CN105072080A - Information verification method, device and system - Google Patents
Information verification method, device and system Download PDFInfo
- Publication number
- CN105072080A CN105072080A CN201510379708.7A CN201510379708A CN105072080A CN 105072080 A CN105072080 A CN 105072080A CN 201510379708 A CN201510379708 A CN 201510379708A CN 105072080 A CN105072080 A CN 105072080A
- Authority
- CN
- China
- Prior art keywords
- identifying code
- application
- short message
- mobile terminal
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses an information verification method, and the method is executed in a mobile terminal. The mobile terminal can be connected with an application server and a short message server through a network. The method comprises the steps: generating a verification code at a return mode; responding to an operation that a user confirms the return, carrying out the call of a short message interface, transmitting a verification short message containing the verification code and an application account number to the short message server, and transmitting the verification short message to the application server through the short message server; receiving an application account number and a verification code, which are inputted by a user, responding to logging-in operation of the user, and transmitting the verification code and the application account number to the application server, so as to bring convenience to the application server for verification, wherein the application server completes the verification through comparing the verification code corresponding to the application account number transmitted by the short message server with the verification code corresponding to the application account number transmitted by the mobile terminal and judging whether the verification code corresponding to the application account number transmitted by the short message server is consistent with the verification code corresponding to the application account number transmitted by the mobile terminal or not. The method also comprises a step: receiving verification results transmitted by the application server, and logging into the account number if the verification is consistent.
Description
Technical field
The present invention relates to communication technical field, especially a kind of Information Authentication method, Apparatus and system.
Background technology
In today of computer technology and network technology development, the service that people can enjoy all kinds of businessman by network whenever and wherever possible substantially, service provider provides.In network activity, how to ensure that the safety of network environment is the content needing emphasis to consider.Developed a large amount of technology for ensureing network security at present, each network security technology due to its respective pluses and minuses use by different users.Wherein, based on the safe practice of identifying code because it is simple, be easy to realize and be widely used.
The verification mode of identifying code can more efficiently prevent the malice in malice decryption, brush ticket, forum from posting, and effectively can also prevent carrying out Brute Force mode to some particular registered user and initiate the functions such as continuous login attempt.
It is under carrying out user's registration user, sending message, downloading data, carry out the checking scene such as paying that existing a kind of identifying code pushes mode, display identifying code fills in frame, then mobile terminal receives a note with identifying code, and user is filling in input validation code in frame.But, when the network environment residing for user is bad or do not receive note because third party filters, user can only obtain identifying code note by repeatedly refreshing identifying code to attempt, or, along with user strengthens greatly to the secret protection of self and awareness of safety, a lot of user understands the function of similar white list on starting hand-set, filtering is not the note that the number in address list sends, and authentication server will send a large amount of notes every day, easily indicated interception by fail-safe software, in this case, even if again send identifying code note, user is still difficult to obtain its particular content, thus make identifying code lose corresponding effect.
Therefore, need a kind of intelligence, effective Information Authentication mode, improve Consumer's Experience.
Summary of the invention
For this reason, the invention provides a kind of Information Authentication method, Apparatus and system, to try hard to solve or at least alleviate at least one problem existed above.
According to an aspect of the present invention, provide a kind of Information Authentication method, the method performs in the terminal, and mobile terminal can be connected with application server, short message server by network, comprises step: under loopback mode, generates identifying code; Confirm the operation returned in response to user, call short message interface transmission and comprise the checking note of identifying code and application account to short message server, send checking note to application server by short message server; Receive application account and the identifying code of user's input, in response to user login operation, send identifying code with application account to application server, so that application server is verified, the identifying code that wherein the application account that sent by comparison short message server of application server is corresponding, the identifying code corresponding with the application account that mobile terminal sends, whether the two is consistent, has carried out checking; And receive the result sent by application server, if checking is consistent, log in described application account.
Alternatively, in Information Authentication method according to the present invention, also comprise step: monitoring input interface, when the number of times detecting that user carries out verification operation reaches predetermined threshold, enter loopback mode.
Alternatively, in Information Authentication method according to the present invention, identifying code is the numeral of stochastic generation.
According to a further aspect in the invention, provide a kind of Information Authentication device, this Plant arrangement on mobile terminals, mobile terminal can be connected with application server, short message server by network, device comprises: information generating unit, is suitable for after entering loopback mode, generates identifying code, connection management unit, be suitable for responding user operation, send and comprise identifying code and apply the checking note of account to short message server, checking note is sent to application server by short message server, and respond the register of user, the application account user received inputted on mobile terminal display screen and identifying code send to application server, so that application server is verified, the identifying code that wherein the application account that sent by comparison short message server of application server is corresponding, the identifying code corresponding with the application account that mobile terminal sends, whether the two is consistent, carry out checking, and be also suitable for receiving the result sent by application server, if checking is consistent, log in described application account.
