WO2020124607A1

WO2020124607A1 - Authenticity querying method and terminal device using same

Info

Publication number: WO2020124607A1
Application number: PCT/CN2018/122917
Authority: WO
Inventors: 徐顺海; 周涌; 段晓冬
Original assignee: 华为技术有限公司
Priority date: 2018-12-22
Filing date: 2018-12-22
Publication date: 2020-06-25
Also published as: CN113196262A

Abstract

The present disclosure relates to an authenticity querying method and a terminal device using same. The method comprises: automatically reading network entry permission information of the terminal device and displaying a first user interface comprising the network entry permission information and an authenticity querying interaction element; and upon receipt of an input of a user for selecting the authenticity querying interaction element, sending an authenticity querying request carrying the network entry permission information to an authenticity verification server, receiving an authenticity querying result corresponding to the network entry permission information from the authenticity verification server, and displaying the authenticity querying result. By means of the solution provided in the present application, a user can intuitively see network entry permission information of a device by means of a user interface of the terminal device and conveniently query authenticity of the terminal device, thereby significantly improving convenience of authenticity querying for the terminal device.

Description

Authenticity query method and terminal equipment

Technical field

The present disclosure relates to the field of intelligent terminals, and more specifically, to a method of authenticity query and its terminal device.

Background technique

China implements a network access licensing system for telecommunications terminal equipment, radio communication equipment and telecommunications equipment that are used to access public telecommunications networks. Telecommunications equipment that implements a network access permit system must obtain a network access permit issued by the Ministry of Industry and Information Technology of China.

A telecommunications equipment manufacturing enterprise shall paste a network access permission mark on the telecommunication equipment it has obtained with a network access permission. The network access permission mark is uniformly printed and issued by the Ministry of Industry and Information Technology and is a quality mark. The telecommunications equipment that has not obtained the network access permission and the network access license is invalid shall not be affixed with the network access permission mark. The network access permission sign contains information such as the network access license number, device model, and scrambling code. The user can query and verify the information on the access permission mark through the webpage to verify the authenticity of the device.

However, the network access permission sign is affixed to the device casing in the form of a paper label, which affects the appearance of the device. Moreover, the cost of paper label transfer, transportation, storage, pasting and inspection is relatively high, and paper labels are not easy to retain. If the label information is damaged or lost, the subsequent authenticity verification operation cannot be performed. Moreover, the legality of the device requires the user to manually log in to the website and enter the information of the paper entry permission mark, and the operation experience is poor.

Summary of the invention

This article describes a true and false query method and its terminal equipment, which can provide a convenient and fast true and false query method for terminal equipment.

To achieve the above purpose, the embodiments of the present application adopt the following technical solutions:

In the first aspect, the present application provides a method for querying the authenticity of a terminal device. The authenticity query method includes: automatically reading network access permission information, which includes one or any combination of the following items: network access license number, terminal device model, scrambling code, international mobile terminal equipment identification code ( IMEI), mobile terminal equipment identification code (MEID), network access license application unit, terminal equipment name, network access certificate certificate validity period or issuance date; the first user interface is displayed, the first user interface includes the above network access license Information and authenticity query interactive elements; acquiring the first touch input for selecting authenticity query interactive elements; in response to the first touch input, sending a authenticity query request to the authenticity verification server, the authenticity query request includes the above-mentioned network access permission information ; Receive the authenticity query result corresponding to the network access permission information from the authenticity verification server; display the authenticity query result.

In the above authenticity query method, the user can intuitively view the network access permission information through the user interface, and trigger the authenticity query request and display the authenticity query result through the user interface. Compared with the previous paper network entry permission signs, the authenticity check rate of the terminal device can be improved for two reasons. One is that the user no longer needs to manually enter the network entry license number; the second is to eliminate the loss of the paper network entry permission signs. Risk, users can check the authenticity of the terminal device at any time after purchasing the terminal device.

In some possible implementation manners, the foregoing network access permission information is stored in a non-volatile memory (for example, read only memory (ROM) or flash memory (Flash) Memory) of the terminal device. In this way, when the terminal device is turned off and powered off, the stored network access permission information will not be lost, and the user can turn on the device at any time to view the network access permission information of the terminal device.

In some possible implementations, the network access permission information displayed on the first user interface is recorded in a Quick Response Matrix code (Quick Response Code).

In some possible implementations, the above quick response matrix code also records the authenticity query URL (for example, https:\\www.tenaa.com.cn). In this way, the user can scan the quick response matrix code displayed in the first user interface through the second terminal device (different from the terminal device displaying the first user interface described above) to obtain the network entry permission information and the real record recorded in the quick response matrix code A fake query URL, the second terminal device can access the authenticity verification server by accessing the authenticity query URL (that is, a authenticity query website is deployed on the authenticity verification server), and send the network access permission information to the authenticity verification server ( For example, the network access permission information is sent to the authenticity verification server through HTTP POST); the second terminal device receives the authenticity query result corresponding to the network access permission information from the authenticity verification server; the second terminal device displays the State the true and false query results.

In the above implementation, the user can query the authenticity of the terminal device with the assistance of the second terminal device. For example, when a newly purchased terminal device (for example, a smart watch) cannot connect to the network, the second terminal device (for example, a smart phone) can be used to scan the quick response matrix code displayed on the terminal device to query the authenticity of the terminal device.

In some possible implementation manners, the above-mentioned terminal device authenticity query method further includes starting an operating system setting wizard, and the first user interface is presented during the operating system setting wizard.

In the above implementation manner, after the terminal device is turned on for the first time, the terminal device starts an operating system setting wizard, and displays a first user interface containing network access permission information during the operating system setting wizard. In this way, the user can verify the authenticity of the terminal device when purchasing the terminal device for the first time after purchasing it, and obtain the authenticity verification result in time, avoiding the risk of being deceived.

In some possible implementations, the step of sending the authenticity query request to the authenticity verification server includes: generating a uniform resource locator (Uniform Resource Locator, URL) containing the above network access permission information; accessing the web browser application The resource identified by the uniform resource locator in the authenticity verification server.

In some possible implementations, the authenticity verification server verifies whether the terminal device is true by querying the network access permission information database for network access permission information corresponding to the terminal device, and if there is network access permission information corresponding to it, then It means that the terminal device is legal; if there is no corresponding network access permission information, it means that the terminal device is illegal.

In a second aspect, an embodiment of the present application provides a terminal device, including: a processor, a memory, a bus, and a communication interface; the memory is used to store computer-executed instructions, and the processor and the memory are connected through the bus, when the terminal device During operation, the processor executes the computer execution instruction stored in the memory, so that the terminal device executes any one of the foregoing terminal device authenticity query methods.

In a third aspect, an embodiment of the present application provides a computer-readable storage medium having instructions stored therein, and when the instructions run on any of the foregoing terminal devices, the terminal device is allowed to execute any of the foregoing Method for querying authenticity of terminal equipment.

According to a fourth aspect, an embodiment of the present application provides a computer program product containing instructions that, when running on any of the above-mentioned terminal devices, cause the terminal device to execute any of the above-mentioned terminal device authenticity query methods.

In addition, for the technical effects brought by any one of the design methods in the second aspect to the fourth aspect, reference may be made to the technical effects brought by the different design methods in the above first aspect, and details are not described here.

According to a fifth aspect, an embodiment of the present application provides another method for authenticating a terminal device. The authenticity query method includes: the terminal device receives the authenticity query instruction sent by the authenticity verification device; the terminal device starts in response to the authenticity query instruction The authentication process for the terminal device; when the terminal device is authenticated, the terminal device automatically reads the network access permission information. The network access permission information includes one or any combination of the following items: network access license number, terminal device Model, scrambling code, international mobile terminal equipment identification code (IMEI), mobile terminal equipment identification code (MEID), network access license application unit, terminal device name, network access license certificate validity period or issuance date; the terminal device Sending the above network access permission information to the authenticity verification device, so that the authenticity verification device obtains the authenticity query result corresponding to the network access permission information.

The authenticity query method is mainly aimed at counterfeit terminals produced by some counterfeit terminal manufacturers. For example, the counterfeit terminal may also display a first user interface similar to that in the above-mentioned first aspect, displaying forged network entry permission information and authenticity query interaction elements in the user interface. When the user selects the authenticity query interactive element, the counterfeit terminal directly displays a query result such as "the logo information you query is true and corresponds to the product serial number". In fact, the network access permission information displayed by the counterfeit terminal is fake, but it looks similar to the network access permission information displayed by the regular terminal device (for example, the counterfeit terminal also displays the QR code and the terminal device model, network access permission Card number, scrambling code, etc.), when the user selects the authenticity query interactive element, the fake terminal does not send the authenticity query request to the authenticity verification server, but directly displays "the logo information you query is true and corresponds to the product serial number ", the results of the query make users mistakenly believe that the purchase is genuine. In this case, the counterfeit terminal does not have access to the authenticity verification server at all, but only uses the forged network access permission information and the forged authenticity query result to make the user mistakenly believe that the purchase is genuine.

In the authenticity query method of the fifth aspect, the authenticity verification device may be an authenticity detection device provided by the Ministry of Industry and Information Technology. If the user suspects that the purchased terminal equipment is a counterfeit product, the terminal equipment can be sent to a professional testing agency approved by the Ministry of Industry and Information Technology for verification using the above-mentioned authenticity query method. If the authenticity verification device shows that the terminal device is genuine after the above-mentioned authenticity inquiry, it means that the user purchased genuine products.

In some possible implementations, the terminal device and the authenticity verification device perform authentication of the terminal device based on an asymmetric key encryption algorithm. For example, the terminal device and the authenticity verification device store asymmetric key pairs (ie, public key and private key), and one of them (eg, terminal device) adopts the private key to specific data (eg, random number) ) Encryption, and the other party (for example, authenticity verification device) uses the public key to decrypt the data, if the decryption is successful, the terminal device is considered successful. After the terminal device is successfully authenticated, the terminal device reads the network access permission information and passes it to the authenticity verification device. The authenticity verification device inquires whether the above network access permission information is stored in the network access permission information database, and if it exists, it proves that the terminal device is genuine. In one implementation, the authenticity verification device locally stores a network access permission information database. In another implementation manner, the network entry permission information database is stored in the authenticity verification server, where the authenticity verification device accesses the network entry permission information database stored by the authenticity verification server to determine the authenticity of the terminal device.

In some possible implementations, after the terminal device is successfully authenticated, the terminal device not only sends the network access permission information to the authenticity verification device, but also sends the terminal device's product serial number (IMEI, MEID, or other terminal device's unique identifier ( For example, the hardware serial number)) to the authenticity verification device. After the authenticity verification device obtains the serial number, it queries whether the serial number matches the serial number passed by the stored terminal device manufacturer. If it matches, the terminal device is genuine.

Through any of the above-mentioned design methods in the fifth aspect, users can verify the authenticity of terminal devices by using authenticity verification equipment provided by professional authentication agencies, which can prevent counterfeit and inferior products from entering the market to a certain extent.

