WO2021233474A1 - External network identity authentication method, system, device, and storage medium based on internal network connection - Google Patents

External network identity authentication method, system, device, and storage medium based on internal network connection Download PDF

Info

Publication number
WO2021233474A1
WO2021233474A1 PCT/CN2021/101502 CN2021101502W WO2021233474A1 WO 2021233474 A1 WO2021233474 A1 WO 2021233474A1 CN 2021101502 W CN2021101502 W CN 2021101502W WO 2021233474 A1 WO2021233474 A1 WO 2021233474A1
Authority
WO
WIPO (PCT)
Prior art keywords
identity authentication
information
information collection
authentication
identity
Prior art date
Application number
PCT/CN2021/101502
Other languages
French (fr)
Chinese (zh)
Inventor
简伟明
皮爱平
黄飞鹰
梁华贵
陈吉宏
黄伟涛
郑则润
陈秋榕
Original Assignee
巽腾(广东)科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 巽腾(广东)科技有限公司 filed Critical 巽腾(广东)科技有限公司
Publication of WO2021233474A1 publication Critical patent/WO2021233474A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/16Human faces, e.g. facial parts, sketches or expressions
    • G06V40/168Feature extraction; Face representation

Definitions

  • the embodiments of the present application relate to the field of identity authentication technology, and in particular, to an external network identity authentication method, system, device, and storage medium based on an internal network connection.
  • Identity authentication refers to the confirmation of the user's identity through special means. For example, when the user goes to the bank to handle business, the user's identity needs to be authenticated to determine the business handling authority. In the process of identity authentication in industry scenarios such as industry and commerce, taxation, finance, public security law, transportation, etc., due to the particularity of the industry, it has high requirements for information security. Usually its original authentication equipment cannot connect to the external network, resulting in low authentication efficiency, The process is cumbersome, and it is impossible to efficiently realize the identity authentication based on the user's biological characteristics.
  • the embodiment of the present invention provides an external network identity authentication method, system, equipment and storage medium based on internal network connection, which can efficiently realize user identity authentication.
  • an embodiment of the present invention provides an external network identity authentication method based on an internal network connection, and the method includes:
  • the information collection device collects the user's biometric information, and the information collection device accesses the internal system through the internal network;
  • the identity authentication device acquires at least one type of biometric information collected by the information collection device;
  • the identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • the identity authentication device is integrated and installed in the information collection device.
  • the internal system includes a plurality of the information collection devices
  • the identity authentication device is integratedly installed in at least one of the plurality of information collection devices, and the plurality of information collection devices pass through the The internal network communicates
  • the external network identity authentication method based on the internal network connection further includes:
  • an information collection device equipped with the identity authentication device is integrated to receive biometric information sent by other information collection devices, and the information collection device includes at least one biometric information collection device;
  • the identity authentication device acquires at least one type of biometric information collected by the other information collection device.
  • the identity authentication device and the information collection device are connected through a USB data cable.
  • the method further includes:
  • the identity authentication device and the information collection device are connected via Bluetooth.
  • the method further includes:
  • the identity authentication device sends a Bluetooth authentication request to the information collection device
  • the information collection device authenticates the identity authentication device, and if the authentication passes, creates a Bluetooth pairing connection authentication with the identity authentication device.
  • the collection of biometric information of the user by the information collection device includes:
  • the user's face image information is collected by the living body face collection camera device integrated with the information collection equipment.
  • the identity authentication device is connected to the living body face collection and camera device, and correspondingly, the identity authentication device acquiring at least one type of biometric information collected by the information collection device includes:
  • the identity authentication device acquires the standard-compliant living face image information of the user collected by the camera of the living face collection camera.
  • the identity authentication device and the living body face acquisition and camera device are combined into an independent device for integrated installation.
  • the method further includes:
  • sending the at least one kind of biometric information to the identity authentication server by the identity authentication device includes:
  • the sending the face image information to the identity authentication server includes:
  • the original face image in the face image information is sent to the identity authentication server.
  • the method further includes:
  • the identity authentication device obtains the video data shot by the living body face collection and camera device, and records and saves the video data.
  • the method further includes:
  • the identity authentication device transfers the video data to the information collection device.
  • the method further includes:
  • the device identifier of the identity authentication device or the information collection device is sent to the identity authentication server for the identity authentication server to perform identity authentication comparison based on the device identity and the biometric information to generate authentication information.
  • the method further includes:
  • auxiliary authentication information includes one or more of name, ID number, user account, mobile phone number, and location information;
  • the identity authentication server performs identity authentication comparison according to the biological feature information and the auxiliary authentication information to generate authentication information.
  • the method further includes:
  • sending the at least one kind of biometric information to the identity authentication server by the identity authentication device includes:
  • the identity authentication device searches locally whether there is an authentication result corresponding to the biometric information, and if it does not exist, sends the at least one kind of biometric information to the identity authentication server.
  • an embodiment of the present invention also provides an external network identity authentication system based on internal network connection, including:
  • An information collection device for collecting user's biometric information is connected to an internal system through an internal network;
  • Identity authentication device configured to obtain at least one type of biometric information collected by the information collection device, and send the at least one type of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication through an external network server;
  • the identity authentication server is configured to receive the biometric information sent by the identity authentication device, generate authentication information based on the biometric information, and send the authentication information to the identity authentication device;
  • the identity authentication device is further configured to receive authentication information sent by the identity authentication server, and generate an authentication result according to the authentication information.
  • an embodiment of the present invention also provides an identity authentication device, the device includes: one or more processors; a storage device, configured to store one or more programs, when the one or more programs are The one or more processors execute, so that the one or more processors implement:
  • the identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
  • the internal system includes a plurality of the information collection devices, the identity authentication device is integratedly installed in at least one of the plurality of information collection devices, and the plurality of information collection devices pass through the The internal network communicates.
  • the identity authentication device and the information collection device are connected via a USB data cable or via Bluetooth.
  • embodiments of the present invention also provide a storage medium containing computer-executable instructions, which are used to execute when executed by a computer processor:
  • the identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
  • the user's biometric information is collected through an information collection device, which accesses the internal system through an internal network; the identity authentication device obtains at least one type of biometric information collected by the information collection device; The identity authentication device sends the at least one kind of biometric information to the identity authentication server, and the identity authentication device accesses the identity authentication server through an external network; the identity authentication device receives the authentication information sent by the identity authentication server, and according to The authentication information generates an authentication result.
  • the efficiency of user identity authentication is improved, and the authentication process is simplified on the premise of ensuring the safety and reliability of identity authentication.
  • FIG. 1 is a flowchart of an external network identity authentication method based on an internal network connection provided by an embodiment of the present invention
  • FIG. 2 is a flowchart of another method for external network identity authentication based on internal network connection provided by an embodiment of the present invention
  • FIG. 3 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention.
  • FIG. 4 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention.
  • FIG. 5 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention.
  • FIG. 6 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention.
  • FIG. 7 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention.
  • FIG. 8 is a sequence diagram corresponding to the flowchart provided in FIG. 7 according to the embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of an external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • FIG. 10 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • FIG. 11 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • FIG. 12 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • FIG. 13 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • FIG. 14 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • 15 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • 16 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention.
  • FIG. 17 is a schematic structural diagram of an identity authentication device provided by an embodiment of the present invention.
  • FIG. 1 is a flowchart of an external network identity authentication method based on an intranet connection provided by an embodiment of the present invention. This embodiment can be applied to external network identity authentication of an information collection device’s intranet connection.
  • the method can be used by information collection equipment,
  • the implementation of identity authentication equipment includes the following steps:
  • Step S101 The information collection device collects biometric information of the user, and the information collection device accesses the internal system through the internal network.
  • the information collection equipment can be equipment installed in places where identity authentication is required, such as identity authentication terminal equipment in the bank's office hall, integrated terminal equipment in the tax office hall, high-speed rail self-service ticketing terminal equipment, and subway biological Identify gates.
  • the biometric information can be one or more of face information, iris information, sclera information, eye print information, fingerprint information, palm print information, palm vein information, finger vein information, voice print information, and DNA information.
  • a face image is usually selected as the user's biometric information for identity authentication.
  • the information collection device accesses the internal system through the internal network.
  • the internal system can be the internal platform system of the bank, the taxation system of the tax authority, etc., and the ticketing system of the subway and high-speed rail.
  • Each information collection device is connected to its corresponding internal system through the intranet to realize the data information. Internal transmission.
  • the information collection device collects the biometric information of the user through an integrated biometric collector, such as collecting a live face image of the user through a live face collection camera.
  • Step S102 The identity authentication device acquires at least one type of biometric information collected by the information collection device.
  • the identity authentication equipment includes communication modules (such as 4G, 5G, WIFI, wired network modules, etc.), processing modules (such as ARM, DSP, CPU, single-chip processing unit), storage modules, and device interfaces (such as USB, Bluetooth modules) Etc.), the communication module is used to realize the connection of the external network for data communication with the identity authentication server, the processing module is used to perform data processing, the storage module is used to store programs and data information, and the device interface is used to realize the connection of the information collection device data communication.
  • communication modules such as 4G, 5G, WIFI, wired network modules, etc.
  • processing modules such as ARM, DSP, CPU, single-chip processing unit
  • storage modules such as USB, Bluetooth modules
  • Step S103 The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
  • the identity authentication server can be a cloud server device that is set up to compare user biometric information for identity authentication.
  • the identity authentication server of the public security system stores a large amount of user identity information and corresponding information in the identity authentication server.
  • the biometric information is compared with the biometric information sent by the identity authentication device to obtain the authentication information.
  • the identity authentication server obtains the authentication information, the authentication information is correspondingly sent to the corresponding identity authentication device.
  • the identity authentication device is connected to an external network through an internally integrated communication module, such as establishing a wireless communication connection with the identity authentication server through a 5G module, so as to perform data communication with the identity authentication server. Specifically, it includes the identity authentication device sending the biometric information to the identity authentication server, and receiving the authentication information sent by the identity authentication server.
  • Step S104 The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • the identity authentication device After the identity authentication device receives the authentication information sent by the identity authentication server, it generates an authentication result accordingly.
  • the authentication information may be a comparison result of biometric information, such as a similarity value.
  • the authentication result can be identity authentication success/pass, or identity authentication failure. Further, for some application scenarios (such as a bank's personal loan system), when the identity authentication is successful, the authentication result also contains the user's personal information or user account information.
  • the identity authentication device can send the authentication result back to the information collection device, and display it on the integrated display screen of the information collection device.
  • the information collection device is connected to the intranet system by means of an intranet connection, and at least one type of biometric information of the user collected by the information collection device is obtained through the identity authentication device, and connected to the outside via the communication module of the identity authentication device.
  • the network communicates with the identity authentication server to obtain the authentication information and then obtain the authentication result.
  • the external network is used for identity authentication.
  • the information collection device only needs to perform data with the identity authentication device. Transmission ensures the security of information, improves the efficiency of user identity authentication, and simplifies the authentication process on the premise of ensuring the safety and reliability of identity authentication.
  • Fig. 2 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and another method of user identity authentication is provided. As shown in Figure 2, the technical solution is as follows:
  • Step S201 The information collection device collects at least one type of biometric information of the user, and the information collection device accesses the internal system through the internal network.
  • Step S202 The identity authentication device obtains at least one type of biometric information collected by the information collection device.
  • Step S203 The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
  • Step S204 In the internal system, integrate the information collection device installed with the identity authentication device, receive the biometric information sent by other information collection devices, and send it to the identity authentication server through the identity authentication device.
  • the identity authentication device is integrated and installed in the information collection device, for example, the identity authentication device is integrated and installed in the circuit board of the information collection device in the form of a circuit board.
  • multiple information collection devices can be connected to an internal system, such as multiple information collection devices set up in one service hall, or information collection devices set up in other adjacent service halls, among multiple information collection devices.
  • At least one of the devices is integrated with an identity recognition device, and the information collection equipment section integrated with the identity recognition device receives the biometric information sent by other information collection devices, and sends it to the identity authentication server through the identity authentication device for identity authentication, each of which Each information collection device includes at least one biometric information collection device, and the biometric information that can be collected includes facial information, fingerprints, palm prints, finger veins, palm veins, voice prints, and iris.
  • Step S205 The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • the identity authentication device is integrated into the information collection device in a modular form, the information collection device is connected to the system in the internal network and sends the biometric information to the identity recognition device, and the identity recognition device is connected to the identity authentication server through the external network to perform identity
  • the identity authentication equipment can be integrated in any information collection equipment in the intranet, which can realize the authentication of the information collection equipment in multiple other intranets, which saves the overall equipment cost, optimizes the equipment hardware layout, and improves Identity authentication efficiency.
  • FIG. 3 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows a specific connection method of the identity authentication device and the information collection device. As shown in Figure 3, the technical solution is as follows:
  • Step S301 The information collection device collects at least one type of biometric information of the user, and the information collection device accesses the internal system through the internal network.
  • Step S302 Establish a USB communication connection between the information collection device and the identity authentication device.
  • Step S303 The information collection device installs an authentication installation program of the identity authentication device, where the authentication installation program is used to implement data communication between the identity authentication device and the information collection device.
  • the identity authentication device is connected to the information collection device in a USB communication mode, and is used to receive at least one type of biometric information sent by the information collection device, and feed back the authentication result to the information collection device.
  • the information collection device Before the identity authentication device acquires at least one type of biometric information collected by the information collection device, the information collection device usually first installs a corresponding authentication installation program. Optionally, when a connection is established between the identity authentication device and the information collection device, the identity authentication device automatically initiates an installation request for the authentication installation program of the information collection device. After the information collection device has been installed with the authentication installation program, the two can perform safe biological Transmission of characteristic information, auxiliary authentication information and identity authentication results.
  • Step S304 The identity authentication device obtains at least one type of biometric information collected by the information collection device.
  • Step S305 The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
  • Step S306 The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • the information collection device is connected to the internal system through the intranet, the identity authentication device is connected through the USB, and the identity authentication device is connected to the identity authentication server through the external network, which can be easily realized through the external network while ensuring the security of the internal network information.
  • the user does not need to use ID card verification for authentication, which improves the efficiency of user identity authentication, and simplifies the authentication process on the premise of ensuring the safety and reliability of identity authentication.
  • FIG. 4 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows a specific connection method of the identity authentication device and the information collection device. As shown in Figure 4, the technical solution is as follows:
  • Step S401 The information collection device collects at least one type of biometric information of the user, and the information collection device accesses the internal system through the internal network.