Alternatively, in Information Authentication device according to the present invention, also comprise monitoring control unit, be suitable for monitoring input interface in real time, when the number of times detecting that user carries out verification operation reaches predetermined threshold, enter loopback mode.
Alternatively, in Information Authentication device according to the present invention, identifying code is the numeral of stochastic generation.
According to a further aspect in the invention, provide a kind of Information Authentication method, the method performs in the application server, application server can be connected with mobile terminal, short message server by network, comprise step: receive the checking note sent by short message server, wherein verify that note comprises application account and identifying code, checking note is that mobile terminal sends to short message server under loopback mode; Storage application account and identifying code are as initialize data; Receive the identifying code and application account that are sent in response to user login operation by mobile terminal, its and initialize data are compared, if relatively unanimously, be verified, transmission the result, to mobile terminal, logs in described application account for mobile terminal.
Alternatively, in Information Authentication method according to the present invention, before storage application account and the step of identifying code as initialize data, also comprise step: receive the communication account sent in the lump with checking note by short message server; Judge that whether communication account is consistent with application account, if consistent, store and apply account and identifying code as initialize data to verify; If inconsistent, return authentication failed.
Alternatively, in Information Authentication method according to the present invention, receiving the identifying code and application account that are sent by mobile terminal, the step that itself and initialize data compare being comprised: whether exist according to applying account inquiring user; And if exist, whether unanimously compare identifying code corresponding to application account, if identifying code unanimously, is verified.
Alternatively, in Information Authentication method according to the present invention, identifying code is the numeral of stochastic generation.
According to another aspect of the present invention, provide a kind of Information Authentication device, this Plant arrangement on the application server, application server can by network and mobile terminal, short message server is connected, device comprises: connection management unit, be suitable for receiving the checking note sent by short message server, wherein verify that note comprises application account and identifying code, checking note is that mobile terminal sends to short message server under loopback mode, and receive the identifying code that sent in response to user login operation by mobile terminal and apply account, send the result to mobile terminal, described application account is logged in for mobile terminal, information memory cell, is suitable for storing the application account that sent by short message server and identifying code as initialize data, and Information Authentication unit, be suitable for the identifying code sent by mobile terminal and application account and initialize data to compare, if relatively unanimously, be verified.
Alternatively, in Information Authentication device according to the present invention, connection management unit is also suitable for receiving the communication account sent in the lump with checking note by short message server; Information Authentication unit is also suitable for after receiving the checking note and communication account sent by short message server, judge that whether communication account is consistent with application account, send if consistent and be indicated to information memory cell, store application account and identifying code as initialize data by it.
Whether alternatively, in Information Authentication device according to the present invention, Information Authentication unit also comprises: information query unit, be suitable for existing according to application account inquiring user; And judging unit, be suitable for after inquiring user exists, whether unanimously compare identifying code corresponding to application account, if identifying code unanimously, is verified.
Alternatively, in Information Authentication device according to the present invention, identifying code is the numeral of stochastic generation.
According to another aspect of the present invention, provide a kind of information authentication system, system comprises: the mobile terminal with Information Authentication device as above; And there is the application server of Information Authentication device as above.
According to Information Authentication scheme of the present invention, be different from and again send identifying code, but adopt the mode of identifying code passback, make Information Authentication more effective, and ensure that the safety of user profile.
Accompanying drawing explanation
In order to realize above-mentioned and relevant object; combine description below and accompanying drawing herein to describe some illustrative aspect; these aspects indicate the various modes can putting into practice principle disclosed herein, and all aspects and equivalent aspect thereof are intended to fall in the scope of theme required for protection.Read detailed description below in conjunction with the drawings, above-mentioned and other object of the present disclosure, Characteristics and advantages will become more obvious.Throughout the disclosure, identical Reference numeral is often referred to for identical parts or element.
Fig. 1 shows the structure block diagram of the mobile terminal 100 according to an exemplary embodiment of the present invention;
Fig. 2 shows the schematic diagram of information authentication system 200 according to an embodiment of the invention;
Fig. 3 shows the flow chart of Information Authentication method according to an embodiment of the invention 300;
Fig. 4 shows the schematic diagram of Information Authentication device 400 according to an embodiment of the invention;
Fig. 5 shows the flow chart of Information Authentication method in accordance with another embodiment of the present invention 500;
Fig. 6 shows the schematic diagram of Information Authentication device 600 in accordance with another embodiment of the present invention;
Fig. 7 A shows the interface schematic diagram that user according to an embodiment of the invention confirms to carry out returning; And
Fig. 7 B shows display on mobile terminal according to an embodiment of the invention and postbacks the interface schematic diagram of identifying code.