BRIEF DESCRIPTION

FIG. 1 is an architectural diagram of a network access license management system provided by an embodiment of the present application;

2 is a schematic diagram of a network access license management method provided by an embodiment of the present application;

3 is a schematic structural diagram of a terminal device according to an embodiment of the present application;

4A is a schematic structural diagram of a terminal device authenticity verification system provided by an embodiment of the present application;

4B is a schematic diagram of a variety of network access permission electronic signs provided by embodiments of the present application;

5 is a schematic diagram of querying the authenticity of a terminal device in an operating system setting wizard provided by an embodiment of the present application;

6A is an exemplary user interface of a terminal device authenticity query provided by an embodiment of the present application;

6B is an exemplary user interface of a terminal device authenticity query result provided by an embodiment of the present application;

7 is another exemplary user interface for querying authenticity information of a terminal device provided by an embodiment of the present application;

8A, 8B, 8C, and 8D show yet another exemplary user interface for authenticity query of a terminal device provided by an embodiment of the present application;

9 is a flowchart of an exemplary method for querying the authenticity of a terminal device according to an embodiment of the present application;

10 is a schematic structural diagram of another terminal device provided by an embodiment of the present application;

11 is a schematic structural diagram of yet another terminal device provided by an embodiment of the present application;

12 is a schematic diagram of a terminal device authenticity query system provided by an embodiment of the present application;

13 is another exemplary process diagram of a terminal device authenticity query provided by an embodiment of the present application;

14 is another exemplary process diagram of authenticity query of a terminal device provided by an embodiment of the present application.

detailed description

The technical solutions in the embodiments of the present disclosure will be described below in conjunction with the drawings in the embodiments of the present disclosure.

FIG. 1 shows an architecture diagram of a network entry license management system 100 according to various examples. In some examples, the system 100 may implement functions such as application acceptance and issuance of network access licenses, and monitoring of the use of network access licenses. The term "network access license" refers to a network access license issued by a network access license management organization (for example, the Ministry of Industry and Information Technology of China). Only communication devices that have obtained the network access license are allowed to use and sell on the public communication network. The term "network access permission electronic mark" refers to a quality mark stored in the form of electronic data on a communication device that has obtained a network access permission (this is a term relative to the paper network access permission label in the prior art ), the network access permission electronic mark records the network access permission information of the device.

As shown in FIG. 1, in some examples, the network entry license management system 100 includes a network entry license management server 102, and a network entry license data management client 104 for device vendors (eg, manufacturers of terminal devices), and The network license importing device 106 and the terminal device 108 (for example, the mobile phone 108 or the watch 108 in FIG. 1) are composed. The network access license data management client 104 and the network access license management server 102 of the equipment supplier may communicate through one or more networks 110 according to the client-server model.

The network access license management server 102 is provided by a network access license management organization (for example, an official organization such as the Ministry of Industry and Information Technology of China or other third-party network access license management organization), and is managed and maintained. The network access license data management server 102 can provide server-side functions for the network access license data management client 104 of the terminal device manufacturer, such as the application, issuance of network access licenses of various equipment vendors, and monitoring of the use of network access licenses .

The device merchant network access license data management client 104 is provided by the device manufacturer (for example, a mobile phone or smart watch manufacturer), and is managed and maintained. The equipment provider network entry license data management client 104 may provide client-side functions such as network entry license application and network entry license usage report for equipment vendors, and communication with the network entry license data management server.

The network entry license importing device 106 may be a production device on the production line of the equipment manufacturer's production workshop, and is responsible for acquiring a network entry license from the device manufacturer's network entry license data management client 104 and importing network entry license information to the terminal device 108. In some embodiments, the network entry license importing device 106 obtains three parameters of the network entry license number, terminal device model, and scrambling code from the network entry license data management client 104, and uses the three parameters in order Separated by commas, spliced into a string "NAL" (where NAL stands for (Network) Access License), the NAL string spliced by comma can be "network access license number, terminal device model, scrambling code"). In one example, the NAL string may be "02-5043-163526, MHA-AL00, 9YP24PAA2C152TA". Next, the above character string is written into the terminal device (for example, stored in a non-volatile memory). In some implementations, the digital signature of the above string can be used (for example, a hash value is obtained by performing a hash operation on the "NAL" string once, and then the above hash value is encrypted with the private key of the asymmetric encryption algorithm as (Signature) is written into the terminal device together. Finally, the network entry license importing device 106 reads the written "NAL" character string from the terminal device 108 to determine whether the character string is written correctly. If the character string read from the terminal device 108 is the same as the character string started to be written If it matches, it proves that the network access permission information is successfully written. In some implementations, if the "NAL" character string is stored in the terminal device together with the signature information, the network entry license import device 106 can decrypt the signature with the public key to obtain the "NAL" character string after reading the signature information, Next, it is judged whether the character string matches the written "NAL" character string.

The network access license import device 106 also uses the network access license of the production line (for example, the terminal device product serial number (such as the international mobile terminal equipment identification code (International Mobile Equipment Identity (IMEI) or the mobile terminal equipment identification code (Mobile Equipment Equipment Identifier, MEID or other terminal equipment unique identifier (for example, hardware serial number)) and the network access permission information correspondence table, in which the network access permission information corresponds to the terminal device product serial number one-to-one) Notify the equipment supplier of the network access license data Manage the client 104 and finally pass it to the network entry license management server 102. Among them, the network entry license information includes one or any combination of the following items: network entry license number, terminal device model, scrambling code, international mobile terminal Equipment identification code (IMEI), mobile terminal equipment identification code (MEID), network access license application unit, terminal device name, network access certificate certificate validity period or issuance date. Among them, the scrambling code is uniquely owned by each terminal device The number is as unique as the International Mobile Equipment Identity (IMEI) or the Mobile Equipment Identity (MEID).

In some examples, the network entry license management server 102 may include a client-facing external I/O interface 112, one or more processing modules 114, and a storage module 116. The client-facing external I/O interface 112 can communicate with the device merchant network license data management client 104 through one or more networks 110. The one or more processing modules 114 may process the network entry license application, network entry license issuance, and network entry license usage monitoring of the equipment provider network entry license data management client 104. In addition, the one or more processing modules 114 generate a network access license based on information such as the number of devices and device models reported by the device vendor. The storage module 116 is used to store data and instructions. Wherein, the storage module 116 can store data for network entry license applications of equipment vendors (such as network entry permission application forms, equipment vendor enterprise information, equipment information, and equipment quality inspection reports, etc.), or network entry permission information usage data. In some embodiments, the network access permission information usage data may be a terminal device product serial number (such as an international mobile terminal equipment identification code (International Mobile Equipment Identity (IMEI)) or a mobile terminal device identification code (Mobile Equipment (Identifier, MEID) or other terminal equipment unique identification (for example, hardware serial number)) and the network access permission information correspondence table, wherein the network access permission information and terminal equipment product serial number one-to-one correspondence). In some embodiments, the network access permission information usage data may also be a correspondence table between the terminal device product serial number and the network access permission information serial number (the network access permission information serial number may also be referred to as a network access permission electronic sign serial number). The network entry license management server 102 assigns a corresponding serial number to each piece of network entry license information.

In some examples, the device merchant network license data management client 104 may include a server-oriented external I/O interface 118, one or more processing modules 120, and a storage module 122. The server-oriented external I/O interface 118 can communicate with the network entry license management server 102 through one or more networks 110. One or more processing modules 120 may apply for a network entry license to the network entry license management server 102 through the external I/O interface 118 and transfer the usage status of the network entry license. In addition, one or more processing modules 120 pass the number and model of devices to the network access license management server 102 through the external I/O interface 118 to apply for a network access license. The storage module 122 is used to store data and instructions. Wherein, the storage module 122 can store the data of the equipment supplier's network access license application (such as device model, device name, number of devices, and equipment quality certification information, etc.), network access permission information usage data (for example, the terminal equipment product serial number (IMEI is recorded Or MEID) correspondence table with network entry permission information, where the network entry permission information corresponds one-to-one with the serial number of the terminal device product). Of course, the network access permission information usage data may also be a correspondence table between the terminal device product serial number and the network access permission information serial number. The network entry license management server 102 assigns a corresponding serial number to each piece of network entry license information.

The terminal device 108 may be any suitable electronic device (the structure of which may refer to the electronic device 300 described in FIG. 3 below), such as a mobile phone or other portable multi-function devices (such as a laptop or tablet computer). Furthermore, in some examples, the terminal device 108 may be a non-portable multi-function device. Specifically, the terminal device 108 may be a desktop computer, a game console, a television, or a television set-top box. In some examples, the terminal device 108 may include a touch-sensitive surface (eg, a touch screen display and/or a touchpad). In addition, the terminal device 108 may optionally include one or more other physical user interface devices, such as a physical keyboard, mouse, and/or joystick. In some examples, the terminal device 108 may be a wearable electronic device, such as a smart watch, smart bracelet, or the like.

Examples of the communication network 110 may include a local area network (LAN) and a wide area network (WAN), such as the Internet. The communication network 110 can be implemented using any known network protocol, including various wired or wireless protocols, such as, for example, Ethernet, Universal Serial Bus (USB), Global System for Mobile Communications (GSM), Enhanced Data GSM Environment (EDGE ), code division multiple access (CDMA), time division multiple access (TDMA), long-term evolution (LTE), Bluetooth, wireless fidelity (Wi-Fi) any other suitable communication protocol.

The network entry license management server system 100 may be implemented on one or more independent data processing devices or distributed networks. In some examples, the server system 100 may also employ various virtual devices and/or services of third-party service providers (eg, third-party cloud service providers) to provide potential computing resources and/or infrastructure resources of the server system 100 .

FIG. 2 shows a schematic diagram of a network entry license management method according to various examples.

In step 202, before producing the terminal device, the equipment supplier sends a network access license acquisition request to the network access license management server 102 through the network access license data management client 104 of the equipment vendor. The network access license acquisition request carries one or any combination of the following parameters: equipment manufacturer, equipment name, equipment model, equipment quantity or equipment quality inspection report.

In step 204, the network entry license management server 102 verifies the network entry license acquisition request submitted by the device manufacturer's network entry license data management client 104. If the network entry license management server 102 verifies that the conditions are met, the network entry license management server 102 generates a network entry license, and sends the network entry permission information to the equipment provider network entry license data management client 104. Network access permission information includes one or any combination of the following: network access license number, terminal device model, scrambling code, international mobile terminal equipment identification code (IMEI), mobile terminal equipment identification code (MEID), network access license The certificate application unit, the name of the terminal equipment, the validity period of the network access license certificate or the date of issuance.

In some implementations, in order to record the amount of network access permission information sent, the network access license management server 102 may also send a serial number corresponding to the network access permission information in step 204 (the sequence number may also be referred to as a network access permission electronic Mark serial number) to the network equipment supplier license data management client 104. In this way, the network entry license management server 102 can easily count the number of network entry permit electronic signs issued based on the serial number.

In step 206, the network entry license management server 102 transmits the network entry permission information to the device merchant network entry license data management client 104. After that, the device merchant network entry license data management client 104 stores the above network entry license information to the storage module 122 and passes it to the network entry license import device 106 at step 208.

In step 208, the network entry license importing device 106 sends the network entry permission information to the terminal device 108. For example, the license import device 106 of the equipment manufacturer's production line sends the network access permission information to the terminal device 108 through the AT command or Diag command, and is saved by the terminal device 108, for example, stored in the non-volatile of the terminal device 108 In the manufacturer information in the memory (for example, Original Equipment (OEM) Information). At the same time, a corresponding signature is stored with the network access permission information, which is used to verify the identity of the requester requesting access to the network access permission information. After that, the terminal device 108 can call a series of interfaces to access the network access permission information. Taking the terminal device 108 equipped with an Android operating system as an example, the application layer application (for example, setting application or operating system setting wizard application) of the terminal device 108 obtains the terminal device through an interface corresponding to the framework layer (Framework layer) for obtaining network access permission information 108 saves the network access permission information. The framework layer verifies the permission of the application requesting access to the network access permission information, and if malicious access to the illegal application is detected, the access request is denied; if the application requesting access to the network access permission information has access permission, it is allowed to access the network access permission information.