  • Step S402 The identity authentication device sends a Bluetooth authentication request to the information collection device.
  • Step S403 The information collection device authenticates the identity authentication device, and if the authentication is passed, it creates a Bluetooth pairing connection authentication with the identity authentication device.
  • the information collection device and the identity authentication device use a Bluetooth connection for information communication, wherein when the Bluetooth communication connection is established, for example, before the Bluetooth pairing connection authentication is started, the information collection device authenticates the identity authentication device. If the authentication is passed, a Bluetooth pairing connection authentication with the identity authentication device is created, thereby improving the security of the Bluetooth network. If the authentication fails, it is determined to be an illegal access device, and the information collection device does not perform Bluetooth pairing connection.
  • Step S404 The identity authentication device acquires at least one type of biometric information collected by the information collection device.
  • Step S405 The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
  • Step S406 The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • the information collection device is connected to the internal system through the intranet, the identity authentication device is connected through Bluetooth, and the identity authentication device is connected to the identity authentication server through the external network.
  • This can be easily realized through the external network while ensuring the security of the internal network information.
  • the identity authentication is ensured while ensuring the security of the Bluetooth network, improving the efficiency of user identity authentication, and simplifying the authentication process on the premise of ensuring the safety and reliability of identity authentication.
  • Fig. 5 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows a specific setting method of identity authentication equipment and information collection equipment. As shown in Figure 5, the technical solution is as follows:
  • Step S501 Collect the user's face image information through the living body face collection and camera device integrated with the information collection device, and the living body face collection and camera device is connected to the identity authentication device.
  • the biometric information is the user's face image information
  • the face image information is collected by a living body face collection and camera device, which is integrated in the information collection device, and the living body face collection
  • the camera device is connected with the identity authentication device, that is, the identity authentication device is respectively connected with the camera of the living body face collection camera and the processing unit of the information collection device.
  • Step S502 The identity authentication device obtains the user's face image information collected by the living body face collecting and camera device.
  • the identity authentication device is integrated and installed inside the living body face acquisition camera device, the identity authentication device and the living body face acquisition camera device are combined into an independent device, and the identity authentication device preferentially obtains the images taken by the living body face acquisition camera device.
  • the face image can be sent to the identity authentication server for authentication after obtaining the face image.
  • the identity authentication device is not integratedly installed inside the living body face acquisition camera device, and it is connected to the living body face acquisition camera device in an external connection manner to obtain the face captured by the living body face acquisition camera device image.
  • Step S503 The identity authentication device sends the face image information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
  • the identity authentication device after acquiring the facial image information, performs feature extraction on the facial image information to obtain facial image characteristics, and sends the facial image characteristics to the identity authentication server to reduce data Transmission pressure and comparison processing time of the identity authentication server.
  • the original face image in the face image information may also be sent to the identity authentication server for identification and authentication.
  • Step S504 The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • the information collection equipment is connected to the internal system through the intranet to perform special functions in specific scenarios, and the integrated live face capture camera device collects face image information and passes the identity authentication connected to the live face capture camera device.
  • the device is sent to the identity authentication server, and the identity authentication device is connected to the identity authentication server through the external network. While ensuring the security of the internal network information, the identity authentication is conveniently realized through the external network, which improves the efficiency of user identity authentication and ensures On the premise that identity authentication is safe and reliable, the authentication process is simplified.
  • Fig. 6 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows the flow of another identity authentication method. As shown in Figure 6, the technical solution is as follows:
  • Step S601 Collect the user's face image information through the living body face collection and camera device integrated with the information collection device, and the living body face collection and camera device is connected to the identity authentication device.
  • Step S602 The identity authentication device acquires the user's face image information collected by the living body face collecting and camera device, and performs living body detection on the face image information.
  • the identity authentication device has a live body detection function, that is, performs live body detection and verification on the acquired facial image information.
  • Step S603 If it is determined that it is a living body face image, send the face image information to the identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
  • the face image information when it is determined that the face image information corresponds to a living user, the face image information is sent to the identity authentication server for identity authentication.
  • Step S604 The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • the information collection equipment is connected to the internal system through the intranet to perform special functions in specific scenarios, and the integrated live face capture camera device collects face image information and passes the identity authentication connected to the live face capture camera device. After the device performs the live detection, it sends the face image information determined to be a living user to the identity authentication server for authentication to further optimize the identity authentication process.
  • the identity authentication device connects to the identity authentication server through the external network, ensuring the internal network In the case of information security, identity authentication is conveniently realized through the external network, which improves the efficiency of user identity authentication, and simplifies the authentication process while ensuring the safety and reliability of identity authentication.
  • the method further includes: the identity authentication device obtains the living body face collection camera The video data shot by the device is recorded and saved.
  • the identity authentication device has a video saving function to save the acquired content captured by the camera.
  • the method further includes: the identity authentication device transfers the video data to the information collection device. That is, the identity authentication device also includes a video transfer function to transfer the saved video data to the information collection device. It can be seen from the above that the identity authentication device is further integrated with video recording, audio recording, and transfer-out functions, which improves the identity recognition and subsequent information query, and optimizes the identity authentication process.
  • the method further includes: sending the identity authentication device or the device identification of the information collection device to the identity authentication server
  • the identity authentication server is used for the identity authentication server to perform identity authentication comparison according to the device identifier and the biometric information to generate authentication information.
  • the identity authentication server determines the location area range of the user who currently needs to be authenticated according to the identity of the identity authentication device or the information collection device, and obtains the authentication information and the received biological information corresponding to all users in the area. The characteristic information is verified and compared to reduce the amount of compared data and significantly improve the efficiency of identity authentication.
  • the identity authentication server updates the location trajectory of each registered user in real time.
  • the identity authentication device After receiving the biometric information sent by the identity authentication device, it determines the area that currently needs to be authenticated according to the identity of the information collection device.
  • the device identification corresponds to a fixed location area. After determining the location area of the identity authentication user, all users in the area that are tracked in real time are determined accordingly, the legal authentication information saved by the user is retrieved, and the biometric information and multiple stored authentication information Compare them one by one.
  • the method further includes: sending location information of the identity authentication device or the information collection device to the identity
  • the authentication server is used for the identity authentication server to perform identity authentication comparison based on the location information and the biometric information to generate authentication information.
  • the location of the identity authentication device or the information collection device can be randomly changed. At this time, during the identity authentication process, the location of the identity authentication device or the information collection device is acquired in real time, such as acquiring the corresponding GPS data, according to the acquisition Determine the associated preset area.
  • the identity authentication device sends at least one kind of biometric information to the identity authentication server, it further includes: sending auxiliary authentication information to the identity authentication server, the auxiliary information including name, ID number, user account, Mobile phone number, etc., to achieve auxiliary verification of user identity, thereby improving verification accuracy and verification efficiency.
  • FIG. 7 is a flowchart of another external network identity authentication method based on an internal network connection provided by an embodiment of the present invention
  • FIG. 8 is a sequence diagram corresponding to the flowchart provided in FIG. 7 according to an embodiment of the present invention.
  • the technical solutions are as follows:
  • Step S701 Establish a communication connection between the information collection device and the identity authentication device.
  • Step S702 The information collection device collects the biometric information of the user, and the information collection device accesses the internal system through the internal network.
  • Step S703 The identity authentication device acquires at least one type of biometric information collected by the information collection device.
  • Step S704 The identity authentication device searches locally whether there is an authentication result corresponding to the biometric information, if it is, then the authentication is successful, if not, then step S705 is executed.
  • the authentication results for a preset time can be stored locally, and several (such as keeping 3000 records) of authentication results can be stored locally.
  • a preset time such as 7 days or 30 days, etc.
  • several (such as keeping 3000 records) of authentication results can be stored locally.
  • Step S705 The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
  • Step S706 The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  • Step S707 The identity authentication device sends the authentication result back to the information collection device, and displays it on the display screen integrated with the information collection device.
  • Step S708 Save the authentication result in the identity authentication device and/or the information collection device locally within a preset time period.
  • the authentication result can be saved accordingly for subsequent identity authentication.
  • FIG. 9 is a schematic structural diagram of an external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 9, the system includes:
  • An information collection device 901 is used to collect biometric information of a user, and the information collection device is connected to an internal system through an internal network;
  • the information collection device 901 is integrated with one or more biological feature collection devices. Illustratively, as shown in FIG. 9, it includes a camera 9011, a fingerprint collection device 9012, a voiceprint collection device 9013, and palm veins. Collection device 9014 and so on.
  • the identity authentication device 902 is configured to obtain at least one kind of biometric information collected by the information collection device, and send the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity through an external network Authentication server
  • the identity authentication server 903 is configured to receive the biometric information sent by the identity authentication device, generate authentication information according to the biometric information, and send the authentication information to the identity authentication device;
  • the identity authentication device 902 is further configured to receive authentication information sent by the identity authentication server, and generate an authentication result according to the authentication information.
  • the user’s biometric information is collected through an information collection device, which accesses the internal system through an internal network; the identity authentication device obtains at least one type of biometric information collected by the information collection device; the identity authentication The device sends the at least one kind of biometric information to the identity authentication server, and the identity authentication device accesses the identity authentication server through an external network; the identity authentication device receives the authentication information sent by the identity authentication server, and according to the The authentication information generates an authentication result.
  • the efficiency of user identity authentication is improved, and the authentication process is simplified on the premise of ensuring the safety and reliability of identity authentication.
  • FIG. 10 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention.
  • the identity authentication device 902 is integrated and installed in the information collection 901 in the equipment.
  • FIG. 11 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention, and the internal system includes a plurality of the information collection devices 901, the identity authentication device 902 is integrated and installed in any one of the multiple information collection devices 901, the multiple information collection devices 901 communicate through the internal network, and the information collection device 901 also uses At:
  • the identity authentication device 902 is also used to obtain the biometric information collected by the other information collection device 901.
  • FIG. 12 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention.
  • the identity authentication device 902 is placed in the information collection device 901 outside.
  • FIG. 13 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 13, the identity authentication device 902 and the information collection 901 device Connect via USB data cable.
  • the identity authentication device 902 is further configured to: before acquiring the biometric information collected by the information collection device 901, establish a USB communication connection with the information collection device 901;
  • FIG. 14 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 14, the identity authentication device 902 and the information collection 901 device Connect via Bluetooth.
  • the identity authentication device 902 is further configured to: send a Bluetooth authentication request to the information collection device 901 before acquiring the biometric information collected by the information collection device 901;
  • the information collection device 901 is also used to: authenticate the identity authentication device 902, and if the authentication is passed, create Bluetooth pairing authentication with the identity authentication device.
  • the information collection device 901 is specifically configured to:
  • the user's face image information is collected by the living body face collection camera device integrated with the information collection equipment.
  • FIG. 15 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention.
  • the identity authentication device 902 is integrated and installed on the living person. Inside the face collection camera device, correspondingly, the identity authentication device 902 is specifically used for:
  • FIG. 16 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention.
  • the identity authentication device 902 and the living body face collection and camera device External connection correspondingly, the identity authentication device 902 is specifically used for:
  • the identity authentication device 902 is further configured to:
  • the identity authentication device 902 acquires the user's face image information collected by the camera of the living body face collection camera device, perform living body detection on the face image information;
  • the face image information is sent to the identity authentication server 903.
  • the identity authentication device 902 is specifically configured to:
  • the original face image in the face image information is sent to the identity authentication server.
  • the identity authentication device 902 is further configured to: after the identity authentication device 902 obtains the user's face image information collected by the camera of the living body face collection camera device, obtain the living body face collection camera device The captured video data is recorded and saved.
  • the identity authentication device 902 is further configured to transfer the video data to the information collection device 901 after recording and saving the video data.
  • the identity authentication device 902 is further configured to send the identity authentication device 902 or the information collection device when the identity authentication device 902 sends the at least one type of biometric information to the identity authentication server 903
  • the device identification of 901 is sent to the identity authentication server 903 for the identity authentication server 903 to perform identity authentication comparison and generate authentication information according to the device identity and the biometric information.
  • the identity authentication device 902 is further configured to send auxiliary authentication information to the identity authentication server 903 when the identity authentication device 902 sends the at least one kind of biometric information to the identity authentication server 903, so
  • the auxiliary authentication information includes one or more of name, ID number, user account, mobile phone number, and location information; the identity authentication server 903 performs identity authentication comparison based on the biometric information and the auxiliary authentication information Generate authentication information.
  • the identity authentication device 902 is further configured to: after generating an authentication result according to the authentication information, save the authentication result in the identity authentication device and/or the information collection within a preset period of time Local collection of equipment;
  • the identity authentication device 902 searches locally whether there is an authentication result corresponding to the biometric information, and if it does not exist, sends the at least one kind of biometric information to the identity authentication server 903.
  • FIG. 17 is a schematic structural diagram of an identity authentication device provided by an embodiment of the present invention.
  • the device includes a processor 201, a memory 202, a communication module 203, and a device interface 204; wherein the number of processors 201 can be There are one or more.
  • One processor 201 is taken as an example in FIG. 17; the processor 201, memory 202, communication module 203, and device interface 204 in the device can be connected by a bus or other means. example.
  • the memory 202 can be used to store software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the method for identity authentication based on an external network connection based on an internal network in an embodiment of the present invention.
  • the processor 201 executes various functional applications and data processing of the device by running the software programs, instructions, and modules stored in the memory 202, that is, realizes the above-mentioned external network identity authentication method based on the internal network connection.
  • the memory 202 may mainly include a program storage area and a data storage area.
  • the program storage area may store an operating system and an application program required by at least one function; the data storage area may store data created according to the use of the terminal, and the like.
  • the memory 202 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other non-volatile solid-state storage devices.
  • the memory 202 may further include a memory remotely provided with respect to the processor 201, and these remote memories may be connected to the device through a network. Examples of the aforementioned networks include, but are not limited to, the Internet, corporate intranets, local area networks, mobile communication networks, and combinations thereof.
  • the communication module 203 can realize the communication connection with the identity authentication server.
  • the device interface 204 can implement data communication with the information collection device.
  • the embodiment of the present invention also provides a storage medium containing computer-executable instructions, when the computer-executable instructions are executed by a computer processor, are used to execute an external network identity authentication method based on an internal network connection, and the method includes:
  • the identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
  • Floppy disk read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), flash memory (FLASH), hard disk or optical disk, etc., including several instructions to make a computer device (which can be A personal computer, a server, or a network device, etc.) execute the methods described in the various embodiments of the embodiments of the present invention.
  • a computer device which can be A personal computer, a server, or a network device, etc.