Embodiment
Below with reference to accompanying drawings exemplary embodiment of the present disclosure is described in more detail.Although show exemplary embodiment of the present disclosure in accompanying drawing, however should be appreciated that can realize the disclosure in a variety of manners and not should limit by the embodiment set forth here.On the contrary, provide these embodiments to be in order to more thoroughly the disclosure can be understood, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
Fig. 1 is mobile terminal 100 organigram according to an embodiment of the invention.With reference to Fig. 1, mobile terminal 100 comprises: memory interface 102, one or more data processor, image processor and/or CPU 104, and peripheral interface 106.Memory interface 102, one or more processor 104 and/or peripheral interface 106 both can be discrete components, also can be integrated in one or more integrated circuit.In the mobile terminal 100, various element can be coupled by one or more communication bus or holding wire.Transducer, equipment and subsystem can be coupled to peripheral interface 106, to help to realize several functions.Such as, motion sensor 110, optical sensor 112 and range sensor 114 can be coupled to peripheral interface 106, to facilitate the functions such as orientation, illumination and range finding.Other transducers 116 can be connected with peripheral interface 106 equally, such as navigation system (such as GPS), temperature sensor, biometric sensor or other sensor devices, can help thus to implement relevant function.
Camera sub-system 120 and optical pickocff 122 may be used for the realization of the camera function of convenient such as recording photograph and video clipping, and wherein said camera sub-system and optical pickocff can be such as charge coupled device (CCD) or complementary metal oxide semiconductors (CMOS) (CMOS) optical pickocff.Can help realize communication function by one or more radio communication subsystem 124, wherein radio communication subsystem can comprise radio-frequency transmitter and transmitter and/or light (such as infrared) Receiver And Transmitter.The particular design of radio communication subsystem 124 and execution mode can depend on one or more communication networks that mobile terminal 100 is supported.Such as, mobile terminal 100 can comprise the communication subsystem 124 being designed to support GSM network, GPRS network, EDGE network, Wi-Fi or WiMax network and BlueboothTM network.Audio subsystem 126 can be coupled with loud speaker 128 and microphone 130, such as, to help the function of implementing to enable voice, speech recognition, speech reproduction, digital record and telephony feature.
I/O subsystem 140 can comprise touch screen controller 142 and/or other input control devices 144 one or more.Touch screen controller 142 can be coupled to touch-screen 146.For example, what this touch-screen 146 and touch screen controller 142 can use any one in multiple touch-sensing technology to detect to carry out with it contact and movement or time-out, and wherein detection technology is including, but not limited to capacitive character, resistive, infrared and surface acoustic wave technique.Other input control devices 144 one or more can be coupled to other input/control devicess 148, the indication equipment of such as one or more button, rocker switch, thumb wheel, infrared port, USB port and/or stylus and so on.Described one or more button (not shown) can comprise the up/down button for control loudspeaker 128 and/or microphone 130 volume.
Memory interface 102 can be coupled with memory 150.This memory 150 can comprise high-speed random access memory and/or nonvolatile memory, such as one or more disk storage device, one or more optical storage apparatus, and/or flash memories (such as NAND, NOR).Memory 150 can storage operation system 152, the operating system of such as Android, IOS or WindowsPhone and so on.This operating system 152 can comprise the instruction of the task of depending on hardware for the treatment of basic system services and execution.Memory 150 can also store application 154.When these are applied in operation, can be loaded into processor 104 from memory 150, and run on the operating system run by processor 104, and the function that the various user of the Interface realization utilizing operating system and bottom hardware to provide expects, as instant messaging, web page browsing, pictures management etc.Application can provide independent of operating system, also can be that operating system carries.
According to one embodiment of present invention, provide a kind of mobile terminal 100 with Information Authentication function, can realize this function by the client application of placement information authentication function, this client application is stored in application 154.
Fig. 2 shows information authentication system 200 according to an embodiment of the invention.This system 200 comprises mobile terminal 100, application server 210 and short message server 220, and application server can be such as the remote cloud server being physically located at one or more place, and the said equipment is interconnected by network.
The workflow of this information authentication system 200 will be introduced in detail below.
