WO2023050524A1 - Procédé et appareil d'authentification d'identité d'utilisateur basée sur im, et serveur et support de stockage - Google Patents

Procédé et appareil d'authentification d'identité d'utilisateur basée sur im, et serveur et support de stockage Download PDF

Info

Publication number
WO2023050524A1
WO2023050524A1 PCT/CN2021/128188 CN2021128188W WO2023050524A1 WO 2023050524 A1 WO2023050524 A1 WO 2023050524A1 CN 2021128188 W CN2021128188 W CN 2021128188W WO 2023050524 A1 WO2023050524 A1 WO 2023050524A1
Authority
WO
WIPO (PCT)
Prior art keywords
verification
code
user
application
link
Prior art date
Application number
PCT/CN2021/128188
Other languages
English (en)
Chinese (zh)
Inventor
袁欣
沈坚
张子鹏
Original Assignee
传仲智能数字科技(上海)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 传仲智能数字科技(上海)有限公司 filed Critical 传仲智能数字科技(上海)有限公司
Publication of WO2023050524A1 publication Critical patent/WO2023050524A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/23Reliability checks, e.g. acknowledgments or fault reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/04Real-time or near real-time messaging, e.g. instant messaging [IM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha

Definitions

  • the invention relates to the communication field, in particular to an IM-based user identity verification method, device, server and storage medium thereof.
  • authentication is the most basic and important link.
  • identity verification is to ensure that the real wishes of users are reflected in specific decision-making links.
  • the first technical solution is a solution using a downlink SMS verification code, which specifically includes: a.
  • the user enters a mobile phone number when registering/logging in; b. After the server gets the number, it sends a random number verification code through the SMS gateway; c. After receiving the text message, the user enters the verification code; d.
  • the server compares the verification code entered by the user, and the registration/login function is completed after the verification code is successful.
  • This kind of solution is widely used in the registration/login process of most third-party servers at present, but this kind of solution requires the user to manually enter the mobile phone number, which is inconvenient to operate; on the other hand, this kind of solution needs to cooperate with the operator to complete the SMS
  • the verification code is sent, and the access cost of the SMS gateway is high, so the cost is high, and the implementation cost will be higher in countries and regions with a large number of operators.
  • the second technical solution is the one-key login solution of the operator, which specifically includes: a.
  • the authentication software development kit Software Development Kit, SDK
  • the SDK communicates with the operator's network to collect the user's mobile phone number and display it; c. After obtaining the user's consent and authorization, the application client obtains the interface calling Token and passes it to the application server; d.
  • the authentication server uses the Token to obtain the mobile phone number interface , and finally obtain the mobile phone number of the current authorized user, and complete the registration/login.
  • this technical solution has a high threshold, requires the operator to directly provide technical support, needs to embed the SDK, can only be used on the application client, and will cause users to worry about privacy and other issues.
  • the present invention provides an IM-based user identity verification method, device, server and its storage medium, which simplifies user operations the most and takes cost and Under the premise of user convenience, user authentication is realized.
  • the present invention provides a kind of user identity authentication method based on IM, it is characterized in that, described authentication method comprises:
  • the verification link includes a first verification code and an IM application terminal identification code
  • the verification link is configured to automatically open the IM application end when the user clicks the verification link, and the first verification code is automatically filled in the field corresponding to the identification code of the IM application end.
  • the verification method also includes:
  • the verification method also includes:
  • the IM account information corresponding to the IM application terminal identification code is pre-configured.
  • the first verification code is composed of at least 4 random characters.
  • the verification link becomes invalid.
  • the predetermined time can be customized according to usage scenarios.
  • the present invention provides a kind of IM-based user identity verification device, it is characterized in that, described verification device comprises:
  • the first receiving module is configured to receive a verification request sent by an application program of the terminal;
  • a generating module configured to generate a verification link according to the verification request, and send the verification link to the application program of the terminal, wherein the verification link includes a first verification code and an IM application terminal identification code;
  • the second receiving module is configured to receive the second verification code and the user identification code sent by the IM application end, wherein the IM application end is an IM application program corresponding to the IM application end identification code;
  • a verification module configured to pass the verification when the first verification code matches the second verification code.
  • the verification link is configured to automatically open the IM application end when the user clicks the verification link, and the first verification code is automatically filled in the field corresponding to the identification code of the IM application end.
  • the verification module is also used to,
  • the verification device also includes:
  • the configuration module is configured to pre-configure the IM to receive the user's account information before receiving the user identity verification request.
  • the present invention provides a server, the server includes a processor and a memory, at least one instruction is stored in the memory, and the instruction is loaded and executed by the processor to implement the above-mentioned IM-based user The action performed by the authentication method.
  • the present invention provides a computer-readable storage medium, at least one instruction is stored in the storage medium, and the instruction is loaded and executed by a processor to implement the above-mentioned IM-based user authentication method. operate.
  • the IM application terminal is combined with the third-party application program server by utilizing the communication characteristics of the IM application terminal itself binding personal mobile phone numbers and information
  • the third-party server generates the user's identity verification ID, and then sends a real-time verification code through the IM application bound to the personal identity, and finally the third-party server makes a matching judgment on the identity verification ID, thereby completing the verification of the user's identity information.
  • the user identity verification method of the present invention does not require the cooperation of short messages or operators, thereby saving the cost of sending short messages by operators.
  • the user uses the IM client to send the real-time verification code, and the real-time verification code information can be sent to the third-party server, which simplifies the user's verification operation compared with the method where the user manually enters the SMS verification code.
  • Fig. 1 schematically shows a flowchart of an IM-based user identity verification method in an embodiment of the present invention
  • Fig. 2 schematically shows a structural block diagram of an IM-based user identity verification system in an embodiment of the present invention