Abstract

An external network identity authentication method, a system, a device, and a storage medium based on an internal network connection. The method comprises: an information collection device (901) collecting biometric information of a user, said information collection device (901) accessing an internal system by means of an internal network (S101); an identity authentication device (902) obtaining at least one type of biometric information collected by the information collection device (901) (S102); said identity authentication device (902) sending said at least one kind of biometric information to an identity authentication server (903), said identity authentication device (902) accessing said identity authentication server (903) by means of an external network (S103); and the identity authentication device (902) receiving authentication information sent by the identity authentication server (903), and generating an authentication result according to said authentication information (S104). The present method improves the efficiency of user identity authentication, and, while ensuring the safety and reliability of identity authentication, simplifies the authentication process.

Description

基于内网连接的外网身份认证方法、系统、设备和存储介质External network identity authentication method, system, equipment and storage medium based on internal network connection 技术领域Technical field
本申请实施例涉及身份认证技术领域,尤其涉及一种基于内网连接的外网身份认证方法、系统、设备和存储介质。The embodiments of the present application relate to the field of identity authentication technology, and in particular, to an external network identity authentication method, system, device, and storage medium based on an internal network connection.
背景技术Background technique
身份认证指通过特殊手段完成对用户身份的确认,如用户去银行办理业务时,需要对用户的身份进行认证以确定业务办理权限。在工商、税务、金融、公检法、交通等行业场景的身份认证过程中,由于行业特殊性其对信息安全要求较高,通常其原有的认证设备无法连接外部网络,导致了认证效率较低、流程繁琐,无法高效的实现基于用户生物特征的身份认证。Identity authentication refers to the confirmation of the user's identity through special means. For example, when the user goes to the bank to handle business, the user's identity needs to be authenticated to determine the business handling authority. In the process of identity authentication in industry scenarios such as industry and commerce, taxation, finance, public security law, transportation, etc., due to the particularity of the industry, it has high requirements for information security. Usually its original authentication equipment cannot connect to the external network, resulting in low authentication efficiency, The process is cumbersome, and it is impossible to efficiently realize the identity authentication based on the user's biological characteristics.
发明内容Summary of the invention
本发明实施例提供了一种基于内网连接的外网身份认证方法、系统、设备和存储介质,可以高效的实现用户身份认证。The embodiment of the present invention provides an external network identity authentication method, system, equipment and storage medium based on internal network connection, which can efficiently realize user identity authentication.
第一方面,本发明实施例提供了一种基于内网连接的外网身份认证方法,该方法包括:In the first aspect, an embodiment of the present invention provides an external network identity authentication method based on an internal network connection, and the method includes:
信息采集设备采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统;The information collection device collects the user's biometric information, and the information collection device accesses the internal system through the internal network;
身份认证设备获取所述信息采集设备采集的至少一种生物特征信息;The identity authentication device acquires at least one type of biometric information collected by the information collection device;
所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器;Sending the at least one kind of biometric information to an identity authentication server by the identity authentication device, and the identity authentication device accesses the identity authentication server through an external network;
所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
可选的,所述身份认证设备集成安装在所述信息采集设备中。Optionally, the identity authentication device is integrated and installed in the information collection device.
可选的,所述内部系统包含有多个所述信息采集设备,所述身份认证设备集成安装在多个所述信息采集设备中的至少一个,所述多个信息采集设备之间通过所述内部网络进行通信,所述基于内网连接的外网身份认证方法,还包括:Optionally, the internal system includes a plurality of the information collection devices, the identity authentication device is integratedly installed in at least one of the plurality of information collection devices, and the plurality of information collection devices pass through the The internal network communicates, and the external network identity authentication method based on the internal network connection further includes:
在所述内部系统中,集成安装有所述身份认证设备的信息采集设备,接收其他信息采集设备发送的生物特征信息,所述信息采集设备中,至少包含一种生物特征信息采集装置;In the internal system, an information collection device equipped with the identity authentication device is integrated to receive biometric information sent by other information collection devices, and the information collection device includes at least one biometric information collection device;
所述身份认证设备获取所述其他信息采集设备采集的至少一种生物特征信息。The identity authentication device acquires at least one type of biometric information collected by the other information collection device.
可选的,所述身份认证设备和所述信息采集设备通过USB数据线连接。Optionally, the identity authentication device and the information collection device are connected through a USB data cable.
可选的,在身份认证设备获取所述信息采集设备采集的至少一种生物特征信息之前,还包括:Optionally, before the identity authentication device acquires at least one type of biometric information collected by the information collection device, the method further includes:
建立所述信息采集设备和所述身份认证设备的USB通信连接。Establish a USB communication connection between the information collection device and the identity authentication device.
可选的,所述身份认证设备和所述信息采集设备通过蓝牙连接。Optionally, the identity authentication device and the information collection device are connected via Bluetooth.
可选的,在身份认证设备获取所述信息采集设备采集的至少一种生物特征信息之前,还包括:Optionally, before the identity authentication device acquires at least one type of biometric information collected by the information collection device, the method further includes:
身份认证设备发送蓝牙认证请求至所述信息采集设备;The identity authentication device sends a Bluetooth authentication request to the information collection device;
所述信息采集设备对所述身份认证设备进行鉴权,如果鉴权通过,则创建和所述身份认证设备的蓝牙配对连接认证。The information collection device authenticates the identity authentication device, and if the authentication passes, creates a Bluetooth pairing connection authentication with the identity authentication device.
可选的,所述信息采集设备采集用户的生物特征信息,包括:Optionally, the collection of biometric information of the user by the information collection device includes:
通过信息采集设备集成的活体人脸采集摄像装置采集用户的人脸图像信息。The user's face image information is collected by the living body face collection camera device integrated with the information collection equipment.
可选的,所述身份认证设备和所述活体人脸采集摄像装置连接,相应的,所述身份认证设备获取所述信息采集设备采集的至少一种生物特征信息,包括:Optionally, the identity authentication device is connected to the living body face collection and camera device, and correspondingly, the identity authentication device acquiring at least one type of biometric information collected by the information collection device includes:
所述身份认证设备获取所述活体人脸采集摄像装置摄像头采集的用户的符合规范的活体人脸图像信息。The identity authentication device acquires the standard-compliant living face image information of the user collected by the camera of the living face collection camera.
可选的,所述身份认证设备和所述活体人脸采集摄像装置组合为一个独立设备进行集成安装。Optionally, the identity authentication device and the living body face acquisition and camera device are combined into an independent device for integrated installation.
可选的,在所述身份认证设备获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息之后,还包括:Optionally, after the identity authentication device acquires the user's face image information collected by the camera of the living body face collection camera, the method further includes:
对所述人脸图像信息进行活体检测;Performing live body detection on the face image information;
相应的,所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,包括:Correspondingly, sending the at least one kind of biometric information to the identity authentication server by the identity authentication device includes:
如果确定为活体人脸图像,则发送所述人脸图像信息至所述身份认证服务器。If it is determined to be a living body face image, sending the face image information to the identity authentication server.
可选的,所述发送所述人脸图像信息至所述身份认证服务器,包括:Optionally, the sending the face image information to the identity authentication server includes:
对所述人脸图像信息进行特征提取得到人脸图像特征,将所述人脸图像特征发送至所述身份认证服务器;和/或Perform feature extraction on the facial image information to obtain facial image characteristics, and send the facial image characteristics to the identity authentication server; and/or
将所述人脸图像信息中的原始人脸图像发送至所述身份认证服务器。The original face image in the face image information is sent to the identity authentication server.
可选的,在所述身份认证设备获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息之后,还包括:Optionally, after the identity authentication device acquires the user's face image information collected by the camera of the living body face collection camera, the method further includes:
所述身份认证设备获取所述活体人脸采集摄像装置拍摄的视频数据,对所述视频数据进行记录保存。The identity authentication device obtains the video data shot by the living body face collection and camera device, and records and saves the video data.
可选的,在对所述视频数据进行记录保存之后,还包括:Optionally, after recording and saving the video data, the method further includes:
所述身份认证设备转出所述视频数据至所述信息采集设备。The identity authentication device transfers the video data to the information collection device.
可选的,在所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器时,还包括:Optionally, when the identity authentication device sends the at least one kind of biometric information to the identity authentication server, the method further includes:
发送所述身份认证设备或所述信息采集设备的设备标识至所述身份认证服务器,用于所述身份认证服务器根据所述设备标识以及所述生物特征信息进行身份认证比对生成认证信息。The device identifier of the identity authentication device or the information collection device is sent to the identity authentication server for the identity authentication server to perform identity authentication comparison based on the device identity and the biometric information to generate authentication information.
可选的,在所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器时,还包括:Optionally, when the identity authentication device sends the at least one kind of biometric information to the identity authentication server, the method further includes:
发送辅助认证信息至所述身份认证服务器,所述辅助认证信息包括姓名、身份证号码、用户账号、手机号码和位置信息中的一项或多项;Sending auxiliary authentication information to the identity authentication server, where the auxiliary authentication information includes one or more of name, ID number, user account, mobile phone number, and location information;
所述身份认证服务器根据所述生物特征信息以及所述辅助认证信息进行身份认证比对生成认证信息。The identity authentication server performs identity authentication comparison according to the biological feature information and the auxiliary authentication information to generate authentication information.
可选的,在根据所述认证信息生成认证结果之后,还包括:Optionally, after the authentication result is generated according to the authentication information, the method further includes:
在预设时长内,将所述认证结果保存在所述身份认证设备和/或所述信息采集设备采集本地;Save the authentication result in the identity authentication device and/or the information collection device locally within a preset time period;
相应的,所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,包括:Correspondingly, sending the at least one kind of biometric information to the identity authentication server by the identity authentication device includes:
所述身份认证设备在本地查找是否有对应所述生物特征信息的认证结果,如果不存在,则发送所述至少一种生物特征信息至身份认证服务器。The identity authentication device searches locally whether there is an authentication result corresponding to the biometric information, and if it does not exist, sends the at least one kind of biometric information to the identity authentication server.
第二方面,本发明实施例还提供了一种基于内网连接的外网身份认证系统,包括:In the second aspect, an embodiment of the present invention also provides an external network identity authentication system based on internal network connection, including:
信息采集设备,用于采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统;An information collection device for collecting user's biometric information, and the information collection device is connected to an internal system through an internal network;
身份认证设备,用于获取所述信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器;Identity authentication device, configured to obtain at least one type of biometric information collected by the information collection device, and send the at least one type of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication through an external network server;
所述身份认证服务器,用于接收所述身份认证设备发送的生物特征信息,并根据所述生物特征信息生成认证信息,将所述认证信息发送至所述身份认证设备;The identity authentication server is configured to receive the biometric information sent by the identity authentication device, generate authentication information based on the biometric information, and send the authentication information to the identity authentication device;
所述身份认证设备,还用于接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。The identity authentication device is further configured to receive authentication information sent by the identity authentication server, and generate an authentication result according to the authentication information.
第三方面,本发明实施例还提供了一种身份认证设备,所述设备包括:一个或多个处理器;存储装置,用于存储一个或多个程序,当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现:In a third aspect, an embodiment of the present invention also provides an identity authentication device, the device includes: one or more processors; a storage device, configured to store one or more programs, when the one or more programs are The one or more processors execute, so that the one or more processors implement:
获取信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器,所述信息采集设备通过内部网络接入内部系统;Acquire at least one type of biometric information collected by an information collection device, and send the at least one type of biometric information to an identity authentication server. The identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Receiving the authentication information sent by the identity authentication server, and generating an authentication result according to the authentication information.
可选的,所述内部系统包含有多个所述信息采集设备,所述身份认证设备集成安装在多个所述信息采集设备中的至少一个,所述多个信息采集设备之间通过所述内部网络进行通信。Optionally, the internal system includes a plurality of the information collection devices, the identity authentication device is integratedly installed in at least one of the plurality of information collection devices, and the plurality of information collection devices pass through the The internal network communicates.
可选的,所述身份认证设备和所述信息采集设备通过USB数据线连接,或通过蓝牙连接。Optionally, the identity authentication device and the information collection device are connected via a USB data cable or via Bluetooth.
第四方面,本发明实施例还提供了一种包含计算机可执行指令的存储介质,所述计算机可执行指令在由计算机处理器执行时用于执行:In a fourth aspect, embodiments of the present invention also provide a storage medium containing computer-executable instructions, which are used to execute when executed by a computer processor:
获取信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器,所述信息采集设备通过内部网络接入内部系统;Acquire at least one type of biometric information collected by an information collection device, and send the at least one type of biometric information to an identity authentication server. The identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Receiving the authentication information sent by the identity authentication server, and generating an authentication result according to the authentication information.
本发明实施例中,通过信息采集设备采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统;身份认证设备获取所述信息采集设备采集的至少一种生物特征信息;所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器;所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。由此,提高了用户身份认证的效率,在保证身份认证安全、可靠的前提下,简化了认证流程。In the embodiment of the present invention, the user's biometric information is collected through an information collection device, which accesses the internal system through an internal network; the identity authentication device obtains at least one type of biometric information collected by the information collection device; The identity authentication device sends the at least one kind of biometric information to the identity authentication server, and the identity authentication device accesses the identity authentication server through an external network; the identity authentication device receives the authentication information sent by the identity authentication server, and according to The authentication information generates an authentication result. As a result, the efficiency of user identity authentication is improved, and the authentication process is simplified on the premise of ensuring the safety and reliability of identity authentication.
附图说明Description of the drawings
图1为本发明实施例提供的一种基于内网连接的外网身份认证方法的流程图;FIG. 1 is a flowchart of an external network identity authentication method based on an internal network connection provided by an embodiment of the present invention;
图2为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图;2 is a flowchart of another method for external network identity authentication based on internal network connection provided by an embodiment of the present invention;
图3为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图;FIG. 3 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention;
图4为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图;FIG. 4 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention;
图5为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图;FIG. 5 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention;
图6为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图;FIG. 6 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention;
图7为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图;FIG. 7 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention;
图8为本发明实施例图7提供的流程图对应的序列图;FIG. 8 is a sequence diagram corresponding to the flowchart provided in FIG. 7 according to the embodiment of the present invention;
图9为本发明实施例提供的一种基于内网连接的外网身份认证系统的结构示意图;9 is a schematic structural diagram of an external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图10为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图;10 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图11为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图;11 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图12为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图;12 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图13为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图;13 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图14为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图;14 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图15为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图;15 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图16为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图;16 is a schematic structural diagram of another external network identity authentication system based on internal network connection provided by an embodiment of the present invention;