In step 210, the license importing device 106 feeds back the network access license data management client 104 using the network access permission information. That is, the license importing device 106 feeds back the mobile terminal device identification code terminal device product serial number (IMEI number or MEID number) and the corresponding network entry permission information correspondence table according to the actually produced and used quantity. Among them, there is a one-to-one correspondence between the network entry permission information and the terminal device product serial number of the terminal device 108.

In some embodiments, in step 210, the format of the correspondence table fed back by the equipment vendor to the network entry license management server 102 is "product serial number, network entry license information serial number". If the terminal device has multiple product serial numbers (for example, when the terminal device supports multiple SIM cards, there are multiple IMEI numbers), the number of correspondence tables returned by the device vendor to the network entry license management server 102 is "product Serial number 1, product serial number 2, serial number of network access permission information". For example, taking a terminal device with two IMEIs and two MEIDs as an example, the feedback corresponding relationship is "IMEI1, IMEI2, MEID1, MEID2, network access permission information serial number".

In step 212, the device merchant network entry license data management client 104 feeds back the network entry license management server 102 the usage status of the network entry license information. For example, the equipment supplier network entry license data management client 104 feeds back the network entry license management server 102 a correspondence table of the terminal device product serial number (IMEI number and/or MEID number) and corresponding network entry permission information.

Now, an embodiment of a terminal device with network access permission information or network access permission electronic sign will be introduced. FIG. 3 shows a schematic structural diagram of the terminal device 108 in FIG. 1 according to an embodiment of the present disclosure. The terminal device 108 will be described using the electronic device 300 shown in FIG. 3 as an example.

The electronic device 300 may include a processor 310, an external memory interface 320, an internal memory 321, a universal serial bus (USB) interface 330, a charging management module 340, a power management module 341, a battery 342, an antenna 1, an antenna 2 , Mobile communication module 350, wireless communication module 360, audio module 370, speaker 370A, receiver 370B, microphone 370C, headphone jack 370D, sensor module 380, buttons 390, motor 391, indicator 392, camera 393, display 394, and Subscriber identification module (SIM) card interface 395, etc. The sensor module 380 may include a pressure sensor 380A, a gyro sensor 380B, an air pressure sensor 380C, a magnetic sensor 380D, an acceleration sensor 380E, a distance sensor 380F, a proximity light sensor 380G, a fingerprint sensor 380H, a temperature sensor 380J, a touch sensor 380K, and ambient light Sensor 380L, bone conduction sensor 380M, etc.

It can be understood that the structure illustrated in the embodiment of the present application does not constitute a specific limitation on the electronic device 300. In other embodiments of the present application, the electronic device 300 may include more or fewer components than shown, or combine some components, or split some components, or arrange different components. The illustrated components can be implemented in hardware, software, or a combination of software and hardware.

The processor 310 may include one or more processing units. For example, the processor 310 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), and an image signal processor. (image)signal processor (ISP), controller, video codec, digital signal processor (DSP), baseband processor, and/or neural-network processing unit (NPU), etc. Among them, the different processing units may be independent devices or may be integrated in one or more processors.

The controller can generate the operation control signal according to the instruction operation code and the timing signal to complete the control of instruction fetch and execution.

The processor 310 may also be provided with a memory for storing instructions and data. In some embodiments, the memory in the processor 310 is a cache memory. The memory may store instructions or data that the processor 310 has just used or recycled. If the processor 310 needs to use the instruction or data again, it can be directly called from the memory. The repeated access is avoided, and the waiting time of the processor 310 is reduced, thereby improving the efficiency of the system.

In some embodiments, the processor 310 may include one or more interfaces. Interfaces can include integrated circuit (inter-integrated circuit, I2C) interface, integrated circuit built-in audio (inter-integrated circuit, sound, I2S) interface, pulse code modulation (pulse code modulation (PCM) interface, universal asynchronous transceiver (universal) asynchronous receiver/transmitter, UART) interface, mobile industry processor interface (MIPI), general-purpose input/output (GPIO) interface, subscriber identity module (SIM) interface, and /Or universal serial bus (USB) interface, etc.

The I2C interface is a bidirectional synchronous serial bus, including a serial data line (serial data line, SDA) and a serial clock line (derail clock line, SCL). In some embodiments, the processor 310 may include multiple sets of I2C buses. The processor 310 may respectively couple the touch sensor 380K, charger, flash, camera 393, etc. through different I2C bus interfaces. For example, the processor 310 may couple the touch sensor 380K through the I2C interface, so that the processor 310 and the touch sensor 380K communicate through the I2C bus interface, and realize the touch function of the electronic device 300.

The I2S interface can be used for audio communication. In some embodiments, the processor 310 may include multiple sets of I2S buses. The processor 310 may be coupled with the audio module 370 through an I2S bus to implement communication between the processor 310 and the audio module 370. In some embodiments, the audio module 370 can transmit an audio signal to the wireless communication module 360 through the I2S interface to implement the function of answering the call through the Bluetooth headset.

The PCM interface can also be used for audio communication, sampling, quantizing and encoding analog signals. In some embodiments, the audio module 370 and the wireless communication module 360 may be coupled through a PCM bus interface. In some embodiments, the audio module 370 can also transmit audio signals to the wireless communication module 360 through the PCM interface to realize the function of answering the call through the Bluetooth headset. Both the I2S interface and the PCM interface can be used for audio communication.

The UART interface is a universal serial data bus used for asynchronous communication. The bus may be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, the UART interface is generally used to connect the processor 310 and the wireless communication module 360. For example, the processor 310 communicates with the Bluetooth module in the wireless communication module 360 through the UART interface to implement the Bluetooth function. In some embodiments, the audio module 370 can transmit audio signals to the wireless communication module 360 through the UART interface to achieve the function of playing music through a Bluetooth headset.

The MIPI interface can be used to connect the processor 310 to peripheral devices such as the display screen 394 and the camera 393. MIPI interface includes camera serial interface (camera serial interface, CSI), display serial interface (display serial interface, DSI) and so on. In some embodiments, the processor 310 and the camera 393 communicate through a CSI interface to implement the shooting function of the electronic device 300. The processor 310 and the display screen 394 communicate through the DSI interface to realize the display function of the electronic device 300.

The GPIO interface can be configured via software. The GPIO interface can be configured as a control signal or a data signal. In some embodiments, the GPIO interface may be used to connect the processor 310 to the camera 393, the display screen 394, the wireless communication module 360, the audio module 370, the sensor module 380, and the like. GPIO interface can also be configured as I2C interface, I2S interface, UART interface, MIPI interface, etc.

The USB interface 330 is an interface that conforms to the USB standard specifications, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, etc. The USB interface 330 can be used to connect a charger to charge the electronic device 300, and can also be used to transfer data between the electronic device 300 and peripheral devices. It can also be used to connect headphones and play audio through the headphones. The interface can also be used to connect other electronic devices, such as AR devices.

It can be understood that the interface connection relationship between the modules illustrated in the embodiments of the present application is only a schematic description, and does not constitute a limitation on the structure of the electronic device 300. In other embodiments of the present application, the electronic device 300 may also use different interface connection methods in the foregoing embodiments, or a combination of multiple interface connection methods.

The charging management module 340 is used to receive charging input from the charger. The charger can be a wireless charger or a wired charger. In some wired charging embodiments, the charging management module 340 may receive the charging input of the wired charger through the USB interface 330. In some wireless charging embodiments, the charging management module 340 may receive wireless charging input through the wireless charging coil of the electronic device 300. While the charging management module 340 charges the battery 342, it can also supply power to the electronic device through the power management module 341.

The power management module 341 is used to connect the battery 342, the charging management module 340 and the processor 310. The power management module 341 receives input from the battery 342 and/or the charging management module 340, and supplies power to the processor 310, internal memory 321, display screen 394, camera 393, wireless communication module 360, and the like. The power management module 341 can also be used to monitor battery capacity, battery cycle times, battery health status (leakage, impedance) and other parameters. In some other embodiments, the power management module 341 may also be disposed in the processor 310. In other embodiments, the power management module 341 and the charging management module 340 may also be set in the same device.

The wireless communication function of the electronic device 300 can be realized by the antenna 1, the antenna 2, the mobile communication module 350, the wireless communication module 360, the modem processor and the baseband processor.

Antenna 1 and antenna 2 are used to transmit and receive electromagnetic wave signals. Each antenna in the electronic device 300 may be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve antenna utilization. For example, the antenna 1 can be multiplexed as a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 350 can provide a wireless communication solution including 2G/3G/4G/5G and the like applied to the electronic device 300. The mobile communication module 350 may include at least one filter, switch, power amplifier, low noise amplifier (LNA), and the like. The mobile communication module 350 may receive electromagnetic waves from the antenna 1 and filter, amplify, etc. the received electromagnetic waves, and transmit them to a modem processor for demodulation. The mobile communication module 350 can also amplify the signal modulated by the modulation and demodulation processor and convert it to electromagnetic wave radiation through the antenna 1. In some embodiments, at least part of the functional modules of the mobile communication module 350 may be provided in the processor 310. In some embodiments, at least part of the functional modules of the mobile communication module 350 and at least part of the modules of the processor 310 may be provided in the same device.

The modem processor may include a modulator and a demodulator. Among them, the modulator is used to modulate the low-frequency baseband signal to be transmitted into a high-frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then transmits the demodulated low-frequency baseband signal to the baseband processor for processing. The low-frequency baseband signal is processed by the baseband processor and then passed to the application processor. The application processor outputs a sound signal through an audio device (not limited to a speaker 370A, a receiver 370B, etc.), or displays an image or video through a display screen 394. In some embodiments, the modem processor may be an independent device. In other embodiments, the modem processor may be independent of the processor 310, and may be set in the same device as the mobile communication module 350 or other functional modules.

The wireless communication module 360 can provide wireless local area networks (wireless local area networks, WLAN) (such as wireless fidelity (Wi-Fi) networks), Bluetooth (bluetooth, BT), and global navigation satellites that are applied to the electronic device 300. Wireless communication solutions such as global navigation (satellite system, GNSS), frequency modulation (FM), near field communication (NFC), infrared technology (infrared, IR), etc. The wireless communication module 360 may be one or more devices integrating at least one communication processing module. The wireless communication module 360 receives the electromagnetic wave via the antenna 2, frequency-modulates and filters the electromagnetic wave signal, and sends the processed signal to the processor 310. The wireless communication module 360 may also receive the signal to be transmitted from the processor 310, frequency-modulate it, amplify it, and convert it to electromagnetic waves through the antenna 2 to radiate it out.

In some embodiments, the antenna 1 of the electronic device 300 is coupled to the mobile communication module 350, and the antenna 2 is coupled to the wireless communication module 360, so that the electronic device 300 can communicate with the network and other devices through wireless communication technology. The wireless communication technology may include a global mobile communication system (global system for mobile communications, GSM), general packet radio service (general packet radio service, GPRS), code division multiple access (code division multiple access, CDMA), broadband Wideband code division multiple access (WCDMA), time-division code division multiple access (TD-SCDMA), long-term evolution (LTE), BT, GNSS, WLAN, NFC , FM, and/or IR technology, etc. The GNSS may include a global positioning system (GPS), a global navigation satellite system (GLONASS), a beidou navigation system (BDS), and a quasi-zenith satellite system (quasi -zenith satellite system (QZSS) and/or satellite-based augmentation system (SBAS).