  • FIG. 3 schematically shows the flowchart of the application in the IM-based user authentication method in a preferred embodiment of the present invention
  • Fig. 4 schematically shows a structural diagram of a server provided by an embodiment of the present invention.
  • FIG. 1 schematically shows a flowchart of an IM (Instant Messaging)-based user authentication method in an embodiment of the present invention.
  • Embodiments of the present invention provide an IM-based user authentication method, which is applied to any third-party application program running on a terminal, and the terminal includes but is not limited to a smart phone, a tablet computer, a desktop Internet equipment such as computers and workstations, but not limited to them.
  • the IM on which the present invention is based is an instant messaging APP that uses a mobile phone number as a user account, including but not limited to WhatsApp and Telegram.
  • the IM-based user verification method includes but not limited to the following steps.
  • Step S101 receiving a verification request sent by an application program of a terminal.
  • the verification request includes a request from the user to apply for a registration account from the application server, or a request from the user to apply for a login account from the application server, or a request from the user to perform certain functions of the application.
  • the user authentication interface will be displayed on the interactive interface of the application.
  • the user identity verification interface includes a sending verification request control, and the sending verification request is used for the user to click and perform the operation of sending the verification request.
  • the application server receives the user authentication request.
  • Step S102 generating a verification link according to the verification request, and sending the verification link to the application program of the terminal, wherein the verification link includes a first verification code and an IM application terminal identification code.
  • the application server generates the user's first verification code as a real-time verification code (On Time Password, OTP) as user identification information.
  • the first verification code may be a plurality of characters composed of a plurality of random numbers, may be a plurality of characters composed of a plurality of random English letters (where uppercase English letters and lowercase English letters represent different characters), or may be It is a letter composed of multiple random numbers and multiple random English letters. More specifically, the first verification code is a random character with at least 4 digits.
  • one of the first verification codes is a check code, specifically the last digit of the group of numbers, which is obtained from the previous numbers through a certain operation, and used to verify the group of numbers correctness, so as to avoid the wrong matching problem when the verification code is entered incorrectly.
  • the IM application terminal identification code is pre-configured by the application program server on the IM application terminal, and is used to receive the IM account of the verification code sent by the user.
  • the IM application terminal identification code used to implement the user identity verification method of this application can be a unified IM account, or multiple different IM accounts can be set according to the type of verification application, user type, and verification request type. In addition, this IM account can also be changed periodically according to business processes.
  • the verification link does not have a jump function
  • the user can only view the first verification code and the IM application terminal identification code on the application user identity verification interface of the terminal, and the user needs to manually Open the corresponding IM application terminal on the terminal, then find the IM account number of the corresponding IM application terminal identification code, and manually input the first verification code on the communication interface of the IM account number of the IM application terminal identification code, then click send, and the This completes the upload of verification information.
  • the verification link has a jump function.
  • the IM application end can be automatically awakened, and the first verification code will be automatically filled in with the IM application end identification.
  • the user On the communication interface of the communication interface corresponding to the IM account, the user only needs to click send to complete the upload of the verification information.
  • the verification link with the jump function greatly simplifies the user's verification operation, and the user only needs two clicks to complete the verification information upload. And in this way, the user information is automatically filled in without manual operation, which avoids the verification failure caused by the user entering the wrong verification code, thereby improving the efficiency and success rate of user identity verification.
  • Step S103 receiving the second verification code and the user verification code sent by the IM application, wherein the IM application is an IM application corresponding to the IM application identification code.
  • the second verification code is a real-time verification code sent by the user to the IM account corresponding to the IM application terminal identification code.
  • the IM account corresponding to the IM application end identification code will obtain the second verification code sent by the user on the communication interface;
  • the verification code gateway obtains the second verification code and the user's corresponding user mobile phone number from the application program interface (API) of the IM application end, wherein the real-time verification code gateway (OTP Gateway) and the application program interface (API) ) is pre-configured.
  • the IM of the present invention is an instant messaging APP that uses the mobile phone number as the user account, so when the user sends the second verification code using the IM application end of the terminal, the IM account corresponding to the IM application end identification code as the recipient can obtain the user's verification code.
  • mobile phone number, and the mobile phone number is sent to the application server to be verified by the real-time verification code gateway (OTP Gateway).
  • OTP Gateway real-time verification code gateway
  • the verification link becomes invalid.
  • the predetermined time can be customized according to usage scenarios.
  • the purpose of designing the verification link to expire periodically is to prevent the verification code from being stolen and causing user losses.
  • many criminals will use improper and illegal means to crack it.
  • set a valid time for the verification link and remind the user that whenever the valid time is exceeded, the verification code will fail.
  • the user himself has not received the verification link within the valid time, he can resend the verification request to obtain the verification link, so as to prevent losses caused by criminals stealing the verification code.
  • Step S104 judging whether the first verification code matches the second verification code; wherein, when the first verification code matches the second verification code, enter step S105; when the first When the verification code does not match the second verification code, go to step S106.
  • Step S105 when the first verification code matches the second verification code, the verification is passed.
  • the application server confirms the user identification code, thereby completing user authentication for the user identification code.
  • the user opens the application program through the terminal, the application program returns pass information, and completes the user identity information verification process.
  • Step S106 when the first verification code does not match the second verification code, return verification failure information.