图17为本发明实施例提供的一种身份认证设备的结构示意图。FIG. 17 is a schematic structural diagram of an identity authentication device provided by an embodiment of the present invention.
具体实施方式Detailed ways
下面结合附图和实施例对本发明实施例作进一步的详细说明。可以理解的是,此处所描述的具体实施例仅仅用于解释本发明实施例,而非对本发明实施例的限定。另外还需要说明的是,为了便于描述,附图中仅示出了与本发明实施例相关的部分而非全部结构。The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It can be understood that the specific embodiments described here are only used to explain the embodiments of the present invention, but not to limit the embodiments of the present invention. In addition, it should be noted that, for ease of description, the drawings only show a part but not all of the structures related to the embodiments of the present invention.
图1为本发明实施例提供的一种基于内网连接的外网身份认证方法的流程图,本实施例可适用于信息采集 设备内网连接的外网身份认证,该方法可由信息采集设备、身份认证设备执行,具体包括如下步骤:Figure 1 is a flowchart of an external network identity authentication method based on an intranet connection provided by an embodiment of the present invention. This embodiment can be applied to external network identity authentication of an information collection device’s intranet connection. The method can be used by information collection equipment, The implementation of identity authentication equipment includes the following steps:
步骤S101、信息采集设备采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统。Step S101: The information collection device collects biometric information of the user, and the information collection device accesses the internal system through the internal network.
其中,该信息采集设备可以是在需要进行身份认证场所设置的设备,如在银行办事大厅的身份认证终端设备、税务办事大厅设置的一体化终端设备、高铁的自助取票终端设备、地铁的生物识别闸机。其中,生物特征信息可以为人脸信息、虹膜信息、巩膜信息、眼纹信息、指纹信息、掌纹信息、掌静脉信息、指静脉信息、声纹信息和DNA信息中的一种或多种,通过在信息采集设备上安装相应的一种或多种生物特征采集传感器对用户的生物特征信息进行采集。可选的,通常选择人脸图像作为用户的生物特征信息以用于身份认证。Among them, the information collection equipment can be equipment installed in places where identity authentication is required, such as identity authentication terminal equipment in the bank's office hall, integrated terminal equipment in the tax office hall, high-speed rail self-service ticketing terminal equipment, and subway biological Identify gates. Among them, the biometric information can be one or more of face information, iris information, sclera information, eye print information, fingerprint information, palm print information, palm vein information, finger vein information, voice print information, and DNA information. Install the corresponding one or more biological feature collection sensors on the information collection equipment to collect the user's biological feature information. Optionally, a face image is usually selected as the user's biometric information for identity authentication.
在一个实施例中,信息采集设备通过内部网络接入内部系统。其中,该内部系统可以是银行的内部平台系统,可以是税务机关的税务系统等,可以是地铁、高铁的票务系统,每个信息采集设备通过内网连接其对应的内部系统以实现数据信息的内部传输。In one embodiment, the information collection device accesses the internal system through the internal network. Among them, the internal system can be the internal platform system of the bank, the taxation system of the tax authority, etc., and the ticketing system of the subway and high-speed rail. Each information collection device is connected to its corresponding internal system through the intranet to realize the data information. Internal transmission.
在一个实施例中,信息采集设备通过集成的生物特征采集器采集用户的生物特征信息,如通过活体人脸采集摄像头采集用户的活体人脸图像。In one embodiment, the information collection device collects the biometric information of the user through an integrated biometric collector, such as collecting a live face image of the user through a live face collection camera.
步骤S102、身份认证设备获取所述信息采集设备采集的至少一种生物特征信息。Step S102: The identity authentication device acquires at least one type of biometric information collected by the information collection device.
当信息采集设备采集到用户的生物特征信息后,发送至身份认证设备,身份认证设备获取该生物特征信息。可选的,身份认证设备包括通信模块(如4G、5G、WIFI、有线网络模块等)、处理模块(如ARM、DSP、CPU、单片机处理单元)、存储模块、设备接口(如USB、蓝牙模块等)等,通信模块用于实现外部网络的连接以和身份认证服务器进行数据通信,处理模块用于进行数据处理,存储模块用于存储程序和数据信息,设备接口用于实现和信息采集设备的数据通信。After the biometric information of the user is collected by the information collection device, it is sent to the identity authentication device, and the identity authentication device obtains the biometric information. Optionally, the identity authentication equipment includes communication modules (such as 4G, 5G, WIFI, wired network modules, etc.), processing modules (such as ARM, DSP, CPU, single-chip processing unit), storage modules, and device interfaces (such as USB, Bluetooth modules) Etc.), the communication module is used to realize the connection of the external network for data communication with the identity authentication server, the processing module is used to perform data processing, the storage module is used to store programs and data information, and the device interface is used to realize the connection of the information collection device data communication.
步骤S103、所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器。Step S103: The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
其中,身份认证服务器可以是设置的云服务器设备,用于进行用户生物特征信息的比对以进行身份认证,如公安系统的身份认证服务器,在身份认证服务器中存储有大量的用户身份信息和对应的生物特征信息,以根据身份认证设备发送的生物特征信息进行比对得到认证信息。在身份认证服务器得到认证信息后,相应的将该认证信息发送至对应的身份认证设备。Among them, the identity authentication server can be a cloud server device that is set up to compare user biometric information for identity authentication. For example, the identity authentication server of the public security system stores a large amount of user identity information and corresponding information in the identity authentication server. The biometric information is compared with the biometric information sent by the identity authentication device to obtain the authentication information. After the identity authentication server obtains the authentication information, the authentication information is correspondingly sent to the corresponding identity authentication device.
在一个实施例中,身份认证设备通过内部集成的通信模块连接外部网络,如通过5G模块建立和身份认证服务器的无线通信连接,以和身份认证服务器进行数据通信。具体的,包括身份认证设备发送生物特征信息至身份认证服务器,并接收身份认证服务器发送的认证信息。In one embodiment, the identity authentication device is connected to an external network through an internally integrated communication module, such as establishing a wireless communication connection with the identity authentication server through a 5G module, so as to perform data communication with the identity authentication server. Specifically, it includes the identity authentication device sending the biometric information to the identity authentication server, and receiving the authentication information sent by the identity authentication server.
步骤S104、所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Step S104: The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
身份认证设备在接收到身份认证服务器发送的认证信息后,相应的生成认证结果。示例性的,该认证信息可以是生物特征信息的比对结果,如相似度值。认证结果可以是身份认证成功/通过,或身份认证失败。进一步 的,对于某些应用场景(如银行的个人贷款系统),当身份认证成功的时候,其认证结果还包含用户个人信息或用户账号信息。After the identity authentication device receives the authentication information sent by the identity authentication server, it generates an authentication result accordingly. Exemplarily, the authentication information may be a comparison result of biometric information, such as a similarity value. The authentication result can be identity authentication success/pass, or identity authentication failure. Further, for some application scenarios (such as a bank's personal loan system), when the identity authentication is successful, the authentication result also contains the user's personal information or user account information.
相应的,在根据认证信息生成认证结果后,身份认证设备可将该认证结果发送回信息采集设备,通过信息采集设备集成的显示屏进行显示。Correspondingly, after the authentication result is generated according to the authentication information, the identity authentication device can send the authentication result back to the information collection device, and display it on the integrated display screen of the information collection device.
由上述方案可知,信息采集设备采用内网连接的方式接入内网系统,通过身份认证设备获取信息采集设备采集的用户的至少一种生物特征信息,并通过身份认证设备的通信模块连接到外网和身份认证服务器通信以得到认证信息进而得出认证结果,在保证信息采集设备不接入外网的情况下,实现了利用外网进行身份认证,信息采集设备仅需和身份认证设备进行数据传输,保证了信息安全性,同时提高了用户身份认证的效率,在保证身份认证安全、可靠的前提下,简化了认证流程。It can be seen from the above scheme that the information collection device is connected to the intranet system by means of an intranet connection, and at least one type of biometric information of the user collected by the information collection device is obtained through the identity authentication device, and connected to the outside via the communication module of the identity authentication device. The network communicates with the identity authentication server to obtain the authentication information and then obtain the authentication result. Under the condition that the information collection device is not connected to the external network, the external network is used for identity authentication. The information collection device only needs to perform data with the identity authentication device. Transmission ensures the security of information, improves the efficiency of user identity authentication, and simplifies the authentication process on the premise of ensuring the safety and reliability of identity authentication.
图2为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图,给出了另一种用户身份认证的方法。如图2所示,技术方案具体如下:Fig. 2 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and another method of user identity authentication is provided. As shown in Figure 2, the technical solution is as follows:
步骤S201、信息采集设备采集用户的至少一种生物特征信息,所述信息采集设备通过内部网络接入内部系统。Step S201: The information collection device collects at least one type of biometric information of the user, and the information collection device accesses the internal system through the internal network.
步骤S202、身份认证设备获取所述信息采集设备采集的至少一种生物特征信息。Step S202: The identity authentication device obtains at least one type of biometric information collected by the information collection device.
步骤S203、所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器。Step S203: The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
步骤S204、在所述内部系统中,集成安装有所述身份认证设备的信息采集设备,接收其他信息采集设备发送的生物特征信息,通过身份认证设备发送至身份认证服务器。Step S204: In the internal system, integrate the information collection device installed with the identity authentication device, receive the biometric information sent by other information collection devices, and send it to the identity authentication server through the identity authentication device.
在一个实施例中,身份认证设备集成安装在信息采集设备中,如将身份认证设备以电路板形式集成安装与信息采集设备的电路板中。其中,在一个内部系统中可接入有多个信息采集设备,如一个办事大厅中设置的多个信息采集设备,或者相邻其他办事大厅中设置的信息采集设备,在多个信息采集设备中的至少一个设备集成有身份识别设备,该集成有身份识别设备的信息采集设备科接收其他信息采集设备发送的生物特征信息,并通过身份认证设备发送至身份认证服务器以进行身份认证,其中的每个信息采集设备包含至少一种生物特征信息采集装置,可采集的生物特征信息包括人脸信息、指纹、掌纹、指静脉、掌静脉、声纹和虹膜等。In one embodiment, the identity authentication device is integrated and installed in the information collection device, for example, the identity authentication device is integrated and installed in the circuit board of the information collection device in the form of a circuit board. Among them, multiple information collection devices can be connected to an internal system, such as multiple information collection devices set up in one service hall, or information collection devices set up in other adjacent service halls, among multiple information collection devices. At least one of the devices is integrated with an identity recognition device, and the information collection equipment section integrated with the identity recognition device receives the biometric information sent by other information collection devices, and sends it to the identity authentication server through the identity authentication device for identity authentication, each of which Each information collection device includes at least one biometric information collection device, and the biometric information that can be collected includes facial information, fingerprints, palm prints, finger veins, palm veins, voice prints, and iris.
步骤S205、所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Step S205: The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
由上述方案可知,将身份认证设备以模块化形式集成于信息采集设备中,信息采集设备内网连接系统并将生物特征信息发送至身份识别设备,身份识别设备通过外网连接身份认证服务器进行身份认证,同时,身份认证设备可集成在任一内网中的信息采集设备中,可实现对其他多个内网中的信息采集设备的认证,节约了整体设备成本,优化了设备硬件布局,提高了身份认证效率。It can be seen from the above scheme that the identity authentication device is integrated into the information collection device in a modular form, the information collection device is connected to the system in the internal network and sends the biometric information to the identity recognition device, and the identity recognition device is connected to the identity authentication server through the external network to perform identity At the same time, the identity authentication equipment can be integrated in any information collection equipment in the intranet, which can realize the authentication of the information collection equipment in multiple other intranets, which saves the overall equipment cost, optimizes the equipment hardware layout, and improves Identity authentication efficiency.
图3为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图,给出了一种具体身份认证设备和信息采集设备的连接方式。如图3所示,技术方案具体如下:FIG. 3 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows a specific connection method of the identity authentication device and the information collection device. As shown in Figure 3, the technical solution is as follows:
步骤S301、信息采集设备采集用户的至少一种生物特征信息,所述信息采集设备通过内部网络接入内部系统。Step S301: The information collection device collects at least one type of biometric information of the user, and the information collection device accesses the internal system through the internal network.
步骤S302、建立所述信息采集设备和所述身份认证设备的USB通信连接。Step S302: Establish a USB communication connection between the information collection device and the identity authentication device.
步骤S303、信息采集设备安装身份认证设备的认证安装程序,所述认证安装程序用于实现所述身份认证设备和所述信息采集设备的数据通信。Step S303: The information collection device installs an authentication installation program of the identity authentication device, where the authentication installation program is used to implement data communication between the identity authentication device and the information collection device.
在一个实施例中,身份认证设备以USB通信方式和信息采集设备连接,用于接收信息采集设备发送的至少一种生物特征信息,并反馈认证结果至信息采集设备。In one embodiment, the identity authentication device is connected to the information collection device in a USB communication mode, and is used to receive at least one type of biometric information sent by the information collection device, and feed back the authentication result to the information collection device.
其中,身份认证设备获取信息采集设备采集的至少一种生物特征信息之前,信息采集设备通常先要安装对应的认证安装程序。可选的,当身份认证设备和信息采集设备建立连接后,身份认证设备自动发起信息采集设备的认证安装程序的安装请求,当信息采集设备安装完毕认证安装程序后,二者可进行安全的生物特征信息、辅助认证信息和身份认证结果的传输。Before the identity authentication device acquires at least one type of biometric information collected by the information collection device, the information collection device usually first installs a corresponding authentication installation program. Optionally, when a connection is established between the identity authentication device and the information collection device, the identity authentication device automatically initiates an installation request for the authentication installation program of the information collection device. After the information collection device has been installed with the authentication installation program, the two can perform safe biological Transmission of characteristic information, auxiliary authentication information and identity authentication results.
步骤S304、身份认证设备获取所述信息采集设备采集的至少一种生物特征信息。Step S304: The identity authentication device obtains at least one type of biometric information collected by the information collection device.
步骤S305、所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器。Step S305: The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
步骤S306、所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Step S306: The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
由上述方案可知,信息采集设备通过内网连接内部系统,通过USB连接身份认证设备,身份认证设备通过外网连接身份认证服务器,在保证了内网信息安全的情况下,通过外部网络便捷的实现了身份认证,无需用户使用身份证验证的方式进行认证,提高了用户身份认证的效率,在保证身份认证安全、可靠的前提下,简化了认证流程。From the above scheme, it can be seen that the information collection device is connected to the internal system through the intranet, the identity authentication device is connected through the USB, and the identity authentication device is connected to the identity authentication server through the external network, which can be easily realized through the external network while ensuring the security of the internal network information. In order to achieve identity authentication, the user does not need to use ID card verification for authentication, which improves the efficiency of user identity authentication, and simplifies the authentication process on the premise of ensuring the safety and reliability of identity authentication.
图4为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图,给出了一种具体身份认证设备和信息采集设备的连接方式。如图4所示,技术方案具体如下:FIG. 4 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows a specific connection method of the identity authentication device and the information collection device. As shown in Figure 4, the technical solution is as follows:
步骤S401、信息采集设备采集用户的至少一种生物特征信息,所述信息采集设备通过内部网络接入内部系统。Step S401: The information collection device collects at least one type of biometric information of the user, and the information collection device accesses the internal system through the internal network.
步骤S402、身份认证设备发送蓝牙认证请求至所述信息采集设备。Step S402: The identity authentication device sends a Bluetooth authentication request to the information collection device.
步骤S403、所述信息采集设备对所述身份认证设备进行鉴权,如果鉴权通过,则创建和所述身份认证设备的蓝牙配对连接认证。Step S403: The information collection device authenticates the identity authentication device, and if the authentication is passed, it creates a Bluetooth pairing connection authentication with the identity authentication device.
在一个实施例中,信息采集设备与身份认证设备采取蓝牙连接的方式进行信息通信,其中,在建立蓝牙通信连接时,如开始进行蓝牙的配对连接认证之前,信息采集设备对身份认证设备进行鉴权,如果鉴权通过,则创建和所述身份认证设备的蓝牙配对连接认证,由此使得蓝牙网络的安全性提升。如果鉴权不通过,则确定为非法接入设备,信息采集设备不进行蓝牙的配对连接。In one embodiment, the information collection device and the identity authentication device use a Bluetooth connection for information communication, wherein when the Bluetooth communication connection is established, for example, before the Bluetooth pairing connection authentication is started, the information collection device authenticates the identity authentication device. If the authentication is passed, a Bluetooth pairing connection authentication with the identity authentication device is created, thereby improving the security of the Bluetooth network. If the authentication fails, it is determined to be an illegal access device, and the information collection device does not perform Bluetooth pairing connection.