The electronic device 300 realizes a display function through a GPU, a display screen 394, and an application processor. The GPU is a microprocessor for image processing, connecting the display screen 394 and the application processor. The GPU is used to perform mathematical and geometric calculations, and is used for graphics rendering. The processor 310 may include one or more GPUs that execute program instructions to generate or change display information.

The display screen 394 is used to display images, videos, etc. The display screen 394 includes a display panel. The display panel can use a liquid crystal display (LCD), organic light-emitting diode (OLED), active matrix organic light-emitting diode or active matrix organic light-emitting diode (active-matrix organic light-emitting diode) emitting diode, AMOLED, flexible light-emitting diode (FLED), Miniled, MicroLed, Micro-oLed, quantum dot light emitting diode (QLED), etc. In some embodiments, the electronic device 300 may include 1 or N display screens 394, where N is a positive integer greater than 1.

The electronic device 300 can realize a shooting function through an ISP, a camera 393, a video codec, a GPU, a display screen 394, an application processor, and the like.

The ISP processes the data fed back by the camera 393. For example, when taking a picture, the shutter is opened, and light is transmitted to the photosensitive element of the camera through the lens, and the optical signal is converted into an electrical signal. The photosensitive element of the camera transmits the electrical signal to the ISP for processing and converts it into an image visible to the naked eye. ISP can also optimize the algorithm of image noise, brightness and skin color. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some embodiments, the ISP may be provided in the camera 393.

The camera 393 is used to capture still images or videos. The object generates an optical image through the lens and projects it onto the photosensitive element. The photosensitive element may be a charge coupled device (charge coupled device, CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the optical signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. DSP converts digital image signals into standard RGB, YUV and other format image signals. In some embodiments, the electronic device 300 may include 1 or N cameras 393, where N is a positive integer greater than 1.

The digital signal processor is used to process digital signals. In addition to digital image signals, it can also process other digital signals. For example, when the electronic device 300 is selected at a frequency point, the digital signal processor is used to perform Fourier transform on the energy at the frequency point.

The video codec is used to compress or decompress digital video. The electronic device 300 may support one or more video codecs. In this way, the electronic device 300 can play or record videos in various encoding formats, for example: moving picture experts group (MPEG) 1, MPEG2, MPEG3, MPEG4, etc.

NPU is a neural-network (NN) computing processor. By drawing on the structure of biological neural networks, such as the transfer mode between neurons in the human brain, it can quickly process the input information and can continue to self-learn. The NPU can realize applications such as intelligent cognition of the electronic device 300, such as image recognition, face recognition, voice recognition, and text understanding.

The external memory interface 320 may be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the electronic device 300. The external memory card communicates with the processor 310 through the external memory interface 320 to realize the data storage function. For example, save music, video and other files in an external memory card.

The internal memory 321 may be used to store computer executable program code, where the executable program code includes instructions. The internal memory 321 may include a storage program area and a storage data area. Among them, the storage program area may store an operating system, at least one function required application programs (such as sound playback function, image playback function, etc.). The storage data area may store data (such as audio data, phone book, etc.) created during use of the electronic device 300 and the like. In addition, the internal memory 321 may include a high-speed random access memory, and may also include a nonvolatile memory, such as at least one disk storage device, a flash memory device, a universal flash memory (universal flash storage, UFS), and so on. The processor 310 executes various functional applications of the electronic device 300 and data processing by executing instructions stored in the internal memory 321 and/or instructions stored in the memory provided in the processor.

The electronic device 300 may implement audio functions through an audio module 370, a speaker 370A, a receiver 370B, a microphone 370C, a headphone interface 370D, and an application processor. For example, music playback, recording, etc.

The audio module 370 is used to convert digital audio information into analog audio signal output, and also used to convert analog audio input into digital audio signal. The audio module 370 can also be used to encode and decode audio signals. In some embodiments, the audio module 370 may be disposed in the processor 310, or a part of the functional modules of the audio module 370 may be disposed in the processor 310.

The speaker 370A, also called "speaker", is used to convert audio electrical signals into sound signals. The electronic device 300 can listen to music through the speaker 370A, or listen to a hands-free call.

The receiver 370B, also known as "handset", is used to convert audio electrical signals into sound signals. When the electronic device 300 answers a call or a voice message, it can answer the voice by bringing the receiver 370B close to the ear.

The microphone 370C, also called "microphone", "microphone", is used to convert sound signals into electrical signals. When making a call or sending a voice message, the user can make a sound by approaching the microphone 370C through the person's mouth, and input the sound signal to the microphone 370C. The electronic device 300 may be provided with at least one microphone 370C. In other embodiments, the electronic device 300 may be provided with two microphones 370C. In addition to collecting sound signals, it may also achieve a noise reduction function. In other embodiments, the electronic device 300 may also be provided with three, four, or more microphones 370C to collect sound signals, reduce noise, identify sound sources, and implement directional recording functions.

The headset interface 370D is used to connect wired headsets. The headphone jack 370D may be a USB jack 330, or a 3.5mm open mobile electronic device (open terminal) platform (OMTP) standard interface, and the American Telecommunications Industry Association (cellular telecommunications industry association of the United States, CTIA) standard interface.

The pressure sensor 380A is used to sense the pressure signal and can convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 380A may be disposed on the display screen 394. There are many types of pressure sensors 380A, such as resistive pressure sensors, inductive pressure sensors, and capacitive pressure sensors. The capacitive pressure sensor may be a parallel plate including at least two conductive materials. When force is applied to the pressure sensor 380A, the capacitance between the electrodes changes. The electronic device 300 determines the intensity of the pressure according to the change in capacitance. When a touch operation is applied to the display screen 394, the electronic device 300 detects the intensity of the touch operation according to the pressure sensor 380A. The electronic device 300 may also calculate the touched position based on the detection signal of the pressure sensor 380A. In some embodiments, touch operations that act on the same touch position but have different touch operation intensities may correspond to different operation instructions. For example, when a touch operation with a touch operation intensity less than the first pressure threshold acts on the short message application icon, an instruction to view the short message is executed. When a touch operation with a touch operation intensity greater than or equal to the first pressure threshold acts on the short message application icon, an instruction to create a new short message is executed.

The gyro sensor 380B may be used to determine the movement posture of the electronic device 300. In some embodiments, the angular velocity of the electronic device 300 around three axes (ie, x, y, and z axes) may be determined by the gyro sensor 380B. The gyro sensor 380B can be used for image stabilization. Exemplarily, when the shutter is pressed, the gyro sensor 380B detects the shaking angle of the electronic device 300, calculates the distance that the lens module needs to compensate based on the angle, and allows the lens to cancel the shaking of the electronic device 300 through reverse movement to achieve anti-shake. The gyro sensor 380B can also be used for navigation and somatosensory game scenes.

Air pressure sensor 380C is used to measure air pressure. In some embodiments, the electronic device 300 calculates the altitude using the air pressure value measured by the air pressure sensor 380C to assist positioning and navigation.

The magnetic sensor 380D includes a Hall sensor. The electronic device 300 can detect the opening and closing of the flip holster using the magnetic sensor 380D. In some embodiments, when the electronic device 300 is a clamshell machine, the electronic device 300 may detect the opening and closing of the clamshell according to the magnetic sensor 380D. Furthermore, according to the detected opening and closing state of the holster or the opening and closing state of the flip cover, characteristics such as automatic unlocking of the flip cover are set.

The acceleration sensor 380E can detect the magnitude of acceleration of the electronic device 300 in various directions (generally three axes). When the electronic device 300 is stationary, the magnitude and direction of gravity can be detected. It can also be used to recognize the posture of electronic devices, and can be used in horizontal and vertical screen switching, pedometer and other applications.

The distance sensor 380F is used to measure the distance. The electronic device 300 can measure the distance by infrared or laser. In some embodiments, when shooting scenes, the electronic device 300 may use the distance sensor 380F to measure distance to achieve fast focusing.

The proximity light sensor 380G may include, for example, a light emitting diode (LED) and a light detector, such as a photodiode. The light emitting diode may be an infrared light emitting diode. The electronic device 300 emits infrared light outward through the light emitting diode. The electronic device 300 uses a photodiode to detect infrared reflected light from nearby objects. When sufficient reflected light is detected, it may be determined that there is an object near the electronic device 300. When insufficient reflected light is detected, the electronic device 300 may determine that there is no object near the electronic device 300. The electronic device 300 can use the proximity light sensor 380G to detect that the user holds the electronic device 300 close to the ear to talk, so as to automatically turn off the screen to save power. Proximity light sensor 380G can also be used in leather case mode, pocket mode automatically unlocks and locks the screen.

The ambient light sensor 380L is used to sense the brightness of ambient light. The electronic device 300 can adaptively adjust the brightness of the display screen 394 according to the perceived brightness of the ambient light. The ambient light sensor 380L can also be used to automatically adjust the white balance when taking pictures. The ambient light sensor 380L can also cooperate with the proximity light sensor 380G to detect whether the electronic device 300 is in a pocket to prevent accidental touch.

The fingerprint sensor 380H is used to collect fingerprints. The electronic device 300 may use the collected fingerprint characteristics to unlock the fingerprint, access the application lock, take a picture of the fingerprint, answer the call with the fingerprint, and so on.

The temperature sensor 380J is used to detect the temperature. In some embodiments, the electronic device 300 uses the temperature detected by the temperature sensor 380J to execute a temperature processing strategy. For example, when the temperature reported by the temperature sensor 380J exceeds a threshold, the electronic device 300 performs to reduce the performance of the processor located near the temperature sensor 380J in order to reduce power consumption and implement thermal protection. In some other embodiments, when the temperature is below another threshold, the electronic device 300 heats the battery 342 to avoid the abnormal shutdown of the electronic device 300 due to the low temperature. In some other embodiments, when the temperature is below another threshold, the electronic device 300 performs boosting on the output voltage of the battery 342 to avoid abnormal shutdown due to low temperature.

Touch sensor 380K, also known as "touch panel". The touch sensor 380K may be disposed on the display screen 394, and the touch sensor 380K and the display screen 394 constitute a touch screen, also called a "touch screen". The touch sensor 380K is used to detect a touch operation acting on or near it. The touch sensor can pass the detected touch operation to the application processor to determine the type of touch event. The visual output related to the touch operation may be provided through the display screen 394. In other embodiments, the touch sensor 380K may also be disposed on the surface of the electronic device 300, which is different from the location where the display screen 394 is located.

The bone conduction sensor 380M can acquire vibration signals. In some embodiments, the bone conduction sensor 380M can acquire the vibration signal of the vibrating bone mass of the human voice. The bone conduction sensor 380M can also contact the pulse of the human body and receive the blood pressure beating signal. In some embodiments, the bone conduction sensor 380M may also be disposed in the earphone and combined into a bone conduction earphone. The audio module 370 may parse out the voice signal based on the vibration signal of the vibrating bone block of the voice part acquired by the bone conduction sensor 380M to realize the voice function. The application processor may analyze the heart rate information based on the blood pressure beating signal acquired by the bone conduction sensor 380M to implement the heart rate detection function.

The key 390 includes a power-on key, a volume key, and the like. The key 390 may be a mechanical key. It can also be a touch button. The electronic device 300 can receive key input and generate key signal input related to user settings and function control of the electronic device 300.

