用户的手机号都始终保持不变,部分用户因注册手机号失效或更改而无法进行身份验证。此时,用户需要致电客服或亲临业务柜台,上报密码问题,通过相关的身份验证之后才能重置密码。这样不仅增加了工作人员的工作量,也耗费了用户的时间。但是,如果减少密码重置的验证流程的话,用户账户的安全性往往就无法得到保障。
发明内容
本申请实施例提供一种密码更改方法、装置、终端设备及存储介质,在确保用户账户安全性的前提下解决密码重置效率低的问题。
第一方面,本申请实施例提供一种密码更改方法,包括以下步骤:
获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;
基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;
基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;
若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业 务;
基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
第二方面,本申请实施例提供一种密码更改装置,包括:
密码更改请求获取模块,用于获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;
用户账户查询模块,用于基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;
目标用户账户获取模块,用于基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;
目标银行业务获取模块,用于在存在与所述目标用户帐户对应的银行业务时,基于所述银行业务获取目标银行业务;
密码更改请求响应模块,用于基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
本申请第三方面提供一种终端设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如下步骤:
获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;
基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;
基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;
若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务;
基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
本申请第四方面提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,所述计算机可读指令被处理器执行时实现如下步骤:
获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;
基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;
基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;
若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务;
基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
本申请实施例提供的密码更改方法、装置、终端设备及存储介质中,通过获取密码更改请求,以触发密码更改进程。基于用户身份信息和移动终端信息可快速进行目标用户账户定位,在用户不确定账户信息时快速定位出目标用户账户。若存在与目标用户帐户对应的目标银行业务时,基于目标银行业务进行身份验证,根据身份验证结果响应密码更改请求,从而保证安全性。该密码更改方法通过两个查询信息快速定位出目标用户账户,并基于目标用户账户的银行业务对应的身份验证来进行该密码更改请求的身份验证,即使手机遗失或手机号更换也可在线进行密码更改,在确保用户账户安全性的前提下提高了密码更改的效率。
为了更清楚地说明本申请实施例的技术方案,下面将对本申请实施例的描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。
图1是本申请实施例1中密码更改方法的一流程图;
图2是图1中步骤S40的一具体实施方式的一流程图;
图3是图1中步骤S50的一具体实施方式的一流程图;
图4是本申请实施例1中密码更改方法的另一流程图;
图5是图4中步骤S60的一具体实施方式的一流程图;
图6是本申请实施例2中密码更改装置的一原理框图;
图7是本申请实施例4中终端设备的一示意图。
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。
实施例1
图1示出本实施例中密码更改方法的流程图。该密码更改方法应用在各种终端中,在 确保用户账户安全性的前提下解决密码重置效率低的问题。如图1所示,该密码更改方法包括如下步骤:
S10:获取密码更改请求,密码更改请求包括用户身份信息和移动终端信息。
其中,密码更改请求是指用户提出的需要进行密码变更的请求。用户身份信息是指和用户身份相关且可以唯一标识出用户的信息。在一个实施方式中,用户身份信息包括证件号、用户名或用户号。用户号是指为用户分配的识别编号,一个用户对应一个唯一用户号。移动终端信息是指用户使用的移动终端的信息,移动终端信息可以为手机号。
S20:基于用户身份信息和移动终端信息,分别查询对应的用户身份账户和移动终端账户。