步骤S404、身份认证设备获取所述信息采集设备采集的至少一种生物特征信息。Step S404: The identity authentication device acquires at least one type of biometric information collected by the information collection device.
步骤S405、所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器。Step S405: The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
步骤S406、所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Step S406: The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
由上述方案可知,信息采集设备通过内网连接内部系统,通过蓝牙连接身份认证设备,身份认证设备通过外网连接身份认证服务器,在保证了内网信息安全的情况下,通过外部网络便捷的实现了身份认证,同时保证了蓝牙网络的安全性,提高了用户身份认证的效率,在保证身份认证安全、可靠的前提下,简化了认证流程。It can be seen from the above scheme that the information collection device is connected to the internal system through the intranet, the identity authentication device is connected through Bluetooth, and the identity authentication device is connected to the identity authentication server through the external network. This can be easily realized through the external network while ensuring the security of the internal network information. The identity authentication is ensured while ensuring the security of the Bluetooth network, improving the efficiency of user identity authentication, and simplifying the authentication process on the premise of ensuring the safety and reliability of identity authentication.
图5为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图,给出了一种具体身份认证设备和信息采集设备的设置方式。如图5所示,技术方案具体如下:Fig. 5 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows a specific setting method of identity authentication equipment and information collection equipment. As shown in Figure 5, the technical solution is as follows:
步骤S501、通过信息采集设备集成的活体人脸采集摄像装置采集用户的人脸图像信息,所述活体人脸采集摄像装置和身份认证设备连接。Step S501: Collect the user's face image information through the living body face collection and camera device integrated with the information collection device, and the living body face collection and camera device is connected to the identity authentication device.
在一个实施例中,生物特征信息为用户的人脸图像信息,该人脸图像信息由活体人脸采集摄像装置采集,该活体人脸采集摄像装置集成安装在信息采集设备中,活体人脸采集摄像装置和身份认证设备连接,即该身份认证设备分别和活体人脸采集摄像装置的摄像头以及信息采集设备的处理单元相连。In one embodiment, the biometric information is the user's face image information, and the face image information is collected by a living body face collection and camera device, which is integrated in the information collection device, and the living body face collection The camera device is connected with the identity authentication device, that is, the identity authentication device is respectively connected with the camera of the living body face collection camera and the processing unit of the information collection device.
步骤S502、身份认证设备获取所述活体人脸采集摄像装置采集的用户的人脸图像信息。Step S502: The identity authentication device obtains the user's face image information collected by the living body face collecting and camera device.
在一个实施例中,身份认证设备集成安装在活体人脸采集摄像装置内部,身份认证设备和活体人脸采集摄像装置组合为一个独立设备,身份认证设备优先获取到活体人脸采集摄像装置拍摄的人脸图像,在获取到人脸图像后可发送至身份认证服务器进行认证。在另一个实施例中,身份认证设备并不集成安装在活体人脸采集摄像装置内部,其以外部连接的方式与活体人脸采集摄像装置进行连接,获取活体人脸采集摄像装置拍摄的人脸图像。In one embodiment, the identity authentication device is integrated and installed inside the living body face acquisition camera device, the identity authentication device and the living body face acquisition camera device are combined into an independent device, and the identity authentication device preferentially obtains the images taken by the living body face acquisition camera device. The face image can be sent to the identity authentication server for authentication after obtaining the face image. In another embodiment, the identity authentication device is not integratedly installed inside the living body face acquisition camera device, and it is connected to the living body face acquisition camera device in an external connection manner to obtain the face captured by the living body face acquisition camera device image.
步骤S503、所述身份认证设备发送所述人脸图像信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器。Step S503: The identity authentication device sends the face image information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
在一个实施例中,身份认证设备在获取到人脸图像信息后,对人脸图像信息进行特征提取得到人脸图像特征,将所述人脸图像特征发送至所述身份认证服务器,以减轻数据传输压力以及身份认证服务器的比对处理时间。在另一个实施例中,还可以是将人脸图像信息中的原始人脸图像发送至身份认证服务器以进行识别认证。In one embodiment, after acquiring the facial image information, the identity authentication device performs feature extraction on the facial image information to obtain facial image characteristics, and sends the facial image characteristics to the identity authentication server to reduce data Transmission pressure and comparison processing time of the identity authentication server. In another embodiment, the original face image in the face image information may also be sent to the identity authentication server for identification and authentication.
步骤S504、所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Step S504: The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
由上述方案可知,信息采集设备通过内网连接内部系统以执行特定场景下的特殊功能,通过集成的活体人脸采集摄像装置采集人脸图像信息并通过和活体人脸采集摄像装置连接的身份认证设备发送至身份认证服务器,身份认证设备通过外网连接该身份认证服务器,在保证了内网信息安全的情况下,通过外部网络便捷的实现了身份认证,提高了用户身份认证的效率,在保证身份认证安全、可靠的前提下,简化了认证流程。From the above scheme, it can be seen that the information collection equipment is connected to the internal system through the intranet to perform special functions in specific scenarios, and the integrated live face capture camera device collects face image information and passes the identity authentication connected to the live face capture camera device. The device is sent to the identity authentication server, and the identity authentication device is connected to the identity authentication server through the external network. While ensuring the security of the internal network information, the identity authentication is conveniently realized through the external network, which improves the efficiency of user identity authentication and ensures On the premise that identity authentication is safe and reliable, the authentication process is simplified.
图6为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图,给出了另一种身份认证方法的流程。如图6所示,技术方案具体如下:Fig. 6 is a flowchart of another external network identity authentication method based on internal network connection provided by an embodiment of the present invention, and shows the flow of another identity authentication method. As shown in Figure 6, the technical solution is as follows:
步骤S601、通过信息采集设备集成的活体人脸采集摄像装置采集用户的人脸图像信息,所述活体人脸采集摄像装置和身份认证设备连接。Step S601: Collect the user's face image information through the living body face collection and camera device integrated with the information collection device, and the living body face collection and camera device is connected to the identity authentication device.
步骤S602、身份认证设备获取所述活体人脸采集摄像装置采集的用户的人脸图像信息,对所述人脸图像信息进行活体检测。Step S602: The identity authentication device acquires the user's face image information collected by the living body face collecting and camera device, and performs living body detection on the face image information.
在一个实施例中,身份认证设备具备活体检测功能,即对获取到的人脸图像信息进行活体检测验证。In one embodiment, the identity authentication device has a live body detection function, that is, performs live body detection and verification on the acquired facial image information.
步骤S603、如果确定为活体人脸图像,则发送所述人脸图像信息至所述身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器。Step S603: If it is determined that it is a living body face image, send the face image information to the identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
在一个实施例中,当确定出人脸图像信息对应的是活体用户时,发送所述人脸图像信息至身份认证服务器进行身份认证。In one embodiment, when it is determined that the face image information corresponds to a living user, the face image information is sent to the identity authentication server for identity authentication.
步骤S604、身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Step S604: The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
由上述方案可知,信息采集设备通过内网连接内部系统以执行特定场景下的特殊功能,通过集成的活体人脸采集摄像装置采集人脸图像信息并通过和活体人脸采集摄像装置连接的身份认证设备进行活体检测后,将确定为活体用户的人脸图像信息发送至身份认证服务器进行认证,以进一步优化身份认证过程,其中,身份认证设备通过外网连接该身份认证服务器,在保证了内网信息安全的情况下,通过外部网络便捷的实现了身份认证,提高了用户身份认证的效率,在保证身份认证安全、可靠的前提下,简化了认证流程。From the above scheme, it can be seen that the information collection equipment is connected to the internal system through the intranet to perform special functions in specific scenarios, and the integrated live face capture camera device collects face image information and passes the identity authentication connected to the live face capture camera device. After the device performs the live detection, it sends the face image information determined to be a living user to the identity authentication server for authentication to further optimize the identity authentication process. Among them, the identity authentication device connects to the identity authentication server through the external network, ensuring the internal network In the case of information security, identity authentication is conveniently realized through the external network, which improves the efficiency of user identity authentication, and simplifies the authentication process while ensuring the safety and reliability of identity authentication.
在上述技术方案的基础上,在所述身份认证设备获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息之后,还包括:所述身份认证设备获取所述活体人脸采集摄像装置拍摄的视频数据,对所述视频数据进行记录保存。在一个实施例中,该身份认证设备具备视频保存功能,以对获取到的摄像头拍摄的内容进行保存。相应的,在对所述视频数据进行记录保存之后,还包括:所述身份认证设备转出所述视频数据至所述信息采集设备。即身份认证设备还包括视频转出功能,以将保存的视频数据转出至信息采集设备。由上述可知,身份认证设备进一步集成有视频记录、音频记录、转出功能,对身份的识别认证以及后续信息查询进行了完善,优化了身份认证过程。On the basis of the above technical solution, after the identity authentication device obtains the user's face image information collected by the camera of the living body face collection camera, the method further includes: the identity authentication device obtains the living body face collection camera The video data shot by the device is recorded and saved. In one embodiment, the identity authentication device has a video saving function to save the acquired content captured by the camera. Correspondingly, after the video data is recorded and saved, the method further includes: the identity authentication device transfers the video data to the information collection device. That is, the identity authentication device also includes a video transfer function to transfer the saved video data to the information collection device. It can be seen from the above that the identity authentication device is further integrated with video recording, audio recording, and transfer-out functions, which improves the identity recognition and subsequent information query, and optimizes the identity authentication process.
在上述技术方案的基础上,在所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器时,还包括:发送所述身份认证设备或所述信息采集设备的设备标识至所述身份认证服务器,用于所述身份认证服务器根据所述设备标识以及所述生物特征信息进行身份认证比对生成认证信息。在一个实施例中,身份认证服务器根据身份认证设备或信息采集设备的标识以确定当前需要进行身份认证的用户所在的位置区域范围,获取该区域范围内对应所有用户的认证信息和接收到的生物特征信息进行验证比对,以减少比对数据量,显著的提高了身份认证效率。示例性的,身份认证服务器对每个注册用户的位置轨迹进行实时更新,当接收到身份认证设备发送的生物特征信息后,依据该信息采集设备标识确定当前需要进行身份认证的区域,其中每个设备标识对应一固定位置区域,在确定身份认证用户所在的位置区域后,相应确定实时追踪的该区域的所有用户,调取用户保存的合法认证信息,将生物特征信息和保存的多个认证信息逐一进行比对。On the basis of the above technical solution, when the identity authentication device sends the at least one kind of biometric information to the identity authentication server, the method further includes: sending the identity authentication device or the device identification of the information collection device to the identity authentication server The identity authentication server is used for the identity authentication server to perform identity authentication comparison according to the device identifier and the biometric information to generate authentication information. In one embodiment, the identity authentication server determines the location area range of the user who currently needs to be authenticated according to the identity of the identity authentication device or the information collection device, and obtains the authentication information and the received biological information corresponding to all users in the area. The characteristic information is verified and compared to reduce the amount of compared data and significantly improve the efficiency of identity authentication. Exemplarily, the identity authentication server updates the location trajectory of each registered user in real time. After receiving the biometric information sent by the identity authentication device, it determines the area that currently needs to be authenticated according to the identity of the information collection device. The device identification corresponds to a fixed location area. After determining the location area of the identity authentication user, all users in the area that are tracked in real time are determined accordingly, the legal authentication information saved by the user is retrieved, and the biometric information and multiple stored authentication information Compare them one by one.
在另一个实施例中,在所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器时,还包括:发送所述身份认证设备或所述信息采集设备的位置信息至所述身份认证服务器,用于所述身份认证服务器根据所述位置信息以及所述生物特征信息进行身份认证比对生成认证信息。在该实施例中,身份认证设备或信息采集设备的位置可随机变化,此时,在进行身份认证过程中,实时获取身份认证设备或信息采集设备的位置,如获取对应的GPS数据,根据获取的位置确定关联的预设区域,在位置区域确定后,相应确定实时追踪的该区域的所有用户,调取用户保存的合法认证信息,将生物特征信息和保存的多个认证信息逐一进行比对。在另一个实施例中,身份认证设备发送至少一种生物特征信息至身份认证服务器时,还包括:发送辅助认证信息至所述身份认证服务器,该辅助信息包括姓名、身份证号码、用户账号、手机号码等,以实现对用户身份的辅助验证,进而提高验证准确性以及验证效率。In another embodiment, when the identity authentication device sends the at least one kind of biometric information to the identity authentication server, the method further includes: sending location information of the identity authentication device or the information collection device to the identity The authentication server is used for the identity authentication server to perform identity authentication comparison based on the location information and the biometric information to generate authentication information. In this embodiment, the location of the identity authentication device or the information collection device can be randomly changed. At this time, during the identity authentication process, the location of the identity authentication device or the information collection device is acquired in real time, such as acquiring the corresponding GPS data, according to the acquisition Determine the associated preset area. After the location area is determined, all users in the area that are tracked in real time are determined accordingly, the legal authentication information saved by the user is retrieved, and the biometric information and multiple stored authentication information are compared one by one . In another embodiment, when the identity authentication device sends at least one kind of biometric information to the identity authentication server, it further includes: sending auxiliary authentication information to the identity authentication server, the auxiliary information including name, ID number, user account, Mobile phone number, etc., to achieve auxiliary verification of user identity, thereby improving verification accuracy and verification efficiency.
图7为本发明实施例提供的另一种基于内网连接的外网身份认证方法的流程图,图8为本发明实施例图7提供的流程图对应的序列图。如图7和图8所示,技术方案具体如下:FIG. 7 is a flowchart of another external network identity authentication method based on an internal network connection provided by an embodiment of the present invention, and FIG. 8 is a sequence diagram corresponding to the flowchart provided in FIG. 7 according to an embodiment of the present invention. As shown in Figure 7 and Figure 8, the technical solutions are as follows:
步骤S701、建立信息采集设备与身份认证设备的通信连接。Step S701: Establish a communication connection between the information collection device and the identity authentication device.
步骤S702、信息采集设备采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统。Step S702: The information collection device collects the biometric information of the user, and the information collection device accesses the internal system through the internal network.
步骤S703、身份认证设备获取所述信息采集设备采集的至少一种生物特征信息。Step S703: The identity authentication device acquires at least one type of biometric information collected by the information collection device.
步骤S704、所述身份认证设备在本地查找是否有对应所述生物特征信息的认证结果,如果是,则认证成功,如果否,则执行步骤S705。Step S704: The identity authentication device searches locally whether there is an authentication result corresponding to the biometric information, if it is, then the authentication is successful, if not, then step S705 is executed.
在一个实施例中,可在本地存储预设时间(如7天或30天等)的认证结果,可在本地存储若干(如保留3000个记录)的认证结果,当进行身份认证时,可先在本地查询是否保存有对应的认证结果,如果存在,则认证成功,如果不存在,则执行步骤S705。In one embodiment, the authentication results for a preset time (such as 7 days or 30 days, etc.) can be stored locally, and several (such as keeping 3000 records) of authentication results can be stored locally. When performing identity authentication, you can first It is queried locally whether there is a corresponding authentication result, if it exists, the authentication is successful, and if it does not exist, step S705 is executed.
步骤S705、所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过 外部网络接入所述身份认证服务器。Step S705: The identity authentication device sends the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication server through an external network.
步骤S706、所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Step S706: The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
步骤S707、身份认证设备将该认证结果发送回信息采集设备,通过信息采集设备集成的显示屏进行显示。Step S707: The identity authentication device sends the authentication result back to the information collection device, and displays it on the display screen integrated with the information collection device.
步骤S708、在预设时长内,将所述认证结果保存在所述身份认证设备和/或所述信息采集设备采集本地。Step S708: Save the authentication result in the identity authentication device and/or the information collection device locally within a preset time period.
在一个实施例中,当身份认证设备生成认证结果后,可相应的对该认证结果进行保存,以用于后续身份认证。In one embodiment, after the identity authentication device generates an authentication result, the authentication result can be saved accordingly for subsequent identity authentication.
由上述可知,通过本地保存认证结果的方式,避免短时间内多次认证查询带来的效率较低的问题,同时简化了认证流程,节约了身份认证时间。It can be seen from the above that by storing the authentication result locally, the problem of low efficiency caused by multiple authentication queries in a short period of time is avoided, and the authentication process is simplified, and the identity authentication time is saved.