  • the user opens the application program through the terminal, and the application program returns the information that the verification fails. At this time, the user can resend the verification request to perform the second user identity information verification process.
  • the IM application terminal is used to bind the personal mobile phone number and the communication characteristics of personal information, and the IM application terminal is combined with the application server to be verified.
  • the user's real-time verification code is generated by the application server to be verified, and then the user sends back the real-time verification code through the IM application bound to the personal identity, and finally the application server to be verified matches the real-time verification code to complete the user Verification of identity information.
  • the user identity verification method of the present invention does not require the cooperation of short messages or operators, thereby saving the cost of sending short messages by operators.
  • the verification link function is integrated.
  • the sending content of the real-time verification code sent to the specific IM receiving user can be automatically formed.
  • the user only needs to send with one click, and the identity verification identification information can be sent to the application server to be verified.
  • the verification operation of the user is simplified.
  • FIG. 2 schematically shows a structural block diagram of an IM-based user identity verification system in an embodiment of the present invention.
  • An embodiment of the present invention provides an IM-based user identity verification device, which is applied to a third-party server, including but not limited to the following modules.
  • the first receiving module is configured to receive the verification request sent by the application program of the terminal.
  • the verification request includes a request from the user to apply for a registration account from the application server, or a request from the user to apply for a login account from the application server, or a request from the user to perform certain functions of the application.
  • the user authentication interface will be displayed on the interactive interface of the application.
  • the user identity verification interface includes a sending verification request control, and the sending verification request is used for the user to click and perform the operation of sending the verification request.
  • the application server receives the user authentication request.
  • a generating module configured to generate a verification link according to the verification request, and send the verification link to the application program of the terminal, wherein the verification link includes a first verification code and an IM application terminal identification code.
  • the application server generates the user's first verification code as a real-time verification code (On Time Password, OTP) as user identification information.
  • the first verification code may be a plurality of characters composed of a plurality of random numbers, may be a plurality of characters composed of a plurality of random English letters (where uppercase English letters and lowercase English letters represent different characters), or may be It is a letter composed of multiple random numbers and multiple random English letters. More specifically, the first verification code is a random character with at least 4 digits.
  • one of the first verification codes is a check code, specifically the last digit of the group of numbers, which is obtained from the previous numbers through a certain operation, and used to verify the group of numbers correctness, so as to avoid the wrong matching problem when the verification code is entered incorrectly.
  • the IM application terminal identification code is pre-configured by the application program server on the IM application terminal, and is used to receive the IM account of the verification code sent by the user.
  • the IM application terminal identification code used to implement the user identity verification method of this application can be a unified IM account, or multiple different IM accounts can be set according to the type of verification application program, user type, and verification request type. In addition, this IM account can also be changed periodically according to business processes.
  • the verification link does not have a jump function
  • the user can only view the first verification code and the IM application terminal identification code on the application user identity verification interface of the terminal, and the user needs to manually Open the corresponding IM application terminal on the terminal, then find the IM account number of the corresponding IM application terminal identification code, and manually input the first verification code on the communication interface of the IM account number of the IM application terminal identification code, then click send, and the This completes the upload of verification information.
  • the verification link has a jump function.
  • the IM application end can be automatically awakened, and the first verification code will be automatically filled in with the IM application end identification.
  • the user On the communication interface of the communication interface corresponding to the IM account, the user only needs to click send to complete the upload of the verification information.
  • the verification link with the jump function greatly simplifies the user's verification operation, and the user only needs two clicks to complete the verification information upload. And in this way, the user information is automatically filled in without manual operation, which avoids the verification failure caused by the user entering the wrong verification code, thereby improving the efficiency and success rate of user identity verification.
  • the second receiving module is configured to receive the second verification code and the user verification code sent by the IM application end, wherein the IM application end is an IM application program corresponding to the IM application end identification code.
  • the second verification code is a real-time verification code sent by the user to the IM account corresponding to the IM application terminal identification code.
  • the IM account corresponding to the IM application end identification code will obtain the second verification code sent by the user on the communication interface;
  • the verification code gateway obtains the second verification code and the user's corresponding user mobile phone number from the application program interface (API) of the IM application end, wherein the real-time verification code gateway (OTP Gateway) and the application program interface (API) ) is pre-configured.
  • the IM of the present invention is an instant messaging APP that uses the mobile phone number as the user account, so when the user sends the second verification code using the IM application end of the terminal, the IM account corresponding to the IM application end identification code as the recipient can obtain the user's verification code.
  • mobile phone number, and the mobile phone number is sent to the application server to be verified by the real-time verification code gateway (OTP Gateway).
  • OTP Gateway real-time verification code gateway
  • the verification module judges whether the first verification code matches the second verification code.
  • the verification is passed; wherein, the user opens the application program through the terminal, and the application program returns pass information, and completes the user information verification process.
  • the verification failure information is returned; wherein, the user opens the application program through the terminal, and the application program returns the verification failure information. At this time, the user can resend the verification request to proceed The second verification process.
  • the verification module traverses the verification codes generated in the application server, and matches the second verification code sent by the user with the first verification code generated by the application server.