The motor 391 can generate a vibration prompt. The motor 391 can be used for vibration notification of incoming calls and can also be used for touch vibration feedback. For example, touch operations applied to different applications (such as taking pictures, audio playback, etc.) may correspond to different vibration feedback effects. For the touch operation in different areas of the display screen 394, the motor 391 can also correspond to different vibration feedback effects. Different application scenarios (for example: time reminder, receiving information, alarm clock, game, etc.) can also correspond to different vibration feedback effects. Touch vibration feedback effect can also support customization.

The indicator 392 can be an indicator light, which can be used to indicate the charging state, the power change, and can also be used to indicate messages, missed calls, notifications, and the like.

The SIM card interface 395 is used to connect a SIM card. The SIM card can be inserted into or removed from the SIM card interface 395 to achieve contact and separation with the electronic device 300. The electronic device 300 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1. The SIM card interface 395 can support Nano SIM cards, Micro SIM cards, SIM cards, etc. The same SIM card interface 395 can insert multiple cards at the same time. The types of the multiple cards may be the same or different. The SIM card interface 395 can also be compatible with different types of SIM cards. The SIM card interface 395 can also be compatible with external memory cards. The electronic device 300 interacts with the network through a SIM card to realize functions such as call and data communication. In some embodiments, the electronic device 300 uses eSIM, that is, an embedded SIM card. The eSIM card can be embedded in the electronic device 300 and cannot be separated from the electronic device 300.

In the embodiment of the present application, the processor 310 may execute the program instructions stored in the memory 340 to implement the method executed by the terminal device in the following embodiments.

The network access permission electronic mark or network access permission information is a quality mark set on the terminal device that has obtained the network access permission. The terminal equipment can use the authenticity query function of the authenticity verification system provided by the network access license management organization to query and verify all network access permission information. FIG. 4A shows a schematic architecture diagram of a terminal device authenticity verification system 400 according to various examples.

Referring to FIG. 4A, the terminal device authenticity verification system 400 may include an authenticity query client 408 executed on the terminal device 402 and an authenticity verification server 404. The authenticity query client side portion 408 may communicate with the authenticity verification server 404 through one or more networks 406. The authenticity query client 402 may provide client-side functions, such as providing an authenticity query interface, receiving user query input, sending authenticity query requests, displaying authenticity query results, and so on. The authenticity query client 402 may save the IP address of the authenticity verification server 404 to establish a communication connection with the authenticity verification server 404. In some embodiments, the authenticity query client 402 can also save the authenticity query authenticity query server 404 URL, access the authenticity verification server 404 URL through a browser, and query the authenticity through the domain name system DNS (Domain Name System) The IP address corresponding to the web address of the verification server 404 to establish a communication connection with the authenticity verification server 404. The authenticity verification server 404 may provide server-side functions for authenticity query clients 408 from multiple terminal devices.

In some examples, the terminal device 402 can also communicate with the authenticity verification server 404 via the second terminal device 410. The second terminal device 410 may be similar to or the same as the terminal device 402. For example, the second terminal device 410 may be an electronic device 300 similar to that described in FIG. 3 above. The second terminal device 410 can save the address of the authenticity verification server 404, and the second terminal device 410 can also obtain the IP address of the authenticity verification server 404 from the terminal device 402 to establish a communication connection with the authenticity verification server 404. In some embodiments, the second terminal device 410 may save the authenticity query URL corresponding to the authenticity verification server 404. Of course, the second terminal device 410 can also obtain the authenticity query URL corresponding to the authenticity verification server 404 from the terminal device 402, and query the IP corresponding to the authenticity query URL corresponding to the authenticity verification server 404 through the domain name system DNS (Domain Name System) Address to establish a communication connection with the authenticity verification server 404. The second terminal device 410 queries the authenticity of the terminal device 402 by accessing the authenticity verification server 404. The terminal device 402 may be configured to communicate with the second terminal device 410 via a direct communication connection (such as Bluetooth, Near Field Communication (NFC), etc.) or via a wired or wireless network (such as a wireless fidelity (Wi-Fi) network). . In some examples, the second terminal device 410 may be configured to act as a proxy between the terminal device 402 and the authenticity verification server 404. For example, the authenticity query client 408 of the terminal device 108 may be configured to transmit information (eg, the authenticity query request received at the terminal device 402) to the authenticity verification server 404 via the second terminal device 408. The authenticity verification server 404 can process the information and return related data (for example, the query result in response to the user authenticity query request) to the terminal device 402 via the second terminal device 410.

In some examples, the terminal device 402 may display network access permission information (or network access permission electronic signs), and the network access permission information may be presented through any one of the following items: Quick Response Matrix Code (Quick Response Code, QR Code) , 2D barcode, 1D barcode or serial number. The second terminal device 410 scans the QR code, two-dimensional barcode, or one-dimensional bar code provided by the terminal device 402 through the camera to obtain network access permission information, and uses the network access permission information to generate a complete authenticity query request and transmits it to the authenticity verification server 404 . The system architecture shown in FIG. 4A can advantageously query the authenticity of the terminal device 402 by using the second terminal device 410 (eg, mobile phone, laptop computer, tablet computer, etc.). If the terminal device 402 is a device newly purchased by the user and temporarily cannot access the network, but the second terminal device 410 stores the IP address of the authenticity verification server 404, a communication connection with the authenticity verification server 404 can be established. The user can then send the network entry permission information of the terminal device 402 to the authenticity verification server 404 through the second terminal device 410 and query the authenticity of the terminal device 402.

In some implementations, refer to FIG. 4B for the presentation form of the network access permission information. FIG. 4B shows three presentation forms of network access permission information. The terminal device 402 may use any presentation form to display the network access permission information. Among them, 420 represents the network access permission information presented only by the quick response matrix code. The network response permission information can be recorded in the quick response matrix code 420, and of course, the URL of the authenticity query website (for example, https://www .tenaa.com.cn). In some embodiments, when the user uses the second terminal device to scan the authenticity query QR code displayed on the screen of the terminal device, the user can automatically access the authenticity query website to query the authenticity of the terminal device and receive the authenticity query result. In 422, in addition to the network access permission information described in the quick response matrix code, corresponding text that records the network access permission information is displayed (for example, the text shown in 422 includes the network access permission number "02-5043- "163526", equipment model "MHA-AL00", equipment product serial number SN "A123456789012345", scrambling code "9YP24PAA2C152TA" and authenticity query website "https:\\www.tenaa.com.cn"). In 424, in addition to the network entry permission information described in the quick response matrix code, the corresponding text that records the network entry permission information is displayed (for example, the text shown in 426 includes the network entry permission number "02-5043- 163526”, device model “MHA-AL00”, scrambling code “9YP24PAA2C152TA” and authenticity query website “https:\\www.tenaa.com.cn”), and the serial number of the terminal device shown by barcode 428 (“A123456789012345 "). Among them, the serial number of the terminal equipment product can be IMEI or MEID.

In some embodiments, the error correction level of the QR code of the network access permission information is at least L level, and the size of the QR code is 80 pixels×80 pixels or more. If the QR code is printed out, the error correction level of the QR code of the network access permission information is at least Q level. This will ensure the accuracy of the QR code scanning.

The authenticity verification server 404 can query the license information database to verify whether the terminal device is true. In some implementations, the authenticity verification server 404 may be the network entry license management server 102 in FIG. 1, which stores the network entry permission information corresponding to each terminal device (for example, the network entry permission information and the terminal device are saved Product serial number one-to-one correspondence table). In other implementations, the authenticity verification server 404 may establish a communication connection with the network entry license management server 102 in FIG. 1, and then access the network entry permission information database of the network entry license management server. In this way, the authenticity verification server 404 verifies whether the terminal device is true by querying whether the network access permission information corresponding to the terminal device exists in the network access permission information database. If there is network access permission information corresponding to it, the terminal device is legal; If there is no corresponding network access permission information, it means that the terminal device is illegal (or forged).

Although only two terminal devices 402 and 410 are shown in FIG. 4A, it should be understood that the system 400 may include any number and type of terminal devices configured to communicate with the authenticity verification server 404.

Users generally check the authenticity of products when purchasing new terminal equipment, and the query rate of paper network access permission signs is low. There are two reasons. One is that the user needs to manually enter the network access license number, which is inconvenient to query; the second is that the network access permission label affixed to the telecommunications equipment that has obtained the network access permission is easy to be dropped by the user. When it was false, it was found that the permission to enter the network had been discarded. Therefore, there is a need for a new method for inquiring the authenticity of terminal devices in an out-of-box experience (OOBE). According to some embodiments of the present application, when the terminal device is powered on for the first time after unpacking the terminal device or after the terminal device system is reset, the operating system setup wizard of the computing device (for example, Android/iOS setup wizard) is started, and the Check the authenticity of the terminal device during the system setup wizard. The operating system setup wizard will go through the standard operating system setup process, which may include steps such as setting the operating system language, downloading operating system updates and bug fixes, and requesting the user to enter a WiFi password to set up the network. The operating system setup wizard will provide the authenticity query interface, and the user can query the authenticity of the terminal device through the authenticity query interface.

FIG. 5 shows an exemplary process diagram 500 for querying the authenticity of a terminal device using an operating system setup wizard at the terminal device. The process diagram 500 starts when the operating system setup wizard 502 is started, for example, when the terminal device is unpacked for the first time and the terminal device is powered on or after a system reset, the operating system setup wizard (boot wizard) 502 starts setting up the operating system. The operating system setup wizard 502 will display language selection, WLAN settings, password/fingerprint settings, or other customized interfaces. In FIG. 5, the operating system setting wizard 502 first presents a manufacturer-specific welcome interface in step 504. For example, the manufacturer-specific welcome interface may include presenting the manufacturer's logo and the words "welcome" on the screen. The vendor-specific welcome interface may also include a prompt for any information that the vendor gives the user, such as confirmation of the user's service plan.

The operating system setup wizard 502 next presents a WLAN setup interface at step 506, requiring the user equipment to connect to Wi-Fi. If the user sees the name of the router, they can click the name of the router on the Wi-Fi connection interface of the terminal device, enter the Wi-Fi password of the router, and then click Connect to connect to the Wi-Fi network, so that they can connect to the Wi-Fi network. -Check the authenticity of the device after the Fi network or perform the download operation. If the user chooses to skip the step 506 of connecting to Wi-Fi, the user device needs to connect to the mobile network to check the authenticity of the device or download software updates, which may consume a lot of mobile data.

The operating system setup wizard 502 next presents a authenticity query interface at step 508. The authenticity query interface can display network access permission information and provide authenticity query interactive elements (for example, authenticity query buttons, etc.) for users to query the authenticity of the device.

Next, the operating system setup wizard 502 will provide a user account addition interface in step 510, requesting to add a user account, for example, a user name and password for cloud storage. If the user has an account, type the account name and password, and then click Next. If the user does not have an account, you can click to create a new account and fill in the relevant account information.

The operating system setup wizard 502 next provides a fingerprint scanning entry interface in step 512, which can provide a high degree of security for the terminal device. If the user wants to use it, click Set Fingerprint to start the fingerprint entry process. The user can also add multiple fingerprints.

