WO2020025056A1 - Procédé, dispositif, système et terminal mobile pour une autorisation de sécurité - Google Patents

Procédé, dispositif, système et terminal mobile pour une autorisation de sécurité Download PDF

Info

Publication number
WO2020025056A1
WO2020025056A1 PCT/CN2019/099070 CN2019099070W WO2020025056A1 WO 2020025056 A1 WO2020025056 A1 WO 2020025056A1 CN 2019099070 W CN2019099070 W CN 2019099070W WO 2020025056 A1 WO2020025056 A1 WO 2020025056A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
server
information
user
sent
Prior art date
Application number
PCT/CN2019/099070
Other languages
English (en)
Chinese (zh)
Inventor
周志桐
聂学贤
Original Assignee
京东数字科技控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 京东数字科技控股有限公司 filed Critical 京东数字科技控股有限公司
Publication of WO2020025056A1 publication Critical patent/WO2020025056A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Definitions

  • the present disclosure relates to the field of information processing, and in particular, to a security authentication method, device, and system, and a mobile terminal.
  • the inventor found that in the related technology for identity verification, the authentication methods provided by different business scenarios are relatively fixed, so it is not possible to dynamically combine multiple authentication methods as required. Because different authentication methods are based on different security standards, this brings security risks to mobile finance.
  • the present disclosure provides a scheme capable of providing dynamic authentication for users.
  • a security authentication method including: when performing a mobile service, sending an authentication request to an authentication server, where the authentication request includes current user information, so that the authentication server The user's current information and corresponding historical information are used to determine the user's risk, and then the corresponding authentication method is selected according to the user's risk; after receiving the authentication response sent by the authentication server, querying the instructions included in the authentication response; When a page control instruction is included in the authentication response, an authentication page corresponding to the page control instruction is presented so that a user can input corresponding authentication information; and the authentication information is sent to the authentication server for authentication.
  • the method further includes: when the authentication response includes an authentication end instruction, sending the legality verification information carried in the authentication response to a service server, so that the service server uses the The authentication server authenticates the legitimacy verification information; when receiving the authentication success indication sent by the service server, the mobile server continues to execute the mobile service.
  • the method further includes: after receiving the authentication response sent by the authentication server again, repeatedly executing the authentication response included in the authentication response. Instruct the steps to query.
  • the method further includes: sending an information acquisition request to a service server, so that the service server obtains an authentication token from the authentication server; upon receiving all information sent by the service server After the authentication token is used, the authentication request is used to encrypt the authentication request, so as to send the encrypted authentication to the authentication server.
  • the method further includes: updating the authentication page corresponding to the page control instruction, so as to dynamically adjust the authentication page.
  • a security authentication device including: a service execution module configured to send trigger information to an authentication module in the case of executing a mobile service; the authentication module is configured to receive After the trigger information is received, an authentication request is sent to the authentication server, and the authentication request includes the current user information, so that the authentication server determines the user risk according to the current user information and corresponding historical information, and then according to the user Choose the corresponding authentication method at risk; after receiving the authentication response sent by the authentication server, query the instructions included in the authentication response; and if the authentication response includes a page control instruction, present the same The authentication page corresponding to the page control instruction, so that the user inputs corresponding authentication information; and sends the authentication information to the authentication server for authentication.
  • the authentication module is further configured to send the validity verification information carried in the authentication response to the service execution module if the authentication response includes an authentication end instruction; the service execution module is further configured In order to send the legality verification information to a service server, so that the business server uses the authentication server to authenticate the legality verification information; and after receiving the authentication success indication sent by the business server, continue to perform the movement business.
  • the authentication module is further configured to repeatedly perform the operation of querying the instruction included in the authentication response after receiving the authentication response sent by the authentication server again.
  • the service execution module is further configured to send an information acquisition request to a service server in the case of executing a mobile service, so that the service server obtains an authentication token from the authentication server, and sends the authentication token Sending to the authentication module; the authentication module is further configured to use the authentication token to encrypt the authentication request, so as to send the encrypted authentication to the authentication server.