在用户注册一个相关账户的时候,往往在账户注册之时或者账户注册成功之后会提示用户完善相关的信息(姓名、证件类型、证件号和邮箱等)。例如,在账户安全级别要求较高的账户注册过程中,在注册阶段就需要用户通过填写个人信息(证件号和/或用户名等)+手机号+登录密码的方式来进行账户注册。而在对账户安全级别要求一般的账户注册过程中,可能在注册阶段只需要通过填写手机号+登录密码/验证码来进行账户注册,相关的个人信息可以在注册完成之后再由用户自行决定是否完善。在用户完成账户注册之后,将每一用户账户和对应的用户信息存储在如表一所示的用户信息关联表中,以便后续基于该用户信息关联表查询并获取对应的用户账户或用户信息。
用户身份账户是指通过用户身份信息查询到的用户账户,而移动终端账户是指通过移动终端信息查询到的用户账户。如表一所示,在获取到用户身份信息(包括但不限于证件号、用户名或用户号)后,会依据该用户身份信息查询用户信息关联表,将查询到的用户账户确定为用户身份账户。并且,在获取移动终端信息(如手机号)后,会依据该移动终端信息查询用户信息关联表,将查询到的用户账户确定为移动终端账户。通过下述任一项用户信息均可以对应到一个唯一用户账户。因此,用户身份信息和移动终端信息都可以用来查询对应的用户账户,以确认系统中是否存在和该用户身份信息或移动终端信息对应的用户账户。
表一 用户信息关联表
本实施例中,当基于用户身份信息或移动终端信息,查询不到对应的用户身份账户或 移动终端账户时,即用户身份账户或移动终端账户不存在时,设置用户身份信息或移动终端信息对应的用户身份账户或移动终端账户为空。
S30:基于用户身份账户和移动终端账户进行账户信息匹配,获取目标用户账户。
目标用户账户是指要进行密码更改的用户账户。在分别通过用户身份信息和移动终端信息获取到用户身份账户和移动终端账户之后,将用户身份账户和移动终端账户进行匹配,从而确定目标用户账户。
S40:若存在与目标用户帐户对应的银行业务,则基于银行业务获取目标银行业务。
确认目标用户账户之后,需要对用户进行身份验证,以确认其是否拥有密码更改的权限。而传统的主要以注册手机接收动态码作为用户身份验证的方式,这种验证方式在用户因注册手机号失效或更改时是无法成功进行身份验证的。而且,在用户手机被盗取或遗失时这种验证方式也是不安全的。本实施例采用查询目标用户账户对应的银行业务的方式,从目标用户账户对应的银行业务中选择一目标银行业务,通过目标银行业务对应的身份验证来进行目标用户账户的密码更改请求的身份验证,可在确保用户账户安全性的前提下提高密码更改的效率。
S50:基于目标银行业务进行身份验证,根据身份验证结果响应密码更改请求。
其中,身份验证是指通过一定的手段,完成对用户身份的确认的过程。在获取目标银行业务之后,通过目标银行业务对应的身份验证来进行目标用户账户的密码更改请求的身份验证。再根据身份验证结果来响应密码更改请求。其中,响应密码更改请求包括同意进行密码更改和拒绝进行密码更改两种方式。当身份验证通过时同意进行密码更改,当身份验证不通过时拒绝进行密码更改。
本实施例提供的密码更改方法中,通过获取密码更改请求,以触发密码更改流程。基于用户身份信息和移动终端信息,分别查询对应的用户身份账户和移动终端账户,基于用户身份账户和移动终端账户进行账户信息匹配,获取目标用户账户,即通过用户身份信息和移动终端信息进行目标用户账户定位,可快速定位出目标用户账户;若存在与目标用户帐户对应的银行业务,则基于银行业务获取目标银行业务;基于目标银行业务进行身份验证,根据身份验证结果响应密码更改请求。该密码更改方法通过用户身份信息和移动终端信息快速定位出目标用户账户,并基于目标用户账户的银行业务对应的身份验证来进行该密码更改请求的身份验证,即使手机遗失或手机号更换也可在线进行密码更改,在确保用户账户安全性的前提下提高了密码更改的效率。
在一个具体实施方式中,基于用户身份账户和移动终端账户进行账户信息匹配,获取 目标用户账户,具体包括:
(1)若用户身份账户和移动终端账户均存在且两者相对应,则将用户身份账户或移动终端账户作为目标用户账户。
其中,用户身份账户和移动终端账户对应是指用户身份账户和移动终端账户对应的是同一用户账户。例如(参照表一),当密码更改请求中的用户身份信息为证件号a1、移动终端信息为手机号a4时,则基于该用户身份信息查询到的用户身份账户为用户A,而基于该移动终端信息查询到的用户身份账户也为用户A。此时,用户身份账户和移动终端账户对应的是同一用户账户,即用户身份账户和移动终端账户均存在且两者相对应的,因此,可以将用户身份账户或移动终端账户作为目标用户账户。
(2)若用户身份账户存在且移动终端账户不存在,则将用户身份账户作为目标用户账户。
用户身份账户存在是指通过用户身份信息可以在系统中查询到对应的用户账户,而移动终端账户不存在是指通过移动终端信息在系统中查询不到对应的用户账户。
例如(参照表一),假设此时系统中只存在用户A和用户B两个用户账户,当密码更改请求中的用户身份信息为证件号a1、移动终端信息手机号c4时,则基于该用户身份信息查询到的用户身份账户为用户A,而基于该移动终端信息查询不到一个对应的用户账户。此时,可能是用户已经变更了其手机号为c4,但是在用户账户中,保留的还是该用户在注册时所预留的手机号a4。在这种情况之下,用户是无法以注册手机接收动态码作为其用户身份验证的方式的。在本实施方式中,将用户身份账户作为目标用户账户,进而根据目标用户账户确定出合适的身份验证方式。
(3)若移动终端账户存在且用户身份账户不存在,则将移动终端账户作为目标用户账户。
移动终端账户存在是指通过移动终端信息可以在系统中查询到对应的用户账户,而用户身份账户不存在是指通过用户身份信息在系统中查询不到对应的用户账户。
例如(参照表一),假设此时系统中只存在用户A和用户B两个用户账户,当密码更改请求中的用户身份信息为证件号c1、移动终端信息手机号a4时,则基于该移动终端信息查询到的用户身份账户为用户A,而基于该用户身份信息查询不到一个对应的用户账户。在一些账户注册系统中,在注册或开通一些安全等级要求不高的账户时,只需要用户通过手机号+登录密码/验证码的方式即可完成注册。例如:手机WIFI、手机端app运营活动、领取积分或领取流量等生活类服务。因此,在用户只注册了此类账户时,通过用户身份信 息无法查询到对应的用户账户,只能通过移动终端信息才能查询到对应的用户账户。
(4)若用户身份账户和移动终端账户均不存在或两者不对应,则发送提示信息。