Those skilled in the art can understand that in addition to the aforementioned manufacturer welcome interface, WLAN setting interface, authenticity query interface, user account addition interface, fingerprint scan entry interface, the operating system setup wizard 502 can present more than the illustration or There are fewer interfaces or processes, which are not limited in the embodiments of the present application. Moreover, the manufacturer welcome interface, WLAN setting interface, authenticity query interface, user account addition interface, fingerprint scan entry interface can be presented according to any predetermined order, and FIG. 5 shows only one situation. In some cases, the authenticity query interface may be displayed after the manufacturer's welcome interface. Moreover, the user can select the back button to return to the previous interface for operation, for example, the user can return to the WLAN setting interface from the authenticity query interface.

FIG. 6A shows a user interface 600 for authenticity query according to FIG. 5. A similar user interface can be implemented on the electronic device 300 in FIG. 3. As shown in FIG. 6A, in some embodiments, the user interface 600 includes the following elements or a subset thereof: a network access permission information QR code 602 (the QR code in the figure contains the letters "NAL", representing the acronym for Network Access License ); network access license number 604; application unit 606 (A terminal equipment manufacturer); device name 608; device model 610; authenticity query button 612.

It should be noted that the information of the authenticity query interface shown in FIG. 6A is only exemplary. For example, in some embodiments, the user interface 600 may further include other elements, for example, a scrambling code or a terminal equipment serial number (the terminal equipment serial number includes IMEI, MEID, or product serial number SN (Serial Numbers)).

In some embodiments, the user interface 600 may only display the network access permission QR code 602. The QR code 602 may be encoded by one or any combination of the following items: network access license number, terminal device model, interference Code, IMEI, MEID, product serial number, authenticity query URL, international mobile terminal equipment identification code (IMEI), mobile terminal equipment identification code (MEID), network access license application unit, terminal equipment name, network access certificate Validity period or issuance date. The user scans the two-dimensional code 602 using a second terminal device (for example, the second terminal device 410 in FIG. 4A). The second terminal device decodes the two-dimensional code to obtain the network access permission information encoded in the two-dimensional code, such as the network access license number, terminal device model, scrambling code, IMEI, MEID, international mobile terminal equipment identification code (IMEI), mobile At least one piece of information from a terminal device identification code (MEID), a network access license application unit, a terminal device name, a network access certificate certificate validity period, or a date of issuance. The second terminal device may use its stored IP address of the authenticity verification server to establish a communication connection with the authenticity verification server 404, and will parse out the network access permission information (for example, network access license number, device model, and such as Scrambling code and other information) is sent to the authenticity verification server (for example, the authenticity verification server 404 in FIG. 4). The user can use the camera on the second terminal device to scan the QR code of the authenticity query displayed on the screen of the terminal device, for example, the user can open the website or the mobile application of the authenticity query (for example, the authenticity query in FIG. 4A Client 408) to activate the camera to scan the QR code. The second terminal device can install the QR code reading software to capture and decode the captured QR code, for example, the second terminal device displays a QR code scanning interface, and prompts the user to point the second terminal device to the QR code displayed on the terminal device screen . The decoded network entry permission information can be sent to the authenticity verification server to obtain the authenticity of the terminal device. The second terminal device may also encrypt the network entry permission information and send the encrypted network entry permission information to the authenticity verification server through the network 406 in FIG. 4A, thereby improving the security of communication transmission. The authenticity verification server can call the license information database to verify whether the device is authentic.

In some embodiments, the two-dimensional code 602 records the URL of the authenticity query website (for example, https://www.tenaa.com.cn). In some embodiments, when the user uses the second terminal device to scan the authenticity query QR code displayed on the screen of the terminal device, the user can automatically access the authenticity query website to query the authenticity of the terminal device and receive the authenticity query result. In other embodiments, when the user uses the second terminal device to scan the authenticity query QR code displayed on the screen of the terminal device, the authenticity query website can be automatically opened, and the user can enter the network access permission information on the website ( For example, license number, device model, scrambling code, etc.) to check the authenticity of the terminal device.

In some embodiments, the user interface 600 may not include the network access permission information QR code 602 (for example, the screen resolution of the terminal device cannot support displaying the complete network access permission information QR code). In this case, you can display one or any combination of the following items in text: network access license number, terminal device model, scrambling code, IMEI, MEID, international mobile terminal equipment identification code (IMEI), mobile terminal equipment identification Code (MEID), network access license application unit, terminal device name, network access license certificate validity period or issuance date. In some embodiments, after the user clicks the authenticity query button 612, the terminal device establishes a connection with the authenticity verification server using the stored authenticity verification server address (or accesses the authenticity verification server through the stored authenticity verification website URL ), and then send the authenticity query request (the authenticity query request can include any one of the following parameters or any combination of network access license number, terminal device model, scrambling code, international mobile terminal equipment identification code (IMEI), mobile terminal Equipment identification code (MEID), network access license application unit, terminal device name, network access certificate certificate validity period or issuance date) to the authenticity verification server, and then obtain the authenticity of the terminal device, and in the user interface of the terminal device Present the authenticity query results. In some embodiments, the terminal device may use the POST request method of the HTTP protocol to submit the network access permission information to the authenticity query server. The terminal device can use the "JSON" structure to transmit network access permission information. For example, the authenticity query request represented by the "JSON" structure is as follows:

{"BizCode":"VLD",

"L":"02-5043-163526",

"M":"MHA-AL00",

"R":"9YP24PAA2C152TA",

"C":"861234567890123,A0FFFFFF000000F"}

Among them, "BizCode" stands for business identification, the default value is "VLD", "L" stands for network access license number, "M" stands for device model, "R" stands for the scrambling code of the terminal device, "C" stands for the terminal The serial number of the device, if there are multiple serial numbers (such as the serial numbers "861234567890123" and "A0FFFFFF000000F" shown above), the serial numbers are separated by commas.

The query results returned by the authenticity verification server can also be transmitted using the "JSON" structure. For example, the authenticity query result represented by the "JSON" structure is as follows:

{"RspCode":"0000",

"Result":"The logo information you are querying is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/cdma2000/CDMA 1X/GSM standard."}

Among them, "RspCode" represents the processing result identifier returned by the authenticity verification server, 0000 represents success, and 0001 represents failure. "Result" stands for query result information (for example, the "Your query flag information shown above is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/cdma2000/CDMA 1X/ GSM standard."). The query result information includes the authenticity information of the device's network access permission electronic sign and the network standard supported by the device. Figure 6B shows an example page of the authenticity query result, which contains the query result "The logo information you query is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/cdma2000 /CDMA 1X/GSM system".

In some embodiments, the user can also click on the authenticity query button 612. The terminal equipment uses network access permission information (for example, network access license number, terminal device model, scrambling code, international mobile terminal equipment identification code (IMEI), mobile terminal equipment identification code (MEID), network access license application unit, At least one piece of information in the name of the terminal device, the validity period of the network access license certificate, or the date of issuance) is spliced into the authenticity query link, and the authenticity query page corresponding to the authenticity query link can be displayed by accessing the authenticity query link, Then obtain the authenticity of the terminal device.

An exemplary embodiment is that after the user clicks the authenticity query button 612, the terminal device automatically obtains a network access license number (SN), device model (MODEL), scrambling code (SCRAMBLE), and terminal device serial number (for example, an international mobile terminal One or any combination of equipment identification codes (IMEI), and the above information is spliced into a uniform resource locator (URL) for authenticity query. For example, the network access license number of the terminal device is 02-5043-163526, the device model is MHA-AL00, the scrambling code is 9YP24PAA2C152TA, the IMEI is A123456789012345, and the concatenated uniform resource locator (URL) is:

http://www.tenaa.com.cn/WSFW/FlagValidate_test.aspx? SN＝02-5043-163526&MODEL＝MHA-AL00&SCRAMBLE＝9YP24PAA2C152TA&IMEI＝A123456789012345

It can be seen that the network access license number (SN), device model (MODEL), scrambling code (SCRAMBLE), and IMEI are spliced to form a uniform resource locator (URL) for authenticity query. In response to the touch event of the authenticity query request button 612, the terminal device automatically opens a browser application and accesses the above URL. Examples of the browser include Internet Explorer, Mozilla, FireFox, Netscape, Chrome, and so on. The authenticity verification server of the Ministry of Industry and Information Technology automatically parses the above four parameters (SN, MODEL, SCRAMBLE, IMEI) and returns the authenticity query page when receiving the user's browser to access with the above link. As shown in FIG. 7, after the terminal device opens a browser to access the above URL, the terminal device displays a page 700 for querying the authenticity information of the telecommunications device access network management. The four parameters (SN, MODEL, SCRAMBLE, IMEI) appear in the corresponding query boxes (702, 704, 706, 708) respectively, and the user clicks the verification button 710 to perform the inspection. The display interface of the inspection result is similar to Figure 6B. For example, the page contains the query result "The logo information you query is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/cdma2000/ CDMA 1X/GSM system". .

The above mainly describes a method for querying the authenticity of a terminal device in an out-of-box experience (OOBE). In addition to the need for authenticity verification when the user first turns on the computer, there is also a need for authenticity query during daily use. 8A-8D illustrate an exemplary user interface for authenticity query on a terminal device according to other embodiments. The user interface shown in FIGS. 8A-8D may be implemented on the electronic device 300 in FIG. 3.

Referring to FIG. 8A, a user clicks a setting icon 802 in FIG. 8A to enter a setting interface, and the setting interface includes basic adjustment and function switches including various attributes of the terminal device. Setting is the most convenient entry point for users to customize electronic devices (for example, mobile phones) according to their personal preferences, and it is also one of the most frequently used modules in daily life.

The setting interface includes wireless and network (mainly responsible for WLAN management, mobile network management and SIM card management, etc.), users and accounts (responsible for managing accounts and synchronization, cloud services, etc.), display, storage, battery, system (including system updates, about Mobile phone, language, input method, etc.), the user clicks the system to enter the system information interface shown in FIG. 8B, and then clicks the About mobile phone 804 button in FIG. 8B to enter the About mobile phone interface shown in FIG. 8C. In the network permission option 806, the user clicks the network permission option 806 to enter the authenticity query page shown in FIG. 8D. Similar to FIG. 6A, the user interface shown in FIG. 8D includes the following elements or a subset thereof: QR code 808 for network access permission information, network access license number 810, application unit 812, device name 814, device model 816, authenticity Query button 818. The user can also click the query authenticity button 818 on the page shown in FIG. 8D to check the authenticity of the terminal device. The specific method is similar to that shown in FIGS. 6A, 6B, and 7, and refer to FIGS. 6A, 6B, and 7 and the corresponding Methods. For example, the user scans the two-dimensional code 808 using a second terminal device (eg, the second terminal device 410 in FIG. 4A). The second terminal device decodes the two-dimensional code to obtain the network access license number encoded in the two-dimensional code, the device model, and at least one type of information such as a scrambling code, application unit, or device name. The second terminal device may send the parsed network access permission information (for example, network access license number, device model, and information such as scrambling code) to the authenticity verification server (for example, server 404 in FIG. 4A) to obtain Authenticity verification results. For another example, the user clicks the authenticity query button 818 and enters the authenticity query webpage similar to that shown in FIG. 7, and then queries the authenticity of the terminal device.

Of course, in some embodiments, special program software installed on the terminal device (for example, program software provided by the Ministry of Industry and Information Technology) can also be used to view the network access permission information and verify the authenticity of the terminal device.

FIG. 9 shows a flowchart 900 of an exemplary method for querying the authenticity of a terminal device. For example, when the user starts the terminal device for the first time, resets the terminal device system, or the user enters the authenticity query function entry through the setting icon, the process 900 may be started.