  • the authentication module is further configured to update the authentication page corresponding to the page control instruction, so as to dynamically adjust the authentication page.
  • a security authentication device including: a memory configured to store instructions; and a processor coupled to the memory, the processor configured to be based on the instructions stored in the memory Perform the method as described in any of the above embodiments.
  • a mobile terminal including: a security authentication device according to any one of the foregoing embodiments.
  • a security authentication system including: a mobile terminal according to any one of the above embodiments, and an authentication server configured to receive an authentication request sent by the mobile terminal, The user risk is determined according to the current information of the user and the corresponding historical information, and then a corresponding authentication method is selected according to the user risk, an authentication response is sent to the mobile terminal, and the authentication information sent by the mobile terminal is authenticated.
  • the authentication server is further configured to, after successful authentication, further select a corresponding authentication method according to a user risk, and send a corresponding authentication response to the mobile terminal.
  • the above system further includes: a service server configured to forward the validity verification information sent by the mobile terminal to the authentication server, and forward the authentication result sent by the authentication server to the mobile terminal So that the mobile terminal continues to perform mobile services if the authentication is successful.
  • a service server configured to forward the validity verification information sent by the mobile terminal to the authentication server, and forward the authentication result sent by the authentication server to the mobile terminal So that the mobile terminal continues to perform mobile services if the authentication is successful.
  • the service server is further configured to forward the information acquisition request sent by the mobile terminal to the authentication server, and send the authentication token sent by the authentication server to the mobile terminal.
  • a computer-readable storage medium stores computer instructions, and when the instructions are executed by a processor, the method according to any one of the foregoing embodiments is implemented.
  • FIG. 1 is a schematic flowchart of a security authentication method according to an embodiment of the present disclosure
  • FIG. 2 is a schematic flowchart of a security authentication method according to another embodiment of the present disclosure.
  • FIG. 3 is a schematic structural diagram of a security authentication device according to an embodiment of the present disclosure.
  • FIG. 4 is a schematic structural diagram of a security authentication device according to another embodiment of the present disclosure.
  • FIG. 5 is a schematic structural diagram of a security authentication system according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic structural diagram of a security authentication system according to another embodiment of the present disclosure.
  • FIG. 7 is a schematic diagram of a security authentication process according to an embodiment of the present disclosure.
  • FIG. 8 is a schematic diagram of a security authentication process according to another embodiment of the present disclosure.
  • any specific value should be construed as exemplary only and not as a limitation. Therefore, other examples of the exemplary embodiments may have different values.
  • FIG. 1 is a schematic flowchart of a security authentication method according to an embodiment of the present disclosure. In some embodiments, the following method steps may be performed by a security authentication device.
  • step 101 in the case of executing a mobile service, an authentication request is sent to the authentication server, and the authentication request includes the current user information, so that the authentication server determines the user risk according to the user's current information and the corresponding historical information, and then selects the corresponding authentication according to the user risk the way.
  • the current user information includes the current identity of the user terminal (eg, IMSI, etc.), the WiFi network card address, and the unique device identity of the terminal on different platforms (for example, the identity of the terminal on the Android platform is Android_ID, and the identity of the terminal on the IOS platform
  • the identifier is UUID
  • the terminal's current number is the terminal's internal network IP address, the public network IP address, the terminal's geographic location information, and the current business scenario information.
  • the security authentication device may first send an information acquisition request to the service server, so that the service server obtains the authentication token from the authentication server. After receiving the authentication token sent by the service server, the security authentication device uses the authentication token to encrypt the authentication request, so as to send the encrypted authentication to the authentication server. This can improve the security of information transmission.
  • the authentication server determines the user risk according to the user's current information and corresponding historical information, and selects a corresponding authentication method according to the user risk level. For example, if the user's risk is high, a combination of multiple authentication methods can be selected for the user. If the user's risk is low, a single authentication method can be used. If the user is trusted, no authentication is required.