图9为本发明实施例提供的一种基于内网连接的外网身份认证系统的结构示意图。如图9所示,系统包括:FIG. 9 is a schematic structural diagram of an external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 9, the system includes:
信息采集设备901,用于采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统;An information collection device 901 is used to collect biometric information of a user, and the information collection device is connected to an internal system through an internal network;
在一个实施例中,信息采集设备901集成有一种或多种生物特征采集装置,示例性的,如图9所示,其包含摄像装置9011、指纹采集装置9012、声纹采集装置9013和掌静脉采集装置9014等。In one embodiment, the information collection device 901 is integrated with one or more biological feature collection devices. Illustratively, as shown in FIG. 9, it includes a camera 9011, a fingerprint collection device 9012, a voiceprint collection device 9013, and palm veins. Collection device 9014 and so on.
身份认证设备902,用于获取所述信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器;The identity authentication device 902 is configured to obtain at least one kind of biometric information collected by the information collection device, and send the at least one kind of biometric information to an identity authentication server, and the identity authentication device accesses the identity through an external network Authentication server
所述身份认证服务器903,用于接收所述身份认证设备发送的生物特征信息,并根据所述生物特征信息生成认证信息,将所述认证信息发送至所述身份认证设备;The identity authentication server 903 is configured to receive the biometric information sent by the identity authentication device, generate authentication information according to the biometric information, and send the authentication information to the identity authentication device;
所述身份认证设备902,还用于接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。The identity authentication device 902 is further configured to receive authentication information sent by the identity authentication server, and generate an authentication result according to the authentication information.
本方案中,通过信息采集设备采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统;身份认证设备获取所述信息采集设备采集的至少一种生物特征信息;所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器;所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。由此,提高了用户身份认证的效率,在保证身份认证安全、可靠的前提下,简化了认证流程。In this solution, the user’s biometric information is collected through an information collection device, which accesses the internal system through an internal network; the identity authentication device obtains at least one type of biometric information collected by the information collection device; the identity authentication The device sends the at least one kind of biometric information to the identity authentication server, and the identity authentication device accesses the identity authentication server through an external network; the identity authentication device receives the authentication information sent by the identity authentication server, and according to the The authentication information generates an authentication result. As a result, the efficiency of user identity authentication is improved, and the authentication process is simplified on the premise of ensuring the safety and reliability of identity authentication.
可选的,如图10所示,图10为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图,所述身份认证设备902集成安装在所述信息采集设备中901。Optionally, as shown in FIG. 10, FIG. 10 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. The identity authentication device 902 is integrated and installed in the information collection 901 in the equipment.
可选的,如图11所示,图11为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图,所述内部系统包含有多个所述信息采集设备901,所述身份认证设备902集成安装在多个所述信息采集设备901中的任意一个,所述多个信息采集设备901之间通过所述内部网络进行通信,所述信息采集设备901还用于:Optionally, as shown in FIG. 11, FIG. 11 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention, and the internal system includes a plurality of the information collection devices 901, the identity authentication device 902 is integrated and installed in any one of the multiple information collection devices 901, the multiple information collection devices 901 communicate through the internal network, and the information collection device 901 also uses At:
接收其他信息采集设备901发送的生物特征信息;Receiving biometric information sent by other information collection equipment 901;
所述身份认证设备902还用于:获取所述其他信息采集设备901采集的生物特征信息。在另一个实施例中,如图12所示,图12为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图,该身份认证设备902置于信息采集设备901之外。The identity authentication device 902 is also used to obtain the biometric information collected by the other information collection device 901. In another embodiment, as shown in FIG. 12, FIG. 12 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. The identity authentication device 902 is placed in the information collection device 901 outside.
可选的,图13为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图,如图13所示,所述身份认证设备902和所述信息采集901设备通过USB数据线连接。Optionally, FIG. 13 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 13, the identity authentication device 902 and the information collection 901 device Connect via USB data cable.
可选的,所述身份认证设备902还用于:在获取所述信息采集设备901采集的生物特征信息之前,建立和所述信息采集设备901的USB通信连接;Optionally, the identity authentication device 902 is further configured to: before acquiring the biometric information collected by the information collection device 901, establish a USB communication connection with the information collection device 901;
发送认证安装程序至所述信息采集设备901,以用于所述信息采集设备901安装所述认证安装程序。Send the authentication installation program to the information collection device 901 for the information collection device 901 to install the authentication installation program.
可选的,图14为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图,如图14所示,所述身份认证设备902和所述信息采集901设备通过蓝牙连接。Optionally, FIG. 14 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 14, the identity authentication device 902 and the information collection 901 device Connect via Bluetooth.
可选的,所述身份认证设备902还用于:在获取所述信息采集设备901采集的生物特征信息之前,发送蓝牙认证请求至所述信息采集设备901;Optionally, the identity authentication device 902 is further configured to: send a Bluetooth authentication request to the information collection device 901 before acquiring the biometric information collected by the information collection device 901;
所述信息采集设备901还用于:对所述身份认证设备902进行鉴权,如果鉴权通过,则创建和所述身份认证设备的蓝牙配对认证。The information collection device 901 is also used to: authenticate the identity authentication device 902, and if the authentication is passed, create Bluetooth pairing authentication with the identity authentication device.
可选的,所述信息采集设备901具体用于:Optionally, the information collection device 901 is specifically configured to:
通过信息采集设备集成的活体人脸采集摄像装置采集用户的人脸图像信息。The user's face image information is collected by the living body face collection camera device integrated with the information collection equipment.
可选的,图15为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图,如图15所示,所述身份认证设备902集成安装在所述活体人脸采集摄像装置内部,相应的,所述身份认证设备902具体用于:Optionally, FIG. 15 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 15, the identity authentication device 902 is integrated and installed on the living person. Inside the face collection camera device, correspondingly, the identity authentication device 902 is specifically used for:
获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息。Obtain the user's face image information collected by the camera of the living body face collection camera device.
可选的,图16为本发明实施例体提供的另一种基于内网连接的外网身份认证系统的结构示意图,如图16所示,所述身份认证设备902和活体人脸采集摄像装置外部连接,相应的,所述身份认证设备902具体用于:Optionally, FIG. 16 is a schematic structural diagram of another external network identity authentication system based on an internal network connection provided by an embodiment of the present invention. As shown in Figure 16, the identity authentication device 902 and the living body face collection and camera device External connection, correspondingly, the identity authentication device 902 is specifically used for:
获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息。Obtain the user's face image information collected by the camera of the living body face collection camera device.
可选的,所述身份认证设备902还用于:Optionally, the identity authentication device 902 is further configured to:
在所述身份认证设备902获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息之后,对所述人脸图像信息进行活体检测;After the identity authentication device 902 acquires the user's face image information collected by the camera of the living body face collection camera device, perform living body detection on the face image information;
如果确定为活体人脸图像,则发送所述人脸图像信息至所述身份认证服务器903。If it is determined to be a living body face image, the face image information is sent to the identity authentication server 903.
可选的,所述身份认证设备902具体用于:Optionally, the identity authentication device 902 is specifically configured to:
对所述人脸图像信息进行特征提取得到人脸图像特征,将所述人脸图像特征发送至所述身份认证服务器903;和/或Perform feature extraction on the facial image information to obtain facial image characteristics, and send the facial image characteristics to the identity authentication server 903; and/or
将所述人脸图像信息中的原始人脸图像发送至所述身份认证服务器。The original face image in the face image information is sent to the identity authentication server.
可选的,所述身份认证设备902还用于:在所述身份认证设备902获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息之后,获取所述活体人脸采集摄像装置拍摄的视频数据,对所述视频数据进行记录保存。Optionally, the identity authentication device 902 is further configured to: after the identity authentication device 902 obtains the user's face image information collected by the camera of the living body face collection camera device, obtain the living body face collection camera device The captured video data is recorded and saved.
可选的,所述身份认证设备902还用于:在对所述视频数据进行记录保存之后,转出所述视频数据至所述信息采集设备901。Optionally, the identity authentication device 902 is further configured to transfer the video data to the information collection device 901 after recording and saving the video data.
可选的,所述身份认证设备902还用于:在所述身份认证设备902发送所述至少一种生物特征信息至身份认证服务器903时,发送所述身份认证设备902或所述信息采集设备901的设备标识至所述身份认证服务器903,用于所述身份认证服务器903根据所述设备标识以及所述生物特征信息进行身份认证比对生成认证信息。Optionally, the identity authentication device 902 is further configured to send the identity authentication device 902 or the information collection device when the identity authentication device 902 sends the at least one type of biometric information to the identity authentication server 903 The device identification of 901 is sent to the identity authentication server 903 for the identity authentication server 903 to perform identity authentication comparison and generate authentication information according to the device identity and the biometric information.
可选的,所述身份认证设备902还用于:在所述身份认证设备902发送所述至少一种生物特征信息至身份认证服务器903时,发送辅助认证信息至所述身份认证服务器903,所述辅助认证信息包括姓名、身份证号码、用户账号、手机号码和位置信息中的一项或多项;所述身份认证服务器903根据所述生物特征信息以及所述辅助认证信息进行身份认证比对生成认证信息。Optionally, the identity authentication device 902 is further configured to send auxiliary authentication information to the identity authentication server 903 when the identity authentication device 902 sends the at least one kind of biometric information to the identity authentication server 903, so The auxiliary authentication information includes one or more of name, ID number, user account, mobile phone number, and location information; the identity authentication server 903 performs identity authentication comparison based on the biometric information and the auxiliary authentication information Generate authentication information.
可选的,所述身份认证设备902还用于:在根据所述认证信息生成认证结果之后,在预设时长内,将所述认证结果保存在所述身份认证设备和/或所述信息采集设备采集本地;Optionally, the identity authentication device 902 is further configured to: after generating an authentication result according to the authentication information, save the authentication result in the identity authentication device and/or the information collection within a preset period of time Local collection of equipment;
所述身份认证设备902在本地查找是否有对应所述生物特征信息的认证结果,如果不存在,则发送所述至少一种生物特征信息至身份认证服务器903。The identity authentication device 902 searches locally whether there is an authentication result corresponding to the biometric information, and if it does not exist, sends the at least one kind of biometric information to the identity authentication server 903.
图17为本发明实施例提供的一种身份认证设备的结构示意图,如图17所示,该设备包括处理器201、存储器202、通信模块203、设备接口204;其中,处理器201的数量可以是一个或多个,图17中以一个处理器201为例;设备中的处理器201、存储器202、通信模块203、设备接口204可以通过总线或其他方式连接,图17中以通过总线连接为例。FIG. 17 is a schematic structural diagram of an identity authentication device provided by an embodiment of the present invention. As shown in FIG. 17, the device includes a processor 201, a memory 202, a communication module 203, and a device interface 204; wherein the number of processors 201 can be There are one or more. One processor 201 is taken as an example in FIG. 17; the processor 201, memory 202, communication module 203, and device interface 204 in the device can be connected by a bus or other means. example.
存储器202作为一种计算机可读存储介质,可用于存储软件程序、计算机可执行程序以及模块,如本发明实施例中的基于内网连接的外网身份认证方法对应的程序指令/模块。处理器201通过运行存储在存储器202中的软件程序、指令以及模块,从而执行设备的各种功能应用以及数据处理,即实现上述的基于内网连接的外网身份认证方法。As a computer-readable storage medium, the memory 202 can be used to store software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the method for identity authentication based on an external network connection based on an internal network in an embodiment of the present invention. The processor 201 executes various functional applications and data processing of the device by running the software programs, instructions, and modules stored in the memory 202, that is, realizes the above-mentioned external network identity authentication method based on the internal network connection.
存储器202可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端的使用所创建的数据等。此外,存储器202可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他非易失性固态存储器件。在一些实例中,存储器202可进一步包括相对于处理器201远程设置的存储器,这些远程存储器可以通过网络 连接至设备。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The memory 202 may mainly include a program storage area and a data storage area. The program storage area may store an operating system and an application program required by at least one function; the data storage area may store data created according to the use of the terminal, and the like. In addition, the memory 202 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other non-volatile solid-state storage devices. In some examples, the memory 202 may further include a memory remotely provided with respect to the processor 201, and these remote memories may be connected to the device through a network. Examples of the aforementioned networks include, but are not limited to, the Internet, corporate intranets, local area networks, mobile communication networks, and combinations thereof.
通信模块203可实现与身份认证服务器的通信连接。The communication module 203 can realize the communication connection with the identity authentication server.
设备接口204可实现与信息采集设备的数据通信。The device interface 204 can implement data communication with the information collection device.
本发明实施例还提供一种包含计算机可执行指令的存储介质,所述计算机可执行指令在由计算机处理器执行时用于执行一种基于内网连接的外网身份认证方法,该方法包括:The embodiment of the present invention also provides a storage medium containing computer-executable instructions, when the computer-executable instructions are executed by a computer processor, are used to execute an external network identity authentication method based on an internal network connection, and the method includes:
获取信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器,所述信息采集设备通过内部网络接入内部系统;Acquire at least one type of biometric information collected by an information collection device, and send the at least one type of biometric information to an identity authentication server. The identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Receiving the authentication information sent by the identity authentication server, and generating an authentication result according to the authentication information.
通过以上关于实施方式的描述,所属领域的技术人员可以清楚地了解到,本发明实施例可借助软件及必需的通用硬件来实现,当然也可以通过硬件实现,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明实施例的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如计算机的软盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、闪存(FLASH)、硬盘或光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明实施例各个实施例所述的方法。Through the above description of the embodiments, those skilled in the art can clearly understand that the embodiments of the present invention can be implemented by software and necessary general-purpose hardware. Of course, it can also be implemented by hardware, but the former is better in many cases. Implementation mode. Based on this understanding, the technical solutions of the embodiments of the present invention can be embodied in the form of software products, which can be stored in a computer-readable storage medium, such as a computer. Floppy disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), flash memory (FLASH), hard disk or optical disk, etc., including several instructions to make a computer device (which can be A personal computer, a server, or a network device, etc.) execute the methods described in the various embodiments of the embodiments of the present invention.
值得注意的是,上述基于内网连接的外网身份认证装置的实施例中,所包括的各个单元和模块只是按照功能逻辑进行划分的,但并不局限于上述的划分,只要能够实现相应的功能即可;另外,各功能单元的具体名称也只是为了便于相互区分,并不用于限制本发明实施例的保护范围。It is worth noting that, in the above embodiment of the external network identity authentication device based on the internal network connection, the various units and modules included are only divided according to the functional logic, but are not limited to the above division, as long as the corresponding The function is sufficient; in addition, the specific name of each functional unit is only for the convenience of distinguishing each other, and is not used to limit the protection scope of the embodiment of the present invention.
注意,上述仅为本发明实施例的较佳实施例及所运用技术原理。本领域技术人员会理解,本发明实施例不限于这里所述的特定实施例,对本领域技术人员来说能够进行各种明显的变化、重新调整和替代而不会脱离本发明实施例的保护范围。因此,虽然通过以上实施例对本发明实施例进行了较为详细的说明,但是本发明实施例不仅仅限于以上实施例,在不脱离本发明实施例构思的情况下,还可以包括更多其他等效实施例,而本发明实施例的范围由所附的权利要求范围决定。Note that the above are only preferred embodiments of the embodiments of the present invention and applied technical principles. Those skilled in the art will understand that the embodiments of the present invention are not limited to the specific embodiments described herein, and various obvious changes, readjustments and substitutions can be made to those skilled in the art without departing from the protection scope of the embodiments of the present invention. . Therefore, although the embodiments of the present invention have been described in more detail through the above embodiments, the embodiments of the present invention are not limited to the above embodiments. Without departing from the concept of the embodiments of the present invention, more other equivalents may be included. Embodiments, and the scope of the embodiments of the present invention is determined by the scope of the appended claims.