其中,用户身份账户和移动终端账户均不存在是指通过用户身份信息在系统中查询不到对应的用户账户,而且通过移动终端信息在系统中也查询不到对应的用户账户。
用户身份账户和移动终端账户两者不对应是指通过用户身份信息和移动终端信息均可以查询到对应的用户身份账户和移动终端账户,但是用户身份账户和移动终端账户对应的却不是同一个用户账户。例如(参照表一),当密码更改请求中的用户身份信息为证件号a1、移动终端信息为手机号b4时,则基于该用户身份信息查询到的用户身份账户为用户A,而基于该移动终端信息查询到的用户身份账户为用户B。用户A和用户B不是同一个用户账户,此时用户身份账户和移动终端账户就是不对应的。
提示信息是指用于提示用户的信息。若用户身份账户和移动终端账户均不存在或两者不对应,可以发送例如“查询不到目标账户”或“输入信息有误”等提示信息,以提示用户重新输入。
在一个实施方式中,发送提示信息具体为:根据查询结果发送对应的提示信息。
当用户身份账户和移动终端账户均不存在时,可发送例如“目标用户账户不存在”的提示信息,以提示用户通过用户身份信息和移动终端信息均查询不到用户账户。
当用户身份账户和移动终端账户两者不对应时,可发送例如“用户账户不一致”的提示信息,以提示用户通过用户身份信息和移动终端信息均查询到的用户账户是不一致的。通过不同的提示信息,以更好地提示用户具体的查询结果,以便于用户根据对应的提示信息进行有针对性地检查和修改。
在这个实施方式中,通过用户身份信息和移动终端信息进行目标用户定位,可在用户不确定账户信息时快速定位出目标用户账户,提高了该密码更改方法的处理效率。
在一个具体实施方式中,若存在与目标用户帐户对应的银行业务,则基于银行业务获取目标银行业务,如图2所示,具体包括如下步骤:
S41:基于目标用户账户,判断是否存在与目标用户帐户相对应的本平台银行业务。
其中,本平台银行业务是指在用户账户所属的系统中的银行业务。例如,若该用户账户是属于平安系统的,那本平台银行业务就是指平安银行业务。在定位到目标用户账户之后,可以查看目标用户账户办理的业务/服务,例如:银行,医疗,生活(食,住,行)等。其中,不同的业务类型对应的注册账户类型也不同,所以有等级区分。业务等级越高,账户的安全要求就越高,业务等级较高的账户注册时需要通过身份信息、手机号和银行卡信 息进行实名认证。若业务等级较低的账户注册时,无需认证身份信息,通常以手机号作为账户主要信息,如部分生活类业务(手机WIFI)。由于银行业务对账户的安全性要求较高,故基于目标用户账户,查询该用户是否办理了本平台银行业务。
S42:若存在本平台银行业务,则选择安全级别最高的本平台银行业务,作为目标银行业务。
其中,目标银行业务是指用于进行用户身份验证的银行业务。在银行系统中分为有多种不同类型的业务,例如:借记卡、信用卡和虚拟银行卡等。而不同类型的银行业务的安全级别是不一样的,通常来说,上述三种类型业务的安全级别为:借记卡>信用卡>虚拟银行卡。当用户存在多个本平台银行业务时,选择安全级别最高的本平台银行业务作为目标银行业务,以提高用户账户进行身份验证的安全性。
S43:若不存在本平台银行业务,则获取与目标用户帐户相对应的第三方平台银行业务作为目标银行业务。
当查询到用户不存在本平台银行业务时,为了保证用户账户的安全性,若该用户存在对应的第三方平台银行业务,可以选择第三方平台银行业务作为目标银行业务,以便基于该目标银行业务进行用户账户的身份验证,进一步保证了用户账户进行密码更改的安全性。
在这个实施方式中,通过设置合理的选择方式以确定目标银行业务,并在用户不存在本平台银行业务时引入了第三方平台银行业务,提高了用户账户进行密码更改的安全性。
在一个具体实施方式中,基于目标银行业务进行身份验证,根据身份验证结果响应密码更改请求,如图3所示,具体包括以下步骤:
S51:基于目标银行业务,生成并发送目标银行业务对应的身份验证请求。
在选择了目标银行业务之后,借助目标银行业务对目标用户账户进行身份验证。具体地,可以通过生成目标银行业务对应的身份验证界面的方式供用户进行身份验证。优选地,身份验证可以采用以下四要素进行验证:银行卡号、开户姓名、开户证件号、登录密码/交易密码。
具体地,当目标银行业务为第三方平台银行业务时,可以采用以下要素进行身份验证:银行卡号、开户姓名、开户证件号和开户行信息。由于第三方平台银行业务属于其他平台的银行业务,若需要用户输入登录密码或交易密码进行身份验证,可能会存在风险。因此,可以采用其他验证要素来取代登录密码/交易密码进行身份验证。
可选地,当目标银行业务为第三方平台银行业务时,可以采用以下要素进行身份验证: 银行卡号、开户姓名、开户证件号和手机号。当用户更改了手机号之后,若采用该更改后的手机号绑定了第三方平台银行业务,则此时用户可以选择采用该第三方平台银行业务作为目标银行业务来进行身份验证,并且采用银行卡号、开户姓名、开户证件号和手机号这四个要素进行用户账户的身份验证。进一步地,还可以增加手机验证码验证的方式来增加该身份验证的安全性。由于用户更改了手机号之后的身份信息已经在注册该第三方平台银行业务的时候进行了实名认证,故在该用户账户的身份验证时可借助该第三方平台银行业务的身份验证来进行。在不通过登录密码或交易密码来验证的前提下也保证了用户账户身份验证的安全性。
S52:获取身份验证请求对应的身份验证信息,进行目标用户账户的身份验证。
在发送目标银行业务对应的身份验证请求之后,用户会根据该身份验证请求输入对应的身份验证信息。在获取该身份验证信息之后,进行目标用户账户的身份验证。
S53:若身份验证请求验证通过,则进行密码重置。
当用户输入的身份验证信息和系统存储的正确的用户身份信息一致时,身份验证请求验证通过,否则身份验证请求验证不通过。当身份验证请求验证通过时,进行密码重置。
在这个实施方式中,通过目标银行业务的身份验证进行目标用户账户的身份验证,银行业务的账户安全级别要求较高,通过这种验证方式可以直接进行在线验证,在确保用户账户安全性的前提下提高了密码更改的效率。
在一个实施方式中,在获取目标用户账户的步骤之后,如图4所示,密码更改方法还包括以下步骤:
S60:若目标用户账户不存在银行业务,则进行验证码验证。