  • the verification module traverses the verification codes generated in the application server, and matches the second verification code sent by the user with the first verification code generated by the application server.
  • the IM-based user identity verification device of the present invention further includes a configuration module, configured to pre-configure the IM account information corresponding to the IM application terminal identification code before receiving the user identity verification request. Specifically, register the receiving account on the IM application in advance and complete the information verification.
  • the configuration module is used to configure the communication between the IM application and the application to be verified. Therefore, when the user receives the user's real-time verification code through the IM application, the real-time The verification code can be transmitted to the real-time verification code gateway through the application port API of IM, and then input to the application server, thereby verifying the user verification information.
  • the IM-based user identity verification device runs on a third-party application server, uses the communication characteristics of the IM application itself to bind the personal mobile phone number and information, and integrates the IM application
  • the terminal is combined with the application server to be authenticated.
  • the user identity verification device receives the user identity verification request through the receiving request module, and uses the generation module to generate the user's real-time verification code; then the user sends the real-time verification code through the IM application end bound to the personal identity, and the real-time verification code is transmitted to the IM for receiving
  • the user's information receiving end receives the real-time verification code sent by the user from the real-time verification code gateway, and finally the verification module performs matching judgment on the real-time verification code, thereby completing the verification of user information.
  • the user identity verification device of the present invention does not require the cooperation of short messages or operators, thereby saving the cost of sending short messages by operators.
  • the verification link function is integrated. After the user clicks the link, the sending content of sending the identity verification ID to the specific IM receiving user can be automatically formed. The user only needs to send the identity verification ID information to the application server to be verified with one click. This simplifies the user's authentication operation.
  • Fig. 3 schematically shows the flow chart of the IM-based user identity verification method in a preferred embodiment of the present invention.
  • the technical content involved in the above-mentioned embodiment will be described in detail below in conjunction with Fig. 3 and this embodiment .
  • the user identity verification method can be used for user login, registration, or application for executing special functions of the application program.
  • user registration is taken as an example.
  • the user verification method can be run in the application server to be registered, and can also be run in the application client to be registered, and the user identity verification method includes the following steps:
  • the Gateway is an API gateway based on the HTTP protocol, As a unified API access layer, the connection between NetApp Server and IM Server is thus realized;
  • NetApp is an application program that adopts the verification scheme of this application, and
  • IM is an instant messaging APP that uses a mobile phone number as a user account. In this embodiment, it is Whatsapp or Telegram.
  • the NetApp Server After the user completes the registration information request on the NetApp display interface, the NetApp Server generates the OTP and the IM receiving number, generates an IM sending link together, and displays it on the user registration page; the registration information request includes filling in the mobile phone number and clicking to send The registration request; the IM sending connection includes OTP and the IM receiving number, and also includes the control instruction for jumping to open the IM application program and the control instruction for sending information to the IM receiving number.
  • OTP Gateway sends the user's mobile phone number and received OTP information to NetApp Server.
  • OTP Gateway receives the user notification through IM to switch back to NetApp to complete the registration process.
  • NetApp Server judges whether the prefabricated OTP information is consistent with the OTP sent to the registered user in step (2); if the prefabricated OTP information is consistent with the OTP sent to the registered user, then enter step (8); if the prefabricated OTP information is consistent with the OTP sent to the registered user If the user's OTP is the same, go to step (9).
  • NetApp Server returns the verification pass information to complete the user registration.
  • NetApp Server returns the message that the verification fails. Wherein, when the verification fails, the user can resend the identity verification request to register for the second time.
  • the IM application terminal itself is used to bind the personal mobile phone number and the communication characteristics of information, and the IM application terminal is combined with the application server to be registered, and the application server to be registered generates The user's identity verification ID, and then the user sends the identity verification ID through the IM application that is bound to the personal identity, and finally the application server to be registered will make a matching judgment on the identity verification ID, thereby completing the verification of user information.
  • the user identity verification method of the present invention does not require the cooperation of short messages or operators, thereby saving the cost of sending short messages by operators.
  • the verification link function is integrated.
  • the user clicks on the link it can automatically form the sending content of sending the identity verification identification to the specific IM receiving user.
  • the user only needs to send the identity verification identification information to the application server to be registered with one click.
  • the user operation is simple, only 2 clicks are required, and there is no need to manually enter the verification code, which simplifies the user's verification operation.
  • FIG. 4 is a schematic structural diagram of a server provided by an embodiment of the present invention.
  • the server 400 may have relatively large differences due to different configurations or performances, and may include one or more central processing units (CPU) 401 and one or more than one memory 402, wherein at least one instruction is stored in the memory 402, and the at least one instruction is loaded and executed by the processor 401 to implement the IM-based user authentication method provided by the above method embodiments .
  • the server may also have components such as a wired or wireless network interface, a keyboard, and an input and output interface for input and output, and the server may also include other components for realizing device functions, which will not be repeated here.
  • a computer-readable storage medium such as a memory including instructions, which can be executed by a processor in the terminal to complete the IM-based user authentication method in the following embodiments.
  • the computer readable storage medium may be ROM, random access memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, and the like.
  • the program can be stored in a computer-readable storage medium.
  • the above-mentioned The storage medium mentioned may be a read-only memory, a magnetic disk or an optical disk, and the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