As shown in FIG. 9, the process 900 starts at step 910, and automatically reads network access permission information. Network access permission information includes one or any combination of the following: network access license number, terminal device model, scrambling code, international mobile terminal equipment identification code (IMEI), mobile terminal equipment identification code (MEID), network access license The certificate application unit, the name of the terminal equipment, the validity period of the network access license certificate or the date of issuance.

In some embodiments, the network access permission information is stored in the non-volatile memory of the terminal device. In this way, when the terminal device is turned on for the first time, it can automatically read the stored network access permission information and present the network access permission information through the interface shown in FIG. 6A.

In some embodiments, the terminal device receives the user's first touch input. In response to the first touch input, the network access permission information is automatically read. For example, after receiving the first touch input of the user selecting the network access permission option 806 in the user interface shown in FIG. 8C, the network access permission information is acquired and the corresponding network access permission information as shown in FIG. 8D is displayed. Of course, input methods other than touch input may also be used, for example, it may include other types of gesture input, such as 3D gestures or gesture input related to movement of the terminal device.

In step 920, a first user interface is displayed, and the first interface includes the network access permission information (or network access permission electronic sign).

Specifically, in some embodiments, after the terminal device is started for the first time and the terminal device system is reset, the terminal device executes an operating system setting wizard. For example, the operating system setting wizard 502 shown in FIG. 5 displays the WLAN setting interface in step 506, and obtains the user’s first touch input on the WLAN setting interface (for example, clicking on the WLAN setting interface such as "Next" or "Skip" "Button), the first user interface (for example, the authenticity query interface) is displayed. In some other embodiments, the user enters the setting interface similar to that shown in FIG. 8 through the setting icon, and then step by step enters the mobile phone interface shown in FIG. 8C to obtain the user’s first touch input on the mobile phone interface (for example, the user After clicking the network access permission option 806 shown in FIG. 8C), the first user interface (for example, the authenticity query interface shown in FIG. 8D) is displayed.

In some embodiments, the first user interface further includes authenticity query interaction elements. The first interface can also display the terminal equipment international mobile terminal equipment identification code (IMEI), mobile terminal equipment identification code (MEID), network access license application unit, terminal equipment name, network access certificate certificate validity period or issuance date in the first interface And other information. The authenticity query interaction element may be the authenticity query button 612 in FIG. 6A or the authenticity query button 818 in FIG. 8D.

In some embodiments, the network access permission information may be recorded in the quick response matrix code, or in the form of text or pictures.

In step 930, a first touch input to select an authenticity query interactive element is received. In some embodiments, the first touch input obtained by the user selecting the authenticity query button 612 in FIG. 6A or the authenticity query button 818 in FIG. 8D (for example, clicking the authenticity query button 612 in FIG. 6A or in FIG. 8D The authenticity query button 818).

In step 940, in response to the above-mentioned first touch input, an authenticity query request is sent to the authenticity query request server, where the authenticity query request contains the network access permission information. In some embodiments, the authenticity query request (eg, HTTP GET request) may be sent to the authenticity query request server through the browser. For example, the user selects the first touch input of the authenticity query button 612 in FIG. 6A or the authenticity query button 818 in FIG. 8D (eg, clicks the authenticity query button 612 in FIG. 6A or the authenticity query button in FIG. 8D 818), the terminal device uses the network access permission information (for example, at least one item of network access license number, device model, scrambling code, or terminal device serial number) to splice into a true and false query link (for example, a uniform resource locator (URL)), accessing the authenticity query link through a web browser can display the authenticity query page corresponding to the authenticity query link (for example, the authenticity query page shown in FIG. 7), and obtain the authenticity of the user Click the input of the authenticity query button on the query page (for example, the user clicks the verification button 710 in FIG. 7), and send the authenticity query request to the authenticity verification server.

In other embodiments, in response to the user selecting the first touch input of the authenticity query button 612 in FIG. 6A or the authenticity query button 818 in FIG. 8D (eg, clicking the authenticity query button 612 or the image in FIG. 6A The authenticity query button 818 in 8D) can send authenticity query requests to the authenticity verification server without calling the browser (for example, the terminal device stores the network address of the authenticity verification server through one or more networks in FIG. 4A 406 sends the authenticity query request to the authenticity verification server 404), and receives the query result from the authenticity verification server.

In step 950, the authenticity inquiry result corresponding to the above network access permission information is received from the authenticity inquiry request server. The authenticity verification server processes the authenticity query request, obtains network access permission information from the authenticity query request, and queries the license information database to verify the authenticity of the terminal device.

At step 960, the authenticity query result is displayed.

Through the method of the embodiment of the present application, the user can intuitively see the network access permission information of the device through the user interface of the terminal device, and can conveniently query the authenticity of the terminal device through the authenticity query interface. Compared with the previous paper network access permission mark, the authenticity check rate of the terminal device can be improved, and the user can check the authenticity of the terminal device at any time after purchasing the terminal device.

The embodiments of the present application may divide the above-mentioned terminal devices into function modules according to the above method examples. For example, each function module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The above integrated modules can be implemented in the form of hardware or software function modules. It should be noted that the division of the modules in the embodiments of the present application is schematic, and is only a division of logical functions. In actual implementation, there may be another division manner.

In the case where each functional module is divided corresponding to each function, as shown in FIG. 10, an embodiment of the present application provides a terminal device 1000, which includes a first reading unit 1001, a first display unit 1002, and a first receiving unit 1003 , A sending unit 1004, a second receiving unit 1005, and a second display unit 1006. Among them, the relevant actions of these functional modules can be cited in the relevant description of FIG. 9. For example, the first reading unit 1001 is used to perform step 910, the first display unit 1002 is used to perform step 920, the first receiving unit 1003 is used to perform step 930, the sending unit is used to perform step 940, and the second receiving unit 1005 is used To perform step 950, the second display unit 1006 is used to perform step 960.

In the case of using an integrated unit, as shown in FIG. 11, another possible structural schematic diagram of the terminal device involved in the above embodiment is shown, including a processing module 1101, a communication module 1102, and an input/output module 1103和Storagemodule 1104. The terminal device shown in FIG. 11 is used to execute the authenticity verification method of the terminal device as described in the above method embodiment (for example, FIG. 9).

The processing module 1101 is used to control and manage the operation of the terminal device. The communication module 1102 is used to support communication between the terminal device and other network entities. The input/output module 1103 is used to receive information input by the user or output information provided to the user and various menus of the terminal. The storage module 904 is used to save the program code and data of the terminal device.

When the processing module 1101 is a processor (the processor 310 shown in FIG. 3), the communication module 1102 is the mobile communication module 350 or the wireless communication module 360 shown in FIG. 3, and the storage module 1104 is a memory (as shown in FIG. 3) When the input/output module 1103 is a display screen (such as the display screen 394 shown in FIG. 3), the terminal device provided by the present application may be the electronic device 300 shown in FIG. 3. Among them, the above processor, communication module, display screen and memory may be coupled together through a bus.

An embodiment of the present application further provides a terminal device, including a processor and a memory, where the memory is used to store computer program code, and the computer program code includes computer instructions, and when the processor executes the computer instructions, it executes The authenticity verification method of the terminal device described in the above method embodiment (for example, FIG. 9).

An embodiment of the present application also provides a computer storage medium that stores computer program code. When the processor executes the computer program code, the device executes the relevant method steps in FIG. 9 to implement the method in the above embodiment .

An embodiment of the present application also provides a computer program product, which, when the computer program product runs on a computer, causes the computer to execute the relevant method steps in FIG. 9 to implement the method in the foregoing embodiment.

In some cases, a counterfeit terminal produced by a counterfeit terminal manufacturer may also display a user interface similar to that shown in FIG. 6A or FIG. 8D, display forged network access permission information in the user interface, and provide similar authenticity query interaction elements. When the user selects the authenticity query interactive element displayed by the counterfeit terminal, the counterfeit terminal directly displays the query result such as "the logo information you query is true and corresponds to the product serial number". In fact, when the user selects the authenticity query interactive element, the counterfeit terminal does not send the authenticity query request to the authenticity verification server, but directly displays the query result of "the logo information you query is true and corresponds to the product serial number", allowing Users mistakenly believe that the purchase is genuine. In this case, the counterfeit terminal does not have access to the authenticity verification server at all, but simply makes the user mistakenly believe that the purchase is the authentic product through the forged network access permission information and the forged authenticity query result.

In view of the above situation that the fake terminal misleads the consumer, an embodiment of the present application further provides another terminal device authenticity inquiry system.

Referring to FIG. 12, FIG. 12 includes an authenticity verification device 1202 and a terminal device 1204. The authenticity verification device 1202 can detect the authenticity of the terminal device 1204. The authenticity verification device 1202 may be an authenticity detection device provided by the Ministry of Industry and Information Technology or a third-party authentication agency, and may detect the authenticity of the terminal device 1204. If the user suspects that the purchased terminal equipment is a counterfeit product, the terminal equipment can be handed over to a professional testing agency recognized by the Ministry of Industry and Information Technology, and verified by authenticity verification equipment 1202. If the terminal device passes the authenticity verification test, it means that the user purchased genuine products.

The authenticity verification device 1202 and the terminal device 1204 can establish a connection 1212 through a wired method, for example, through a USB Type C or micro USB cable. Of course, the authenticity verification device 1202 and the terminal device 1204 may be connected by other methods (such as a wireless connection or other wired connection methods), which is not limited in this embodiment of the present application.

The authenticity verification device 1202 displays a device manufacturer configuration interface element 1204 and a device model configuration interface element 1208. The device manufacturer configuration interface element 1204 is used to configure the manufacturer of the terminal device to be verified. The user can select the manufacturer of the terminal device (for example, the H manufacturer shown in the figure) through the drop-down button shown at 1210. The device model configuration interface element 1208 is used to configure the model of the terminal device to be verified, and the user can select the model of the terminal device through the drop-down button 1214 (for example, "MHA-AL00" shown in the figure). Of course, the authenticity verification device 1202 may also display other detection parameter configuration interface elements, which are not limited in the embodiments of the present application. After the detection parameters of the equipment manufacturer and device model are configured, the "start verification" button 1216 can receive the selection input of the detection personnel to start the authenticity verification process. If the terminal device 1204 passes the authenticity verification test, the authenticity verification device 1202 may display information such as "The logo information you are querying is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA /cdma2000/CDMA 1X/GSM standard” verification results.

FIG. 13 shows an exemplary authenticity query process diagram for the authenticity system of the terminal device shown in FIG. 12.

In step 1302, the terminal device receives the authenticity query instruction sent by the authenticity verification device; for example, the inspector selects the "start verification" button 1216 shown in FIG. 12, and the authenticity verification device sends the authenticity query instruction to the terminal device to start the authenticity Pseudo verification process.

In step 1304, the terminal device starts an authentication process for the terminal device in response to the authenticity query instruction;

In some embodiments, the authentication of the terminal device is performed between the terminal device and the authenticity verification device based on an asymmetric key encryption algorithm. The terminal device and the authenticity verification device store at least one key pair for authentication (the key pair includes a private key and a public key), for example, the terminal device stores the public key, and the authenticity verification device stores the private key; Or the terminal device stores the private key, and the authenticity verification device stores the public key. If one party uses the public key to encrypt the data, the other party can only decrypt using the corresponding private key; if one party uses the private key to encrypt the data, then the other party can only decrypt using the corresponding public key.