基于目标用户账户查询发现该用户不存在银行业务时,说明该目标用户账户中不存在金融类业务,可以降低该目标用户账户的安全验证标准,通过简单的验证码的方式来进行验证。
S70:若验证码验证通过,则进行密码重置。
当用户输入的验证信息和生成的验证码一致时,则匹配成功,即验证通过,可进行密码重置。
在这个实施方式中,当目标用户账户不存在银行业务时,鉴于该目标用户账户的安全级别不高,故选择采用验证码的方式进行验证,灵活设置账户的验证方式,提高了密码更改的效率。
在一个具体实施方式中,若目标用户账户不存在银行业务,则进行验证码验证,如图 5所示,具体包括以下步骤:
S61:若目标用户账户存在移动终端信息,则生成验证码并发送到移动终端信息对应的移动终端中。
当目标用户账户存在移动终端信息时,可以生成验证码,并发送到该移动终端信息所对应的移动终端中,以进行后续的验证过程。
S62:若目标用户账户不存在移动终端信息,则发送移动终端信息绑定请求,获取移动终端绑定信息,生成验证码并发送到移动终端绑定信息对应的移动终端中。
当目标用户账户不存在移动终端信息时,即用户在注册过程中并没有绑定移动终端信息,此时无法通过验证码的方式进行验证,可在此时邀请用户进行移动终端信息绑定。其中,移动终端信息绑定请求是指邀请用户对其账户进行移动终端信息绑定的请求。再获取到用户输入的移动终端绑定信息之后,系统生成验证码,并发送该验证码到移动终端绑定信息对应的移动终端中。
S63:获取验证信息,进行目标用户账户的身份验证。
获取用户输入的验证信息,将用户输入的验证信息和生成的验证码进行对比匹配,以完成目标用户账户的身份验证。具体地,当用户输入的验证信息与生成的验证码一致,则验证码验证通过;反之,若用户输入的验证信息与生成的验证码不致,则验证码验证不通过。
在这个实施方式中,通过判断目标用户账户是否存在移动终端信息来进行不同的验证进程,在目标用户账户不存在移动终端信息时引导用户进行移动终端信息绑定,确保用户可以通过在线修改的方式完成密码更改。
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。
实施例2
图6示出与实施例1中密码更改方法一一对应的密码更改装置的原理框图。如图6所示,该密码更改装置包括密码更改请求获取模块10、用户账户查询模块20、目标用户账户获取模块30、目标银行业务获取模块40和密码更改请求响应模块50。其中,密码更改请求获取模块10、用户账户查询模块20、目标用户账户获取模块30、目标银行业务获取模块40和密码更改请求响应模块50的实现功能与实施例1中密码更改方法对应的步骤一一对应,为避免赘述,本实施例不一一详述。
密码更改请求获取模块10,用于获取密码更改请求,密码更改请求包括用户身份信息 和移动终端信息。
用户账户查询模块20,用于基于用户身份信息和移动终端信息,分别查询对应的用户身份账户和移动终端账户。
目标用户账户获取模块30,用于基于用户身份账户和移动终端账户进行账户信息匹配,获取目标用户账户。
目标银行业务获取模块40,用于在存在与目标用户帐户对应的银行业务时,基于银行业务获取目标银行业务。
密码更改请求响应模块50,用于基于目标银行业务进行身份验证,根据身份验证结果响应密码更改请求。
优选地,目标用户账户获取模块30,还用于在用户身份账户和移动终端账户均存在且两者相对应时,将用户身份账户或移动终端账户作为目标用户账户;在用户身份账户存在且移动终端账户不存在时,将用户身份账户作为目标用户账户;在移动终端账户存在且用户身份账户不存在时,将移动终端账户作为目标用户账户。
优选地,目标用户账户获取模块30,还用于在用户身份账户和移动终端账户均不存在或两者不对应时,则发送提示信息。
优选地,目标银行业务获取模块40包括本平台银行业务判断单元41、本平台目标银行业务获取单元42和第三方平台目标银行业务获取单元43。
本平台银行业务判断单元41,用于基于目标用户账户,判断是否存在与目标用户帐户相对应的本平台银行业务。
本平台目标银行业务获取单元42,用于在存在本平台银行业务时,选择安全级别最高的本平台银行业务,作为目标银行业务。
第三方平台目标银行业务获取单元43,用于在不存在本平台银行业务时,获取与目标用户帐户相对应的第三方平台银行业务作为目标银行业务。
优选地,密码更改请求响应模块50包括身份验证请求发送单元51、目标用户账户身份验证单元52和密码重置单元53。
身份验证请求发送单元51,用于基于目标银行业务,生成并发送目标银行业务对应的身份验证请求。
目标用户账户身份验证单元52,用于获取身份验证请求对应的身份验证信息,进行目标用户账户的身份验证。
密码重置单元53,用于在身份验证请求验证通过,则进行密码重置。
优选地,密码更改装置还包括验证码验证模块60和密码重置模块70。
验证码验证模块60,用于在目标用户账户不存在银行业务,则进行验证码验证。
密码重置模块70,用于在验证码验证通过时,进行密码重置。
优选地,验证码验证模块60包括验证码生成和发送单元61、移动终端绑定单元62和身份验证单元63。
验证码生成和发送单元61,用于在目标用户账户存在移动终端信息时,生成验证码并发送到移动终端信息对应的移动终端中。
移动终端绑定单元62,用于在目标用户账户不存在移动终端信息时,发送移动终端信息绑定请求,获取移动终端绑定信息,生成验证码并发送到移动终端绑定信息对应的移动终端中。
身份验证单元63,获取验证信息,进行目标用户账户的身份验证。
实施例3
本实施例提供一计算机可读存储介质,该计算机可读存储介质上存储有计算机可读指令,该计算机可读指令被处理器执行时实现实施例1中密码更改方法,为避免重复,这里不再赘述。或者,该计算机可读指令被处理器执行时实现实施例2中密码更改模块中各模块/单元的功能,为避免重复,这里不再赘述。
实施例4
图7是本申请一实施例提供的终端设备的示意图。如图7所示,该实施例的终端设备80包括:处理器81、存储器82以及存储在存储器82中并可在处理器81上运行的计算机可读指令83。处理器81执行计算机可读指令83时实现上述实施例1中密码更改方法的步骤,例如图1所示的步骤S10至S50。或者,处理器81执行计算机可读指令83时实现上述实施例2的各模块/单元的功能,例如图7所示密码更改请求获取模块10、用户账户查询模块20、目标用户账户获取模块30、目标银行业务获取模块40和密码更改请求响应模块50的功能。