Claims (22)

  1. 基于内网连接的外网身份认证方法,其特征在于,包括:The external network identity authentication method based on internal network connection is characterized in that it includes:
    信息采集设备采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统;The information collection device collects the user's biometric information, and the information collection device accesses the internal system through the internal network;
    身份认证设备获取所述信息采集设备采集的至少一种生物特征信息;The identity authentication device acquires at least one type of biometric information collected by the information collection device;
    所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器;Sending the at least one kind of biometric information to an identity authentication server by the identity authentication device, and the identity authentication device accesses the identity authentication server through an external network;
    所述身份认证设备接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。The identity authentication device receives the authentication information sent by the identity authentication server, and generates an authentication result according to the authentication information.
  2. 根据权利要求1所述的基于内网连接的外网身份认证方法,其特征在于,所述身份认证设备集成安装在所述信息采集设备中。The external network identity authentication method based on the internal network connection according to claim 1, wherein the identity authentication device is integratedly installed in the information collection device.
  3. 根据权利要求2所述的基于内网连接的外网身份认证方法,其特征在于,所述内部系统包含有多个所述信息采集设备,所述身份认证设备集成安装在多个所述信息采集设备中的至少一个,所述多个信息采集设备之间通过所述内部网络进行通信,所述基于内网连接的外网身份认证方法,还包括:The external network identity authentication method based on intranet connection according to claim 2, wherein the internal system includes a plurality of the information collection devices, and the identity authentication device is integrated and installed in the plurality of information collection devices. At least one of the devices, the multiple information collection devices communicate through the internal network, and the external network identity authentication method based on the internal network connection further includes:
    在所述内部系统中,集成安装有所述身份认证设备的信息采集设备,接收其他信息采集设备发送的生物特征信息,所述信息采集设备中,至少包含一种生物特征信息采集装置;In the internal system, an information collection device equipped with the identity authentication device is integrated to receive biometric information sent by other information collection devices, and the information collection device includes at least one biometric information collection device;
    所述身份认证设备获取所述其他信息采集设备采集的至少一种生物特征信息。The identity authentication device acquires at least one type of biometric information collected by the other information collection device.
  4. 根据权利要求1所述的基于内网连接的外网身份认证方法,其特征在于,所述身份认证设备和所述信息采集设备通过USB数据线连接。The external network identity authentication method based on internal network connection according to claim 1, wherein the identity authentication device and the information collection device are connected through a USB data cable.
  5. 根据权利要求3所述的基于内网连接的外网身份认证方法,其特征在于,在身份认证设备获取所述信息采集设备采集的至少一种生物特征信息之前,还包括:The external network identity authentication method based on internal network connection according to claim 3, characterized in that, before the identity authentication device obtains at least one kind of biometric information collected by the information collection device, the method further comprises:
    建立所述信息采集设备和所述身份认证设备的USB通信连接。Establish a USB communication connection between the information collection device and the identity authentication device.
  6. 根据权利要求1所述的基于内网连接的外网身份认证方法,其特征在于,所述身份认证设备和所述信息采集设备通过蓝牙连接。The external network identity authentication method based on internal network connection according to claim 1, wherein the identity authentication device and the information collection device are connected via Bluetooth.
  7. 根据权利要求6所述的基于内网连接的外网身份认证方法,其特征在于,在身份认证设备获取所述信息采集设备采集的至少一种生物特征信息之前,还包括:The external network identity authentication method based on intranet connection according to claim 6, characterized in that, before the identity authentication device obtains at least one kind of biometric information collected by the information collection device, the method further comprises:
    身份认证设备发送蓝牙认证请求至所述信息采集设备;The identity authentication device sends a Bluetooth authentication request to the information collection device;
    所述信息采集设备对所述身份认证设备进行鉴权,如果鉴权通过,则创建和所述身份认证设备的蓝牙配对连接认证。The information collection device authenticates the identity authentication device, and if the authentication passes, creates a Bluetooth pairing connection authentication with the identity authentication device.
  8. 根据权利要求1所述的基于内网连接的外网身份认证方法,其特征在于,所述信息采集设备采集用户的生物特征信息,包括:The external network identity authentication method based on internal network connection according to claim 1, wherein the information collection device collecting user's biometric information includes:
    通过信息采集设备集成的活体人脸采集摄像装置采集用户的人脸图像信息。The user's face image information is collected by the living body face collection camera device integrated with the information collection equipment.
  9. 根据权利要求8所述的基于内网连接的外网身份认证方法,其特征在于,所述身份认证设备和所述活体人脸采集摄像装置连接,相应的,所述身份认证设备获取所述信息采集设备采集的至少一种生物特征信息,包括:The external network identity authentication method based on intranet connection according to claim 8, wherein the identity authentication device is connected to the living body face collection and camera device, and correspondingly, the identity authentication device obtains the information At least one type of biometric information collected by the collection device includes:
    所述身份认证设备获取所述活体人脸采集摄像装置摄像头采集的用户的符合规范的活体人脸图像信息。The identity authentication device acquires the standard-compliant living face image information of the user collected by the camera of the living face collection camera.
  10. 根据权利要求8所述的基于内网连接的外网身份认证方法,其特征在于,所述身份认证设备和所述活体人脸采集摄像装置组合为一个独立设备进行集成安装。The external network identity authentication method based on the internal network connection according to claim 8, wherein the identity authentication device and the living body face acquisition camera device are combined into a single device for integrated installation.
  11. 根据权利要求9所述的基于内网连接的外网身份认证方法,其特征在于,在所述身份认证设备获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息之后,还包括:The external network identity authentication method based on intranet connection according to claim 9, characterized in that, after the identity authentication device obtains the user's face image information collected by the camera of the living body face collection camera, the method further comprises: :
    对所述人脸图像信息进行活体检测;Performing live body detection on the face image information;
    相应的,所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,包括:Correspondingly, sending the at least one kind of biometric information to the identity authentication server by the identity authentication device includes:
    如果确定为活体人脸图像,则发送所述人脸图像信息至所述身份认证服务器。If it is determined to be a living body face image, sending the face image information to the identity authentication server.
  12. 根据权利要求11所述的基于内网连接的外网身份认证方法,其特征在于,所述发送所述人脸图像信息至所述身份认证服务器,包括:The external network identity authentication method based on internal network connection according to claim 11, wherein said sending said facial image information to said identity authentication server comprises:
    对所述人脸图像信息进行特征提取得到人脸图像特征,将所述人脸图像特征发送至所述身份认证服务器;和/或Perform feature extraction on the facial image information to obtain facial image characteristics, and send the facial image characteristics to the identity authentication server; and/or
    将所述人脸图像信息中的原始人脸图像发送至所述身份认证服务器。The original face image in the face image information is sent to the identity authentication server.
  13. 根据权利要求9所述的基于内网连接的外网身份认证方法,其特征在于,在所述身份认证设备获取所述活体人脸采集摄像装置摄像头采集的用户的人脸图像信息之后,还包括:The external network identity authentication method based on intranet connection according to claim 9, characterized in that, after the identity authentication device obtains the user's face image information collected by the camera of the living body face collection camera, the method further comprises: :
    所述身份认证设备获取所述活体人脸采集摄像装置拍摄的视频数据,对所述视频数据进行记录保存。The identity authentication device obtains the video data shot by the living body face collection and camera device, and records and saves the video data.
  14. 根据权利要求13所述的基于内网连接的外网身份认证方法,其特征在于,在对所述视频数据进行记录保存之后,还包括:The external network identity authentication method based on internal network connection according to claim 13, characterized in that, after recording and saving the video data, the method further comprises:
    所述身份认证设备转出所述视频数据至所述信息采集设备。The identity authentication device transfers the video data to the information collection device.
  15. 根据权利要求1-14中任一项所述的方法,其特征在于,在所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器时,还包括:The method according to any one of claims 1-14, wherein when the identity authentication device sends the at least one kind of biometric information to an identity authentication server, the method further comprises:
    发送所述身份认证设备或所述信息采集设备的设备标识至所述身份认证服务器,用于所述身份认证服务器根据所述设备标识以及所述生物特征信息进行身份认证比对生成认证信息。The device identifier of the identity authentication device or the information collection device is sent to the identity authentication server for the identity authentication server to perform identity authentication comparison based on the device identity and the biometric information to generate authentication information.
  16. 根据权利要求1-14中任一项所述的方法,其特征在于,在所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器时,还包括:The method according to any one of claims 1-14, wherein when the identity authentication device sends the at least one kind of biometric information to an identity authentication server, the method further comprises:
    发送辅助认证信息至所述身份认证服务器,所述辅助认证信息包括姓名、身份证号码、用户账号、手机号码和位置信息中的一项或多项;Sending auxiliary authentication information to the identity authentication server, where the auxiliary authentication information includes one or more of name, ID number, user account, mobile phone number, and location information;
    所述身份认证服务器根据所述生物特征信息以及所述辅助认证信息进行身份认证比对生成认证信息。The identity authentication server performs identity authentication comparison according to the biological feature information and the auxiliary authentication information to generate authentication information.
  17. 根据权利要求1-14中任一项所述的方法,其特征在于,在根据所述认证信息生成认证结果之后,还包括:The method according to any one of claims 1-14, wherein after generating an authentication result according to the authentication information, the method further comprises:
    在预设时长内,将所述认证结果保存在所述身份认证设备和/或所述信息采集设备采集本地;Save the authentication result in the identity authentication device and/or the information collection device locally within a preset time period;
    相应的,所述身份认证设备发送所述至少一种生物特征信息至身份认证服务器,包括:Correspondingly, sending the at least one kind of biometric information to the identity authentication server by the identity authentication device includes:
    所述身份认证设备在本地查找是否有对应所述生物特征信息的认证结果,如果不存在,则发送所述至少一种生物特征信息至身份认证服务器。The identity authentication device searches locally whether there is an authentication result corresponding to the biometric information, and if it does not exist, sends the at least one kind of biometric information to the identity authentication server.
  18. 基于内网连接的外网身份认证系统,其特征在于,包括:The external network identity authentication system based on internal network connection is characterized in that it includes:
    信息采集设备,用于采集用户的生物特征信息,所述信息采集设备通过内部网络接入内部系统;An information collection device for collecting user's biometric information, and the information collection device is connected to an internal system through an internal network;
    身份认证设备,用于获取所述信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器;Identity authentication device, configured to obtain at least one type of biometric information collected by the information collection device, and send the at least one type of biometric information to an identity authentication server, and the identity authentication device accesses the identity authentication through an external network server;
    所述身份认证服务器,用于接收所述身份认证设备发送的生物特征信息,并根据所述生物特征信息生成认证信息,将所述认证信息发送至所述身份认证设备;The identity authentication server is configured to receive the biometric information sent by the identity authentication device, generate authentication information based on the biometric information, and send the authentication information to the identity authentication device;
    所述身份认证设备,还用于接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。The identity authentication device is further configured to receive authentication information sent by the identity authentication server, and generate an authentication result according to the authentication information.
  19. 一种身份认证设备,所述设备包括:一个或多个处理器;存储装置,用于存储一个或多个程序,当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现:An identity authentication device, the device includes: one or more processors; a storage device, used to store one or more programs, when the one or more programs are executed by the one or more processors, so that The one or more processors implement:
    获取信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器,所述信息采集设备通过内部网络接入内部系统;Acquire at least one type of biometric information collected by an information collection device, and send the at least one type of biometric information to an identity authentication server. The identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
    接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Receiving the authentication information sent by the identity authentication server, and generating an authentication result according to the authentication information.
  20. 根据权利要求19所述的身份认证设备,其特征在于,所述内部系统包含有多个所述信息采集设备,所述身份认证设备集成安装在多个所述信息采集设备中的至少一个,所述多个信息采集设备之间通过所述内部网络进行通信。The identity authentication device according to claim 19, wherein the internal system includes a plurality of the information collection devices, and the identity authentication device is integrated and installed in at least one of the plurality of information collection devices, so The multiple information collection devices communicate through the internal network.
  21. 根据权利要求19所述的身份认证设备,其特征在于,所述身份认证设备和所述信息采集设备通过USB数据线连接,或通过蓝牙连接。The identity authentication device according to claim 19, wherein the identity authentication device and the information collection device are connected via a USB data cable or via Bluetooth.
  22. 一种包含计算机可执行指令的存储介质,所述计算机可执行指令在由计算机处理器执行时用于执行:A storage medium containing computer-executable instructions, which are used to execute when executed by a computer processor:
    获取信息采集设备采集的至少一种生物特征信息,并发送所述至少一种生物特征信息至身份认证服务器,所述身份认证设备通过外部网络接入所述身份认证服务器,所述信息采集设备通过内部网络接入内部系统;Acquire at least one type of biometric information collected by an information collection device, and send the at least one type of biometric information to an identity authentication server. The identity authentication device accesses the identity authentication server through an external network, and the information collection device passes Internal network access to internal system;
    接收所述身份认证服务器发送的认证信息,根据所述认证信息生成认证结果。Receiving the authentication information sent by the identity authentication server, and generating an authentication result according to the authentication information.
PCT/CN2021/101502 2020-05-18 2021-06-22 External network identity authentication method, system, device, and storage medium based on internal network connection WO2021233474A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN202010421344.5 2020-05-18
CN202010421344 2020-05-18
CN202010507590.2A CN111683085B (en) 2020-05-18 2020-06-05 External network identity authentication method, system, equipment and storage medium based on internal network connection
CN202010507590.2 2020-06-05