L'invention concerne un procédé et un appareil d'authentification d'identité d'utilisateur basée sur IM, ainsi qu'un serveur et un support de stockage. Le procédé d'authentification consiste à : recevoir une demande d'authentification qui est envoyée par un programme d'application d'un terminal (S101) ; générer une liaison d'authentification selon la demande d'authentification et envoyer la liaison d'authentification au programme d'application du terminal, la liaison d'authentification comprenant un premier code d'authentification et un code d'identification d'extrémité d'application IM (S102) ; recevoir un second code d'authentification qui est envoyé par une extrémité d'application IM (S103), l'extrémité d'application IM étant le programme d'application IM correspondant au code d'identification d'extrémité d'application IM ; et lorsque le premier code d'authentification correspond au second code d'authentification, accepter l'authentification (S105). Au moyen du procédé et de l'appareil d'authentification d'identité d'utilisateur, un programme d'application IM est utilisé en tant que chemin de transmission pour une authentification, et un utilisateur envoie un code d'authentification en temps réel au moyen de l'extrémité d'application IM. Par comparaison avec l'entrée d'un code d'authentification à l'aide d'un message textuel, le coût et la commodité d'utilisation sont en outre pris en considération.
PCT/CN2021/128188 2021-09-30 2021-11-02 Procédé et appareil d'authentification d'identité d'utilisateur basée sur im, et serveur et support de stockage WO2023050524A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111158857.2 2021-09-30
CN202111158857.2A CN113824628B (zh) 2021-09-30 2021-09-30 基于im的用户身份验证方法、装置、服务器及其存储介质