示例性的,计算机可读指令83可以被分割成一个或多个模块/单元,一个或者多个模块/单元被存储在存储器82中,并由处理器81执行,以完成本申请。一个或多个模块/单元可以是能够完成特定功能的一系列计算机可读指令83的指令段,该指令段用于描述计算机可读指令83在终端设备80中的执行过程。例如,计算机可读指令83可以被分割成如图7所示的密码更改请求获取模块10、用户账户查询模块20、目标用户账户获取模块30、目标银行业务获取模块40和密码更改请求响应模块50,各模块具体功能如实施例2所述,在此不一一赘述。
终端设备80可以是桌上型计算机、笔记本、掌上电脑及云端服务器等计算设备。终端设备可包括,但不仅限于,处理器81、存储器82。本领域技术人员可以理解,图7仅仅是终端设备80的示例,并不构成对终端设备80的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如终端设备还可以包括输入输出设备、网络接入设备、总线等。
所称处理器81可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现成可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。
存储器82可以是终端设备80的内部存储单元,例如终端设备80的硬盘或内存。存储器82也可以是终端设备80的外部存储设备,例如终端设备80上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,存储器82还可以既包括终端设备80的内部存储单元也包括外部存储设备。存储器82用于存储计算机可读指令以及终端设备所需的其他程序和数据。存储器82还可以用于暂时地存储已经输出或者将要输出的数据。
所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,仅以上述各功能单元、模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能单元、模块完成,即将所述装置的内部结构划分成不同的功能单元或模块,以完成以上描述的全部或者部分功能。
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。
所述集成的模块/单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请实现上述实施例方法中的全部或部分流程,也可以通过计算机可读指令来指令相关的硬件来完成,所述的计算机可读指令可存储于一计算机可读存储介质中,该计算机可读指令在被处理器执行时,可实现上述各个方法实施例的步骤。其中,所述计算机可读指令包括计算机可读指令代码,所述计算机可读指令代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。所述计算机可读存储介质可以包括:能够携带所述计算机可读指令代码的任何 实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、电载波信号、电信信号以及软件分发介质等。需要说明的是,所述计算机可读存储介质包含的内容可以根据司法管辖区内立法和专利实践的要求进行适当的增减,例如在某些司法管辖区,根据立法和专利实践,计算机可读存储介质不包括是电载波信号和电信信号。
以上所述实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围,均应包含在本申请的保护范围之内。
Claims (20)
- 一种密码更改方法,其特征在于,包括以下步骤:获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务;基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
- 如权利要求1所述的密码更改方法,其特征在于,所述基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户,具体包括如下步骤:若所述用户身份账户和所述移动终端账户均存在且两者相对应,则将所述用户身份账户或移动终端账户作为目标用户账户;若所述用户身份账户存在且所述移动终端账户不存在,则将所述用户身份账户作为目标用户账户;若所述移动终端账户存在且所述用户身份账户不存在,则将所述移动终端账户作为目标用户账户。
- 如权利要求2所述的密码更改方法,其特征在于,所述基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户,具体还包括如下步骤:若所述用户身份账户和所述移动终端账户均不存在或两者不对应,则发送提示信息。
- 如权利要求1所述的密码更改方法,其特征在于,所述若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务,具体包括如下步骤:基于所述目标用户账户,判断是否存在与所述目标用户帐户相对应的本平台银行业务;若存在所述本平台银行业务,则选择安全级别最高的本平台银行业务,作为目标银行业务;若不存在所述本平台银行业务,则获取与所述目标用户帐户相对应的第三方平台银行业务作为所述目标银行业务。
- 如权利要求1所述的密码更改方法,其特征在于,所述基于所述目标银行业务进行 身份验证,根据身份验证结果响应所述密码更改请求,具体包括以下步骤:基于所述目标银行业务,生成并发送所述目标银行业务对应的身份验证请求;获取所述身份验证请求对应的身份验证信息,进行所述目标用户账户的身份验证;若所述身份验证请求验证通过,则进行密码重置。
- 如权利要求1所述的密码更改方法,其特征在于,在所述获取目标用户账户的步骤之后,所述密码更改方法还包括以下步骤:若所述目标用户账户不存在银行业务,则进行验证码验证;若验证码验证通过,则进行密码重置。