  • step 102 after receiving the authentication response sent by the authentication server, query the instructions included in the authentication response.
  • step 103 if a page control instruction is included in the authentication response, an authentication page corresponding to the page control instruction is presented so that the user can input corresponding authentication information.
  • the authentication page corresponding to the page control instruction may be updated as needed in order to dynamically adjust the authentication page.
  • step 104 the authentication information is sent to an authentication server for authentication.
  • FIG. 2 is a schematic flowchart of a security authentication method according to another embodiment of the present disclosure. In some embodiments, the following method steps may be performed by a security authentication device.
  • step 201 in the case of executing a mobile service, an authentication request is sent to the authentication server, and the authentication request includes the current user information, so that the authentication server determines the user risk according to the user's current information and the corresponding historical information, and then selects the corresponding authentication according to the user risk the way.
  • step 202 an authentication response sent by the authentication server is received.
  • step 203 the instructions included in the authentication response are queried.
  • step 204 is performed; if the authentication response includes an authentication end instruction, step 206 is performed.
  • step 204 an authentication page corresponding to the page control instruction is presented so that the user can input corresponding authentication information.
  • step 205 the authentication information is sent to an authentication server for authentication. Step 202 is then repeated.
  • multiple authentications can be performed according to the page control instruction issued by the authentication server.
  • the authentication server issues an instruction for face authentication for the first time, and the security authentication device displays a corresponding authentication page for the user to perform face authentication.
  • the authentication server issues a fingerprint verification instruction again according to the user's risk level, and the security authentication device displays a corresponding authentication page for the user to perform fingerprint authentication.
  • dynamic authentication combination can be performed according to a plurality of page control instructions sent by the authentication server.
  • step 206 the legality verification information carried in the authentication response is sent to the service server, so that the business server uses the authentication server to authenticate the legality verification information.
  • step 207 if the authentication success indication sent by the service server is received, the mobile service is continuously executed.
  • the authentication server By using the authentication server to authenticate the legality verification information, the authenticity of the legality verification information can be verified, thereby further improving the system security.
  • FIG. 3 is an exemplary block diagram of a security authentication device according to an embodiment of the present disclosure. As shown in FIG. 3, the security authentication device includes a service execution module 31 and an authentication module 32.
  • the service execution module 31 is configured to send trigger information to the authentication module in the case of executing a mobile service.
  • the authentication module 32 is configured to send an authentication request to the authentication server after receiving the trigger information.
  • the authentication request includes the current information of the user, so that the authentication server determines the user risk based on the user's current information and the corresponding historical information, and then selects the corresponding risk according to the user risk. verification method.
  • the authentication module 32 queries the instructions included in the authentication response, and if the page response instruction is included in the authentication response, it presents an authentication page corresponding to the page control instruction for user input Appropriate certification information.
  • the authentication module 32 sends authentication information to an authentication server for authentication.
  • the authentication module 32 is further configured to repeatedly perform an operation of querying an instruction included in the authentication response after receiving the authentication response sent by the authentication server again.
  • the security authentication device by presenting a corresponding authentication page according to a page control instruction provided by the authentication server, it can ensure that a dynamic authentication method is provided for users in different business scenarios, thereby improving the mobile financial safety.
  • the authentication module 32 is further configured to send the validity verification information carried in the authentication response to the service execution module 31 if the authentication response includes an authentication end instruction.
  • the service execution module 31 is further configured to send the validity verification information to the service server, so that the service server uses the authentication server to authenticate the validity verification information.
  • the service execution module 31 is further configured to continue to execute the mobile service if the authentication sent by the service server is successful.
  • the authentication server By using the authentication server to authenticate the legality verification information, the authenticity of the legality verification information can be verified, thereby further improving the system security.
  • the authentication module 31 is further configured to update the authentication page corresponding to the page control instruction as needed in order to dynamically adjust the authentication page.