Publications (1)

Publication Number Publication Date
WO2021233474A1 true WO2021233474A1 (en) 2021-11-25

Family

ID=72454305

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/101502 WO2021233474A1 (en) 2020-05-18 2021-06-22 External network identity authentication method, system, device, and storage medium based on internal network connection

Country Status (2)

Country Link
CN (1) CN111683085B (en)
WO (1) WO2021233474A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111683085B (en) * 2020-05-18 2022-12-16 巽腾(广东)科技有限公司 External network identity authentication method, system, equipment and storage medium based on internal network connection

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104486310A (en) * 2014-12-04 2015-04-01 江苏力扬生物识别技术有限公司 Method and system for authenticating finger veins and finger vein information acquisition instrument
CN109711133A (en) * 2018-12-26 2019-05-03 广州市巽腾信息科技有限公司 Authentication method, device and the server of identity information
CN110557366A (en) * 2019-07-15 2019-12-10 安徽继远软件有限公司 Identity authentication system and method based on cross-network transmission and CTID (computer telephony integration) network card authentication
US20200036714A1 (en) * 2017-04-01 2020-01-30 SZ DJI Technology Co., Ltd. Method, system, server, and terminal for identity authentication
CN111683085A (en) * 2020-05-18 2020-09-18 巽腾(广东)科技有限公司 External network identity authentication method, system, equipment and storage medium based on internal network connection

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080060662A1 (en) * 2006-08-03 2008-03-13 Warsaw Orthopedic Inc. Protected Information Management Device and Method
CN105160302B (en) * 2015-08-10 2018-04-06 西安凯虹电子科技有限公司 Multimodal Biometrics general-purpose platform and identity identifying method
CN106296199A (en) * 2016-07-12 2017-01-04 刘洪文 Payment based on living things feature recognition and identity authorization system
CN106570796A (en) * 2016-11-07 2017-04-19 成都科曦科技有限公司 Smart hotel self-service check-in system based on biometric feature recognition and face-identity card integrated authentication
CN108347444A (en) * 2018-02-26 2018-07-31 深圳智乾区块链科技有限公司 Identity identifying method, device based on block chain and computer readable storage medium
CN109887149A (en) * 2019-04-10 2019-06-14 无锡万吉科技股份有限公司 A kind of self-help operating machine apparatus and equipment of multi-modal certification

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104486310A (en) * 2014-12-04 2015-04-01 江苏力扬生物识别技术有限公司 Method and system for authenticating finger veins and finger vein information acquisition instrument
US20200036714A1 (en) * 2017-04-01 2020-01-30 SZ DJI Technology Co., Ltd. Method, system, server, and terminal for identity authentication
CN109711133A (en) * 2018-12-26 2019-05-03 广州市巽腾信息科技有限公司 Authentication method, device and the server of identity information
CN110557366A (en) * 2019-07-15 2019-12-10 安徽继远软件有限公司 Identity authentication system and method based on cross-network transmission and CTID (computer telephony integration) network card authentication
CN111683085A (en) * 2020-05-18 2020-09-18 巽腾(广东)科技有限公司 External network identity authentication method, system, equipment and storage medium based on internal network connection

Also Published As

Publication number Publication date
CN111683085A (en) 2020-09-18
CN111683085B (en) 2022-12-16

Similar Documents

Publication Publication Date Title
CN107800672B (en) Information verification method, electronic equipment, server and information verification system
CA2795601C (en) Methods and systems for determining biometric data for use in authentication transactions
JP6636922B2 (en) Personal authentication using human biometrics
AU2018323233A1 (en) Resource transfer method, fund payment method and apparatus, and electronic device
KR101624575B1 (en) User identity attestation in mobile commerce
CN108449321B (en) Login method, server and client
WO2017193826A1 (en) Cloud desktop login authentication method, cloud desktop control system, and client
CN108429745B (en) Login authentication method and system, and webpage login method and system
CN108806041A (en) Building access control method, Cloud Server and computer readable storage medium
US9268904B1 (en) Systems and methods for biometric data management using relational database management systems (RDBMS)
CN105006077A (en) ATM safe operation method and system based on fingerprint identification, and ATM
WO2021233474A1 (en) External network identity authentication method, system, device, and storage medium based on internal network connection
WO2018137309A1 (en) Wireless communication processing method and device
US10936706B2 (en) Biometric authentication
KR101433079B1 (en) Method for Registering Fingerprint on Security-Terminal
CN114168929A (en) Identity authentication method, device, equipment and storage medium
CN107465810B (en) Data control method and related product
CN111916086A (en) Voice interaction control method and device, computer equipment and storage medium
US20220124090A1 (en) Identity verification through a centralized biometric database
US11776303B2 (en) Biometric gallery management using wireless identifiers
WO2022270114A1 (en) Method for preventing unauthorized access to information device or communication device
US20240062207A1 (en) Secure electronic check (e-check) clearance platform with integrated distributed hash table
JP2005157968A (en) Unauthorized connection detecting system
JP2021149514A (en) Biometric authentication system, biometric authentication method and program
CN114745711A (en) Method and device for sending cloud business card, computer equipment and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21808179

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21808179

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 25/04/2023)

122 Ep: pct application non-entry in european phase

Ref document number: 21808179

Country of ref document: EP

Kind code of ref document: A1