- 一种密码更改装置,其特征在于,包括:密码更改请求获取模块,用于获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;用户账户查询模块,用于基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;目标用户账户获取模块,用于基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;目标银行业务获取模块,用于在存在与所述目标用户帐户对应的银行业务时,基于所述银行业务获取目标银行业务;密码更改请求响应模块,用于基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
- 如权利要求7所述的密码更改装置,其特征在于,所述目标银行业务获取模块包括:本平台银行业务判断单元,用于基于所述目标用户账户,判断是否存在与所述目标用户帐户相对应的本平台银行业务;本平台目标银行业务获取单元,用于在存在所述本平台银行业务时,选择安全级别最高的本平台银行业务,作为目标银行业务;第三方平台目标银行业务获取单元,用于在不存在所述本平台银行业务时,获取与所述目标用户帐户相对应的第三方平台银行业务作为所述目标银行业务。
- 一种终端设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,其特征在于,所述处理器执行所述计算机可读指令时实现如下步骤:获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务;基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
- 如权利要求9所述的终端设备,其特征在于,所述基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户,具体包括如下步骤:若所述用户身份账户和所述移动终端账户均存在且两者相对应,则将所述用户身份账户或移动终端账户作为目标用户账户;若所述用户身份账户存在且所述移动终端账户不存在,则将所述用户身份账户作为目标用户账户;若所述移动终端账户存在且所述用户身份账户不存在,则将所述移动终端账户作为目标用户账户。
- 如权利要求10所述的终端设备,其特征在于,所述基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户,具体还包括如下步骤:若所述用户身份账户和所述移动终端账户均不存在或两者不对应,则发送提示信息。
- 如权利要求9所述的终端设备,其特征在于,所述若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务,具体包括如下步骤:基于所述目标用户账户,判断是否存在与所述目标用户帐户相对应的本平台银行业务;若存在所述本平台银行业务,则选择安全级别最高的本平台银行业务,作为目标银行业务;若不存在所述本平台银行业务,则获取与所述目标用户帐户相对应的第三方平台银行业务作为所述目标银行业务。
- 如权利要求9所述的终端设备,其特征在于,所述基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求,具体包括以下步骤:基于所述目标银行业务,生成并发送所述目标银行业务对应的身份验证请求;获取所述身份验证请求对应的身份验证信息,进行所述目标用户账户的身份验证;若所述身份验证请求验证通过,则进行密码重置。
- 如权利要求9所述的终端设备,其特征在于,在所述获取目标用户账户的步骤之后,所述处理器执行所述计算机可读指令时还实现如下步骤:若所述目标用户账户不存在银行业务,则进行验证码验证;若验证码验证通过,则进行密码重置。
- 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,其特征在于,所述计算机可读指令被处理器执行时实现如下步骤:获取密码更改请求,所述密码更改请求包括用户身份信息和移动终端信息;基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户;基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户;若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务;基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求。
- 如权利要求15所述的计算机可读存储介质,其特征在于,所述基于所述用户身份账户和所述移动终端账户进行账户信息匹配,获取目标用户账户,具体包括如下步骤:若所述用户身份账户和所述移动终端账户均存在且两者相对应,则将所述用户身份账户或移动终端账户作为目标用户账户;若所述用户身份账户存在且所述移动终端账户不存在,则将所述用户身份账户作为目标用户账户;若所述移动终端账户存在且所述用户身份账户不存在,则将所述移动终端账户作为目标用户账户。
- 如权利要求16所述的计算机可读存储介质,其特征在于,所述基于所述用户身份信息和所述移动终端信息,分别查询对应的用户身份账户和移动终端账户,具体还包括如下步骤:若所述用户身份账户和所述移动终端账户均不存在或两者不对应,则发送提示信息。
- 如权利要求15所述的计算机可读存储介质,其特征在于,所述若存在与所述目标用户帐户对应的银行业务,则基于所述银行业务获取目标银行业务,具体包括如下步骤:基于所述目标用户账户,判断是否存在与所述目标用户帐户相对应的本平台银行业务;若存在所述本平台银行业务,则选择安全级别最高的本平台银行业务,作为目标银行 业务;若不存在所述本平台银行业务,则获取与所述目标用户帐户相对应的第三方平台银行业务作为所述目标银行业务。
- 如权利要求15所述的计算机可读存储介质,其特征在于,所述基于所述目标银行业务进行身份验证,根据身份验证结果响应所述密码更改请求,具体包括以下步骤:基于所述目标银行业务,生成并发送所述目标银行业务对应的身份验证请求;获取所述身份验证请求对应的身份验证信息,进行所述目标用户账户的身份验证;若所述身份验证请求验证通过,则进行密码重置。