  • the service execution module 31 is further configured to send an information acquisition request to the service server when the mobile service is executed, so that the service server obtains the authentication token from the authentication server.
  • the service execution module 31 sends an authentication token to the authentication module.
  • the authentication module 32 is further configured to use an authentication token to encrypt the authentication request, so as to send the encrypted authentication to the authentication server.
  • FIG. 4 is a schematic structural diagram of a security authentication device according to another embodiment of the present disclosure. As shown in FIG. 4, the security authentication device includes a memory 41 and a processor 42.
  • the memory 41 is configured to store instructions.
  • the processor 42 is coupled to the memory 41.
  • the processor 42 is configured to execute the method according to any one of the embodiments shown in FIG. 1 to FIG. 2 based on the instructions stored in the memory.
  • the security authentication device further includes a communication interface 43 for performing information interaction with other devices.
  • the device further includes a bus 44, a processor 42, a communication interface 43, and a memory 41 performing communication with each other through the bus 44.
  • the memory 41 may include a high-speed RAM memory, and may further include a non-volatile memory (non-volatile memory), for example, at least one magnetic disk memory.
  • the memory 41 may be a memory array.
  • the memory 41 may also be divided into blocks, and the blocks may be combined into a virtual volume according to a certain rule.
  • processor 42 may be a central processing unit CPU, or may be an application specific integrated circuit ASIC, or one or more integrated circuits configured to implement the embodiments of the present disclosure.
  • the present disclosure also relates to a computer-readable storage medium, where the computer-readable storage medium stores computer instructions, and when the instructions are executed by a processor, the method according to any one of the embodiments shown in FIG. 1 to FIG. 2 is implemented.
  • the present disclosure also provides a mobile terminal including the security authentication device according to any one of the above embodiments. Therefore, when the mobile terminal runs the corresponding mobile service, it can provide the user with a dynamic authentication mode combination according to the instruction of the authentication server.
  • FIG. 5 is a schematic structural diagram of a security authentication system according to an embodiment of the present disclosure.
  • the security authentication system includes a mobile terminal 51 and an authentication server 52.
  • the mobile terminal 51 is a mobile terminal according to any one of the foregoing embodiments.
  • the authentication server 52 is configured to determine a user risk according to the user's current information and corresponding historical information after receiving the authentication request sent by the mobile terminal 51, and then select a corresponding authentication method to send an authentication response to the mobile terminal.
  • the authentication server 52 also authenticates the authentication information sent by the mobile terminal.
  • the authentication server 52 is further configured to, after successful authentication, further select a corresponding authentication method according to the user's risk, and send a corresponding authentication response to the mobile terminal.
  • the authentication server 52 may analyze user data through data processing methods such as big data and convolutional neural networks to obtain the user risk level, and then determine the corresponding authentication mode.
  • the mobile terminal may be instructed to perform multiple authentication combinations such as face authentication, password authentication, fingerprint authentication, historical order authentication, and the like.
  • the user is selected for fingerprint authentication.
  • the authentication end instruction is directly sent to the mobile terminal, that is, the user can directly skip the authentication step, which can directly increase the conversion rate of the order.
  • a page control instruction related to face brush authentication may be sent to the mobile terminal, so that the user may perform face brush authentication in different situations. This improves the flexibility of system management.
  • FIG. 6 is a schematic structural diagram of a security authentication system according to another embodiment of the present disclosure. Compared with the embodiment shown in FIG. 5, in the embodiment shown in FIG. 6, the security authentication system further includes a service server 53.
  • the service server 53 is configured to forward the validity verification information sent by the mobile terminal to the authentication server 52, and forward the authentication result sent by the authentication server 52 to the mobile terminal, so that the mobile terminal 51 continues to execute the mobile service if the authentication is successful.
  • the service server 53 is further configured to forward the information acquisition request sent by the mobile terminal 51 to the authentication server 52, and send the authentication token sent by the authentication server 52 to the mobile terminal 51.
  • the mobile terminal 51 uses the authentication token to encrypt the information sent to the authentication server 52.
  • FIG. 7 is a schematic diagram of a security authentication process according to an embodiment of the present disclosure.
  • step 701 the service execution module in the mobile terminal sends token application information to the service server in the case of executing a corresponding mobile service.
  • step 702 the service server sends the token application information to the authentication server.
  • step 703 the authentication server delivers the token to the service server.