Publications (1)

Publication Number Publication Date
WO2023050524A1 true WO2023050524A1 (fr) 2023-04-06

Family

ID=78919868

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/128188 WO2023050524A1 (fr) 2021-09-30 2021-11-02 Procédé et appareil d'authentification d'identité d'utilisateur basée sur im, et serveur et support de stockage

Country Status (2)

Country Link
CN (1) CN113824628B (fr)
WO (1) WO2023050524A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114979048B (zh) * 2022-08-02 2022-11-29 深圳市明源云科技有限公司 基于即时通信的身份验证方法、系统、电子设备及介质
CN116436633B (zh) * 2023-02-08 2023-12-05 广州希倍思智能科技有限公司 基于即时通讯进行验证码收发的平台登录方法及系统
CN117098134B (zh) * 2023-10-17 2024-01-26 湖北星纪魅族集团有限公司 安全控制方法、终端及非暂时性计算机可读存储介质

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102480434A (zh) * 2010-11-24 2012-05-30 金蝶软件(中国)有限公司 实现不同系统业务之间无缝衔接的方法、装置和系统
CN106230702A (zh) * 2016-08-29 2016-12-14 北京小米移动软件有限公司 身份信息验证方法、装置及系统
CN106899571A (zh) * 2016-12-21 2017-06-27 阿里巴巴集团控股有限公司 信息交互方法及装置
CN111245841A (zh) * 2020-01-14 2020-06-05 杭州涂鸦信息技术有限公司 一种账号授权方法及系统
WO2020155767A1 (fr) * 2019-01-31 2020-08-06 平安科技(深圳)有限公司 Procédé et appareil d'ouverture de session sans mot de passe basée sur un terminal mobile, dispositif et support de stockage
CN111741011A (zh) * 2020-07-16 2020-10-02 腾讯科技(深圳)有限公司 验证方法、装置及存储介质