- 如权利要求15所述的计算机可读存储介质,其特征在于,在所述获取目标用户账户的步骤之后,所述计算机可读指令被处理器执行时还实现如下步骤:若所述目标用户账户不存在银行业务,则进行验证码验证;若验证码验证通过,则进行密码重置。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810031176.1A CN108460272B (zh) | 2018-01-12 | 2018-01-12 | 密码更改方法、装置、终端设备及存储介质 |
CN201810031176.1 | 2018-01-12 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019136802A1 true WO2019136802A1 (zh) | 2019-07-18 |
Family
ID=63221352
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2018/077271 WO2019136802A1 (zh) | 2018-01-12 | 2018-02-26 | 密码更改方法、装置、终端设备及存储介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN108460272B (zh) |
WO (1) | WO2019136802A1 (zh) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110941810A (zh) * | 2018-09-21 | 2020-03-31 | 杭州海康威视数字技术股份有限公司 | 一种重置密码方法、装置、终端设备、服务器及存储介质 |
CN109977126B (zh) * | 2018-10-25 | 2023-08-15 | 创新先进技术有限公司 | 身份标识的更换方法、装置、电子设备及存储介质 |
US11431694B2 (en) | 2019-07-10 | 2022-08-30 | Advanced New Technologies Co., Ltd. | Secure account modification |
CN110445760B (zh) * | 2019-07-10 | 2021-04-09 | 创新先进技术有限公司 | 信息处理方法、装置、设备及计算机可读存储介质 |
CN114417279A (zh) * | 2019-09-26 | 2022-04-29 | 支付宝(杭州)信息技术有限公司 | 改密行为的处理方法及装置 |
CN111163236B (zh) * | 2019-12-31 | 2021-07-09 | 中国银行股份有限公司 | 客服系统验密优化方法和装置 |
CN111767535A (zh) * | 2020-06-18 | 2020-10-13 | 中国建设银行股份有限公司 | 一种线上重置银行卡密码的方法和装置 |
CN113489741A (zh) * | 2021-07-20 | 2021-10-08 | 深圳市灰度科技有限公司 | 物联网平台的密码重置方法、装置、物联网服务器及介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103856472A (zh) * | 2012-12-06 | 2014-06-11 | 阿里巴巴集团控股有限公司 | 一种账户登录的方法及装置 |
CN104378343A (zh) * | 2014-05-21 | 2015-02-25 | 腾讯科技(深圳)有限公司 | 网络账号的密码找回方法、装置及系统 |
CN104486354A (zh) * | 2014-12-30 | 2015-04-01 | 飞天诚信科技股份有限公司 | 一种安全找回密码的方法 |
CN105577664A (zh) * | 2015-12-22 | 2016-05-11 | 深圳前海微众银行股份有限公司 | 密码重置方法及系统、客户端及服务器 |
CN105989484A (zh) * | 2015-02-13 | 2016-10-05 | 阿里巴巴集团控股有限公司 | 一种密码重置方法和装置 |
CN106411517A (zh) * | 2016-12-14 | 2017-02-15 | 北京小米移动软件有限公司 | 一种密码重置方法及装置 |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103345703A (zh) * | 2013-06-17 | 2013-10-09 | 上海方付通商务服务有限公司 | 基于图像验证的银行业务交易认证方法及系统 |
US10019605B2 (en) * | 2015-03-30 | 2018-07-10 | Square, Inc. | Systems, methods and apparatus for secure peripheral communication |
CN104820944A (zh) * | 2015-05-11 | 2015-08-05 | 中国工商银行股份有限公司 | 一种银行自助终端认证方法、系统及装置 |
CN107026816B (zh) * | 2016-01-29 | 2019-12-24 | 阿里巴巴集团控股有限公司 | 一种身份认证方法及装置 |
-
2018
- 2018-01-12 CN CN201810031176.1A patent/CN108460272B/zh active Active
- 2018-02-26 WO PCT/CN2018/077271 patent/WO2019136802A1/zh active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103856472A (zh) * | 2012-12-06 | 2014-06-11 | 阿里巴巴集团控股有限公司 | 一种账户登录的方法及装置 |