  • step 704 the service server sends the received token to the service execution module.
  • step 705 the service execution module sends the received token to the authentication module in the mobile terminal.
  • step 706 the authentication module uses the received token to encrypt the authentication request.
  • the current user information includes the current identity of the user terminal (for example, IMSI, etc.), the WiFi network card address, and the device's exclusive device representation on different platforms (for example, the identity on the Android platform is Android_ID, and the identity on the IOS platform is UUID), terminal's current number, terminal's internal network IP address, public network IP address, terminal geographic location information, current business scenario information, etc.
  • step 707 the authentication module sends the encrypted authentication request to the authentication server.
  • step 708 after the authentication server decrypts the received authentication request, the user risk is determined according to the current information of the user and the corresponding historical information, and then a corresponding authentication method is selected.
  • step 709 the authentication server sends an authentication response to the authentication module.
  • step 710 the authentication module queries the instructions in the authentication response.
  • step 711 If the authentication response includes a page control instruction, step 711 is performed; if the authentication response includes an authentication end instruction, step 713 is performed.
  • step 711 the authentication module presents an authentication page corresponding to the page control instruction, so that the user can input corresponding authentication information.
  • step 712 the authentication module sends the authentication information to the authentication server for authentication.
  • step 708 is repeatedly performed. Among them, if the user needs to be authenticated, the authentication response will carry a response page control instruction; if the user is no longer required to be authenticated, the authentication response will carry an authentication end instruction and a corresponding verification code.
  • step 713 the authentication module extracts a verification code from the authentication response.
  • step 714 the authentication module sends a verification code to the service execution module to indicate that the user authentication is successful.
  • FIG. 8 is a schematic diagram of a security authentication process according to another embodiment of the present disclosure.
  • the service execution module after the service execution module obtains the verification code, it can also send the verification code to an authentication server for verification, so as to further improve system security.
  • step 801 the service execution module sends the verification code sent by the authentication module to the service server.
  • step 802 the service server sends the received verification code to the authentication server.
  • step 803 the authentication server verifies the received verification code.
  • step 804 the authentication server sends the verification result to the service server.
  • step 805 the service server sends the verification result to the service execution module.
  • step 806 the service execution module identifies the verification result.
  • step 807 if the verification of the verification code is successful, the subsequent business process is continued.
  • the present disclosure presents a corresponding authentication page according to a page control instruction provided by the authentication server, thereby ensuring that a dynamic authentication method is provided for users in different business scenarios, thereby improving the security of mobile finance.
  • the functional unit modules described above may be implemented as a general-purpose processor, a Programmable Logic Controller (Programmable Logic Controller, PLC), or a digital signal processor (for example, a PLC) for performing the functions described in this disclosure.
  • Digital Signal Processor abbreviation: DSP
  • ASIC Application Specific Integrated Circuit
  • FPGA Field-Programmable Gate Array
  • the program may be stored in a computer-readable storage medium.
  • the storage medium mentioned may be a read-only memory, a magnetic disk or an optical disk.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé, un dispositif, un système et un terminal mobile pour une autorisation de sécurité. Lorsque le dispositif d'autorisation de sécurité exécute un service mobile, une demande d'autorisation est envoyée à un serveur d'autorisation, la demande d'autorisation comprenant des informations actuelles d'un utilisateur, de telle sorte que le serveur d'autorisation détermine un risque d'utilisateur en fonction des informations actuelles de l'utilisateur et des informations historiques correspondantes, de façon à sélectionner un procédé d'autorisation correspondant en fonction du risque d'utilisateur. Après réception d'une réponse d'autorisation envoyée par le serveur d'autorisation, une interrogation est effectuée par rapport à une instruction comprise dans la réponse d'autorisation. Si la réponse d'autorisation comprend une instruction de commande de page, une page d'autorisation correspondant à l'instruction de commande de page est présentée à l'utilisateur pour entrer des informations d'autorisation correspondantes. Les informations d'autorisation sont ensuite envoyées au serveur d'autorisation pour une autorisation. La présente invention peut assurer qu'un procédé d'autorisation dynamique est fourni à un utilisateur dans différents scénarios de service, de façon à améliorer la sécurité de financement mobile.
PCT/CN2019/099070 2018-08-03 2019-08-02 Procédé, dispositif, système et terminal mobile pour une autorisation de sécurité WO2020025056A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810876869.0 2018-08-03
CN201810876869.0A CN110798432A (zh) 2018-08-03 2018-08-03 安全认证方法、装置和系统,移动终端