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8705720B2 (en) * 2007-02-08 2014-04-22 Avaya Inc. System, method and apparatus for clientless two factor authentication in VoIP networks
CN105207777B (zh) * 2014-06-30 2019-09-20 腾讯科技(深圳)有限公司 网络信息验证的方法和装置
CN105407074A (zh) * 2014-09-11 2016-03-16 腾讯科技(深圳)有限公司 身份验证方法、装置及系统
CN105490809B (zh) * 2014-09-17 2020-11-06 腾讯科技(深圳)有限公司 信息获取方法、装置、终端及服务器
CN104811370B (zh) * 2015-04-27 2018-05-08 北京北信源软件股份有限公司 一种基于标识的安全即时通信系统架构
EP3179751B1 (fr) * 2015-06-15 2020-04-22 Huawei Technologies Co., Ltd. Procédé et appareil d'envoi d'informations, dispositif terminal et système
CN106101125B (zh) * 2016-07-01 2020-09-22 龙官波 验证处理方法、装置及系统
CN111835714A (zh) * 2017-07-11 2020-10-27 创新先进技术有限公司 信息验证处理方法、客户端及服务器
CN110099029A (zh) * 2018-01-30 2019-08-06 阿里健康信息技术有限公司 一种身份验证方法、终端设备及服务器
CN111709007A (zh) * 2020-06-10 2020-09-25 中国建设银行股份有限公司 一种用户验证方法、装置及设备

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102480434A (zh) * 2010-11-24 2012-05-30 金蝶软件(中国)有限公司 实现不同系统业务之间无缝衔接的方法、装置和系统
CN106230702A (zh) * 2016-08-29 2016-12-14 北京小米移动软件有限公司 身份信息验证方法、装置及系统
CN106899571A (zh) * 2016-12-21 2017-06-27 阿里巴巴集团控股有限公司 信息交互方法及装置
WO2020155767A1 (fr) * 2019-01-31 2020-08-06 平安科技(深圳)有限公司 Procédé et appareil d'ouverture de session sans mot de passe basée sur un terminal mobile, dispositif et support de stockage
CN111245841A (zh) * 2020-01-14 2020-06-05 杭州涂鸦信息技术有限公司 一种账号授权方法及系统
CN111741011A (zh) * 2020-07-16 2020-10-02 腾讯科技(深圳)有限公司 验证方法、装置及存储介质

Also Published As

Publication number Publication date
CN113824628B (zh) 2023-04-07
CN113824628A (zh) 2021-12-21

Similar Documents

Publication Publication Date Title
WO2023050524A1 (fr) Procédé et appareil d'authentification d'identité d'utilisateur basée sur im, et serveur et support de stockage
TWI758260B (zh) 基於手機短信的網站登錄方法及其登錄系統
US9722984B2 (en) Proximity-based authentication
CN107249004B (zh) 一种身份认证方法、装置及客户端
CN107241339B (zh) 身份验证方法、装置和存储介质
US11159674B2 (en) Multi-factor authentication of caller identification (ID) identifiers
CN107872447A (zh) 电子装置、服务器、通信系统及通信方法
US20150365420A1 (en) A secure user interaction method performing defined actions on web resources over a separate channel and a system thereof
KR20170140215A (ko) 거래 시큐리티를 위한 방법 및 시스템
CN110719252B (zh) 用于通过通信信道授权交易的方法、系统和介质
CN109525588B (zh) 一种验证码处理方法、设备及系统
CN117336092A (zh) 一种客户端登录方法、装置、电子设备和存储介质
WO2022041179A1 (fr) Procédé, dispositif et système pour envoyer des informations d'authentification au moyen d'une messagerie instantanée
CN114584971A (zh) 账号注册方法及装置、电子设备及存储介质
CN110830420A (zh) 验证短信验证码的方法及系统
CN113395290A (zh) 一种邮箱登录方法、装置、电子设备及可读存储介质
CN104301285A (zh) 用于web系统的登录方法
CN113824727A (zh) 网页登录验证方法、装置、服务器及存储介质
CN105471891A (zh) 一种基于信任设备密令的登录方法
JP6115884B1 (ja) サービス提供システム、認証装置、及びプログラム
CN111277571A (zh) 一种基于零知识证明的企业app登录管理系统
TWM583082U (zh) 安全交易環境的用戶身分驗證系統
WO2017134922A1 (fr) Système de fourniture de service, dispositif d'authentification et programme associé
JP2003264551A (ja) 通信端末とサーバとのセキュリティ確保方法
CN112688943B (zh) 动态密码生成方法、服务器、终端设备及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21959088

Country of ref document: EP

Kind code of ref document: A1