CN104378343A (zh) * | 2014-05-21 | 2015-02-25 | 腾讯科技(深圳)有限公司 | 网络账号的密码找回方法、装置及系统 |
CN104486354A (zh) * | 2014-12-30 | 2015-04-01 | 飞天诚信科技股份有限公司 | 一种安全找回密码的方法 |
CN105989484A (zh) * | 2015-02-13 | 2016-10-05 | 阿里巴巴集团控股有限公司 | 一种密码重置方法和装置 |
CN105577664A (zh) * | 2015-12-22 | 2016-05-11 | 深圳前海微众银行股份有限公司 | 密码重置方法及系统、客户端及服务器 |
CN106411517A (zh) * | 2016-12-14 | 2017-02-15 | 北京小米移动软件有限公司 | 一种密码重置方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN108460272A (zh) | 2018-08-28 |
CN108460272B (zh) | 2020-02-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019136802A1 (zh) | 密码更改方法、装置、终端设备及存储介质 | |
US11323260B2 (en) | Method and device for identity verification | |
US11138300B2 (en) | Multi-factor profile and security fingerprint analysis | |
TWI706654B (zh) | 一種認證方法、基於區塊鏈的認證資料處理方法及裝置 | |
RU2732507C2 (ru) | Способ и устройство для регистрации личности | |
US10944574B2 (en) | Method for providing virtual asset service based on decentralized identifier and virtual asset service providing server using them | |
KR102098441B1 (ko) | 인간의 생물학적 특징을 이용한 신원 인증 | |
US11599623B2 (en) | Global identity for use in a hybrid cloud network architecture | |
CN113542288B (zh) | 业务授权方法、装置、设备及系统 | |
US20130054433A1 (en) | Multi-Factor Identity Fingerprinting with User Behavior | |
US20130144786A1 (en) | Providing verification of user identification information | |
US20220029985A1 (en) | Systems and methods for use in binding internet of things devices with identities associated with users | |
JP2016521932A (ja) | 端末識別方法、ならびにマシン識別コードを登録する方法、システム及び装置 | |
US20180212954A1 (en) | Information registration and authentication method and device | |
WO2015074443A1 (en) | An operation processing method and device | |
US20190320039A1 (en) | Systems and methods for use in providing digital identities | |
US20190081794A1 (en) | Systems and methods for user identity | |
US20240296449A1 (en) | Mobile authentification method via peer mobiles | |
CN111274563A (zh) | 一种安全认证的方法以及相关装置 | |
CN115203666A (zh) | 身份认证方法、装置、存储介质及电子设备 | |
WO2014043360A1 (en) | Multi-factor profile and security fingerprint analysis | |
US12001394B1 (en) | User programmatic interface for supporting data access control in a database system | |
CN109274681B (zh) | 一种信息同步方法、装置、存储介质和服务器 | |
CN110908746A (zh) | 一种数据处理方法、系统、可读存储介质及终端设备 | |
CN116346491A (zh) | 鉴权方法、装置、电子设备以及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18899514 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 08/12/2020) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18899514 Country of ref document: EP Kind code of ref document: A1 |