Publications (1)

Publication Number Publication Date
WO2020025056A1 true WO2020025056A1 (fr) 2020-02-06

Family

ID=69232376

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/099070 WO2020025056A1 (fr) 2018-08-03 2019-08-02 Procédé, dispositif, système et terminal mobile pour une autorisation de sécurité

Country Status (2)

Country Link
CN (1) CN110798432A (fr)
WO (1) WO2020025056A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111695910A (zh) * 2020-06-12 2020-09-22 中国银行股份有限公司 一种安全认证的方法、装置、存储介质及电子设备
CN111770075A (zh) * 2020-06-23 2020-10-13 北京嘀嘀无限科技发展有限公司 任务处理方法、装置、可读存储介质和电子设备

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114038100A (zh) * 2021-11-05 2022-02-11 深圳市商汤科技有限公司 一种通行核验方法、装置、电子设备及储存介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106845995A (zh) * 2017-01-19 2017-06-13 飞天诚信科技股份有限公司 一种蓝牙智能卡及其控制交易风险的方法
CN107172049A (zh) * 2017-05-19 2017-09-15 北京信安世纪科技有限公司 一种智能身份认证系统
WO2018014789A1 (fr) * 2016-07-22 2018-01-25 阿里巴巴集团控股有限公司 Procédé et dispositif de limitation du risque d'une opération de service
CN108076018A (zh) * 2016-11-16 2018-05-25 阿里巴巴集团控股有限公司 身份认证系统、方法、装置及账号认证方法

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6651168B1 (en) * 1999-01-29 2003-11-18 International Business Machines, Corp. Authentication framework for multiple authentication processes and mechanisms
CN101052032B (zh) * 2006-04-04 2010-05-12 华为技术有限公司 一种业务实体认证方法及装置
CN106789841B (zh) * 2015-11-23 2019-12-06 中国电信股份有限公司 业务处理方法、终端、服务器以及系统
CN106341429B (zh) * 2016-11-28 2019-08-02 浙江工业大学 一种保护服务器数据安全的认证方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018014789A1 (fr) * 2016-07-22 2018-01-25 阿里巴巴集团控股有限公司 Procédé et dispositif de limitation du risque d'une opération de service
CN108076018A (zh) * 2016-11-16 2018-05-25 阿里巴巴集团控股有限公司 身份认证系统、方法、装置及账号认证方法
CN106845995A (zh) * 2017-01-19 2017-06-13 飞天诚信科技股份有限公司 一种蓝牙智能卡及其控制交易风险的方法
CN107172049A (zh) * 2017-05-19 2017-09-15 北京信安世纪科技有限公司 一种智能身份认证系统

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111695910A (zh) * 2020-06-12 2020-09-22 中国银行股份有限公司 一种安全认证的方法、装置、存储介质及电子设备
CN111695910B (zh) * 2020-06-12 2023-11-21 中国银行股份有限公司 一种安全认证的方法、装置、存储介质及电子设备
CN111770075A (zh) * 2020-06-23 2020-10-13 北京嘀嘀无限科技发展有限公司 任务处理方法、装置、可读存储介质和电子设备
CN111770075B (zh) * 2020-06-23 2022-12-09 北京嘀嘀无限科技发展有限公司 任务处理方法、装置、可读存储介质和电子设备

Also Published As

Publication number Publication date
CN110798432A (zh) 2020-02-14

Similar Documents

Publication Publication Date Title
US10348715B2 (en) Computer-implemented systems and methods of device based, internet-centric, authentication
CN111556006B (zh) 第三方应用系统登录方法、装置、终端及sso服务平台
CN110958118B (zh) 证书认证管理方法、装置、设备及计算机可读存储介质
KR20180053701A (ko) 로컬 디바이스 인증
CN112559993B (zh) 身份认证方法、装置、系统及电子设备
US9980142B2 (en) Methods and apparatus for SIM-based authentication of non-SIM devices
US10536271B1 (en) Silicon key attestation
US8977857B1 (en) System and method for granting access to protected information on a remote server
CN105099673A (zh) 一种授权方法、请求授权的方法及装置
WO2020025056A1 (fr) Procédé, dispositif, système et terminal mobile pour une autorisation de sécurité
US20150208238A1 (en) Terminal identity verification and service authentication method, system and terminal
JP2018517367A (ja) サービスプロバイダ証明書管理
CN108259502A (zh) 用于获取接口访问权限的鉴定方法、服务端及存储介质
US20210135869A1 (en) Using ip heuristics to protect access tokens from theft and replay
US20150244695A1 (en) Network authentication method for secure user identity verification
CN104935435A (zh) 登录方法、终端及应用服务器
WO2019056971A1 (fr) Procédé et dispositif d'authentification
CN105306210A (zh) 一种利用应用程序实现授权的方法、装置及系统
CN114157434A (zh) 登录验证方法、装置、电子设备及存储介质
CN113709115A (zh) 认证方法及装置
US20230164131A1 (en) Accessing cloud data providers with user-impersonation
US8875244B1 (en) Method and apparatus for authenticating a user using dynamic client-side storage values
CN109858235B (zh) 一种便携式设备及其暗码获取方法和装置
CN111355583B (zh) 一种业务提供系统、方法、装置、电子设备及存储介质
US9621546B2 (en) Method of generating one-time password and apparatus for performing the same

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19843291

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19843291

Country of ref document: EP

Kind code of ref document: A1