For example, the terminal device uses a private key to encrypt specific data (for example, a random number or a unique identifier of the terminal device), and the authenticity verification device uses a public key to decrypt the data. If the decryption is successful, the terminal device is considered to be authenticated success. After the terminal device is successfully authenticated, the terminal device reads the network access permission information and passes it to the authenticity verification device. The authenticity verification device queries whether the above network access permission information is stored in the network access permission information database, and if it exists, it proves that the terminal device is genuine.

In some embodiments, the authenticity verification device may also obtain a certificate of the terminal device and send the certificate to the CA (Certificate Authorization) management server of the terminal device manufacturer to verify the certificate. If the verification passes, the verification of the terminal device Right to succeed.

In step 1306, after the terminal device is authenticated, the terminal device automatically reads the network access permission information. The network access permission information includes one or any combination of the following items: network access license number, terminal device model, and scrambling code , International Mobile Terminal Equipment Identifier (IMEI), Mobile Terminal Equipment Identifier (MEID), network access license application unit, terminal device name, network access license certificate validity period or issuance date; the terminal device sends the above network access The license information is sent to the authenticity verification device, so that the authenticity verification device obtains the authenticity query result corresponding to the network entry permission information.

In some embodiments, in step 1306, after the terminal device passes the authentication, the terminal device not only sends the network access permission information to the authenticity verification device, but also sends the product serial number of the terminal device (the unique identifier of the terminal device, for example, IMEI, MEID or hardware serial number) to the authenticity verification device. After obtaining the product serial number, the authenticity verification device queries whether the serial number matches the serial number passed by the stored terminal device manufacturer. If it matches, the terminal device is genuine.

FIG. 14 shows another exemplary process diagram 1400 of authenticity verification of a terminal device.

As shown in FIG. 14, the process 1400 starts at step 1402, and the authenticity verification device 1202 sends an authenticity query instruction to the terminal device 1204. For example, the operator of the third-party authentication agency or the Ministry of Industry and Information Technology can start the verification through the “start verification” button 1216 on the operation interface presented by the authenticity verification device 1202 (for example, the operation interface presented by the authenticity verification device 1202 shown in FIG. 12) Pseudo verification process. The operation interface presented by the authenticity verification device 1202 may be configured with terminal device manufacturer information (e.g., manufacturer name) or terminal device model information. The authenticity verification device sends an authenticity inquiry instruction to the terminal device 1204 in response to receiving the input that the operator selects the "start verification" button.

In step 1404, the terminal device 1204 generates a random number in response to the authenticity query instruction; for example, the terminal device 1204 uses a random number generator (Random number generator) to generate random numbers through some random number generation algorithms.

In step 1406, the terminal device 1204 encrypts the random number; the encryption algorithm may be an asymmetric encryption algorithm, such as RSA, ECC (Elliptic Curves Cryptography, Elliptic Curve Cryptography), DSA (Digital Signature Signature Algorithm, digital signature algorithm), etc. . The terminal device 1204 and the authenticity verification device 1202 store at least one key pair for authentication (the key pair includes a private key and a public key), for example, the terminal device 1204 stores the public key, and the authenticity verification device 1202 stores The private key; or the terminal device 1204 stores the private key, and the authenticity verification device 1202 stores the public key. If one party uses the public key to encrypt the data, the other party can only decrypt using the corresponding private key; if one party uses the private key to encrypt the data, then the other party can only decrypt using the corresponding public key. In step 1406, the terminal device 1204 may use the public key (or private key) in the first key pair to perform encryption of the random number. .

In step 1408, the encrypted random number is passed to the authenticity verification device 1202;

In step 1410, the authenticity verification device 1202 decrypts the encrypted random number; when in step 1406, if the terminal device 1204 performs encryption of the random number using the public key in the first key pair, the authenticity verification device 1202 may Use the private key in the saved first key pair to decrypt the encrypted random number.

In step 1412, the authenticity verification device 1202 re-encrypts the decrypted random number; in step 1412, the authenticity verification device 1202 can use the public key (or private key) in the second key pair to perform the random number encryption. In some embodiments, the second key pair may be different from the first key pair.

In step 1414, the authenticity verification device 1202 passes the re-encrypted random number to the terminal device 1202.

In step 1416, the terminal device 1204 decrypts the re-encrypted random number; when in step 1412, if the authenticity verification device 1202 uses the public key in the second key pair to perform random number encryption, the terminal device 1204 The encrypted random number can be decrypted using the private key in the saved second key pair. .

In step 1418, the terminal device compares whether the random number decrypted in step 1416 is the same as the random number generated in step 1404, and if they are the same, step 1420 is performed; if the check fails in step 1418, the terminal device is proved to be an illegal device, and the authenticity check The process is over;

In step 1420, the terminal device returns an authentication success result to the authenticity verification device; steps 1402 to 1420 only show a process of authenticating the terminal device 1204. The authenticity verification device 1202 can perform various authentications on the terminal device 1204 Operation to ensure that the identity of the terminal device 1204 is legal. For example, in some embodiments, the authenticity verification device 1202 may also obtain the certificate of the terminal device after step 1420 and send the certificate to the CA (Certificate Authority) management server of the terminal device manufacturer to verify the certificate. By the description, the authentication of the terminal device 1204 is successful. For example, in step 1422, the authenticity verification device 1202 obtains the device certificate from the terminal device 1204;

In step 1424, the authenticity verification device 1202 verifies whether the above device certificate is legal, where the device certificate is used to prove the identity of the terminal device. The authenticity verification device 1202 may send the certificate to the terminal device manufacturer's CA (Certificate Authorization) management server to verify the certificate; if the device certificate is legal, perform step 1426; if the device certificate is invalid, prove that the terminal device is illegal Equipment, the authenticity verification process ends.

In step 1426, the authenticity verification device 1202 obtains network access permission information from the terminal device 1204, and in step 1428, the authenticity verification device 1202 verifies whether the network access permission information is legal.

If the network access permission information is legal, step 1430 is executed; if the network access permission information is illegal, the authenticity verification process ends. Among them, the authenticity verification device stores the network access permission information of the terminal device, and the authenticity verification device compares the obtained network access permission information with the saved device network access permission information to determine whether the terminal device is legal.

In addition to sending network access permission information to the authenticity verification device, the terminal device can also send the product serial number of the terminal device (the unique identifier of the terminal device, for example, IMEI, MEID, or hardware serial number) to the authenticity verification device at step 1430. After obtaining the serial number of the product, the pseudo verification device queries whether the serial number matches the serial number passed by the stored terminal device manufacturer. If it matches, the terminal device is genuine.

In step 1230, the authenticity verification device obtains the device serial number from the terminal device, and in step 1232, the authenticity verification device verifies the device serial number (the device serial number may be the serial number of the terminal device product (such as the International Mobile Terminal Equipment Identification Code (International Mobile Equipment Identification Identity, IMEI) or Mobile Terminal Equipment Identifier (MEID) is legal. If the device serial number is legal, perform step 1230; if the network access permission information is illegal, the authenticity verification process ends. Among them, the authenticity verification device The device serial number of the terminal device is stored, and the authenticity verification device compares the obtained network access permission information with the saved device serial number to determine whether the terminal device is legal.

The authenticity verification method shown in FIG. 14 verifies the legitimacy of the terminal device through the four authentication methods of random number authentication, device certificate authentication, network access information authentication, and device serial number authentication. Any authentication link If it does not pass, it means that the terminal equipment is illegal, which greatly increases the difficulty of counterfeiting the terminal equipment, thereby protecting the legal rights and interests of terminal equipment manufacturers and consumers. Of course, in some embodiments, any one or a combination of several of the above four authentication methods may be selected to verify the legitimacy of the terminal device.

In the above embodiments, it can be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented using a software program, it may appear in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the processes or functions according to the embodiments of the present application are generated in whole or in part. The computer may be a general-purpose computer, a dedicated computer, a computer network, or other programmable devices. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be from a website site, computer, server or data center Transmission to another website, computer, server or data center via wired (such as coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (such as infrared, wireless, microwave, etc.). The computer-readable storage medium may be any available medium that can be accessed by a computer or a data storage device including a server, a data center, and the like integrated with one or more available media. The usable medium may be a magnetic medium (for example, a floppy disk, a hard disk, a magnetic tape), an optical medium (for example, a DVD), or a semiconductor medium (for example, Solid State Disk (SSD)).

The above is only the specific implementation of this application, but the scope of protection of this application is not limited to this, any change or replacement within the technical scope disclosed in this application should be covered within the scope of protection of this application .

Claims

A method for inquiring about authenticity of terminal equipment, characterized in that it includes:

Automatically read network access permission information, the network access permission information includes one or any combination of the following items: network access license number, terminal device model, scrambling code, international mobile terminal device identification code, mobile terminal device identification code 1. Network access license application unit, terminal equipment name, network access license certificate validity period or issuance date;

Displaying a first user interface, the first user interface including the network access permission information and authenticity query interaction elements;

Receiving a first touch input that selects the authenticity query interactive element;

Responsive to the first touch input, sending a authenticity query request to the authenticity verification server, the authenticity query request including the network access permission information;

Receiving the authenticity query result corresponding to the network access permission information from the authenticity verification server;

The result of the authenticity query is displayed.
The method according to claim 1, wherein the network access permission information is stored in a non-volatile memory of the terminal device.
The method according to claim 1 or 2, wherein the network access permission information displayed on the first user interface is recorded in a quick response matrix code.
The method according to any one of claims 1 to 3, wherein the method further comprises:

The operating system setup wizard is started, wherein the first user interface is presented during the operating system setup wizard.
The method according to any one of claims 1 to 4, wherein the sending the authenticity query request to the authenticity verification server includes:

Generating a uniform resource locator containing the network access permission information;

Access the resource identified by the uniform resource locator in the authenticity verification server through a web browser.
A terminal device includes a memory, one or more processors, multiple application programs, and one or more programs; wherein the one or more programs are stored in the memory; characterized in that the one When the one or more processors execute the one or more programs, the terminal device performs the following steps:

Automatically read network access permission information, the network access permission information includes one or any combination of the following items: network access license number, terminal device model, scrambling code, international mobile terminal device identification code, mobile terminal device identification code 1. Network access license application unit, terminal equipment name, network access license certificate validity period or issuance date;

Displaying a first user interface, the first user interface including the network access permission information and authenticity query interaction elements;

Receiving a first touch input that selects the authenticity query interactive element;

Responsive to the first touch input, sending a authenticity query request to the authenticity verification server, the authenticity query request including the network access permission information;

Receiving the authenticity query result corresponding to the network access permission information from the authenticity verification server;

The result of the authenticity query is displayed.
The terminal device according to claim 6, wherein the network access permission information is stored in a non-volatile memory of the terminal device.
The terminal device according to claim 6 or 7, wherein the network access permission information displayed on the first user interface is recorded in a quick response matrix code.
The terminal device according to any one of claims 6 to 8, wherein when the one or more processors execute the one or more programs, the terminal device further causes the terminal device to perform the following steps:

The operating system setup wizard is started, wherein the first user interface is presented during the operating system setup wizard.
The terminal device according to any one of claims 6 to 9, wherein the sending of the authenticity query request to the authenticity verification server includes:

Generating a uniform resource locator containing the network access permission information;

Access the resource identified by the uniform resource locator in the authenticity verification server through a web browser.
A computer program product containing instructions, characterized in that when the computer program product runs on a terminal device, the terminal device is caused to perform the method according to any one of claims 1-5.
A computer-readable storage medium including instructions, characterized in that when the instructions run on a terminal device, the terminal device is caused to perform the method according to any one of claims 1-5.