Generally, the process of short message verification code checking is as follows: user is carrying out user's registration, send message, downloading data, when carrying out the operations such as payment, the client application of mobile terminal 100 can show and fill in frame, user needs the communication account of filling in oneself, generally, communication account can be phone number, communication account is sent to application server 210 by client software, application server 210 calls the server of note operator, namely the communication account that the short message server 220 in native system is filled in user sends the note comprising identifying code, after mobile terminal 100 receives said short message, user writes the identifying code in note in the mobile terminal 100, and send it to application server 210 by mobile terminal 100, whether application server 210 compares the identifying code issued consistent with the identifying code that mobile terminal 100 is sent back, if consistent, by checking.
But affect by a variety of causes, sometimes user can not receive the note carrying identifying code in time, and even in some cases, the fail-safe software that such as note is moved in terminal indicates interception, and repeating to send note under this scene can not deal with problems.Therefore, present invention proposes the scheme utilizing the mode of short message returning to carry out Information Authentication.
According to one embodiment of present invention, arrange when mobile terminal 100 detects that the number of times that user carries out verification operation reaches predetermined threshold (such as, having carried out 3 requests verification operations continuously still failed), just enter loopback mode.Under loopback mode, mobile terminal 100 generates identifying code, and according to an execution mode, this identifying code can be 6 bit digital of stochastic generation.Then can show identifying code on the display screen of mobile terminal 100, and need user to be confirmed whether to postback identifying code, as shown in Figure 7 A.User clicks " confirmation ", the operation returned is confirmed in response to user, mobile terminal 100 calls short message interface transmission and comprises the checking note of identifying code and application account to short message server 220, according to one embodiment of present invention, verify that the content of note generates by following form: application account+identifying code+check code.It should be noted that the present invention does not limit content and/or the form of checking note, as long as include application account and identifying code in checking note, carry out Information Authentication so that follow-up.
After short message server 220 receives checking note, the communication account of checking note and the mobile terminal that postbacks identifying code is sent to application server 210 in the lump.First application server 210 can judge that whether communication account is consistent with the application account in checking note, if consistent, storage application account and identifying code are as initialize data; If inconsistent, return authentication failed.Give application server 210 as follows and obtain the example code that user postbacks the interface of short message verification code:
Then the display screen of mobile terminal 100 jumps to as shown in Figure 7 B, user inputs application account and identifying code, in response to the register of user, mobile terminal 100 sends the identifying code of user's input and applies account to application server 210, completes checking by application server 210.Whether concrete verification step is: first inquire about this user according to application account and exist, application account herein comprises the application account stored as initialize data and the application account sent by mobile terminal 100, and above-mentioned two methods account should be consistent.When two methods account is consistent and this user exists, whether identifying code corresponding to more above-mentioned two methods account be consistent, if identifying code unanimously, is verified, sends the result to mobile terminal 100, make it log in this application account.So far, information verification process terminates.
According to Information Authentication scheme of the present invention, be different from and again send identifying code, but adopt the mode of identifying code passback, make Information Authentication more effective, and the safety of user profile can be ensured well.
Fig. 3 shows the flow chart of Information Authentication method according to an embodiment of the invention 300.The method performs in the mobile terminal 100, and mobile terminal 100 can be connected with application server 210, short message server 220 by network, and the method starts from step S310, under loopback mode, generates identifying code.According to one embodiment of present invention, mobile terminal 100 monitors input interface in real time, when the number of times detecting that user carries out verification operation reaches predetermined threshold, just enters loopback mode.Wherein identifying code can be the numeral of stochastic generation.
Subsequently in step s 320, confirm the operation returned in response to user, call short message interface transmission and comprise the checking note of identifying code and application account to short message server 220, send this checking note to application server 210 by short message server 220.
Subsequently in step S330, receive application account and the identifying code of user's input, in response to user login operation, send identifying code with application account to application server 210, so that application server 210 is verified, the identifying code that wherein the application account that sent by comparison short message server 220 of application server 210 is corresponding, the identifying code corresponding with the application account that mobile terminal 100 sends, whether the two is consistent, has carried out checking.
Subsequently in step S340, receive the result sent by application server 210, if checking is consistent, log in this application account.
Fig. 4 shows the schematic diagram of Information Authentication device 400 according to an embodiment of the invention.This Plant arrangement is on mobile terminal 100, and mobile terminal 100 can be connected with application server 210, short message server 220 by network, and described device comprises: information generating unit 410 and connection management unit 420.
According to one embodiment of present invention, this device 400 also comprises monitoring control unit 430, is suitable for monitoring input interface in real time, when the number of times detecting that user carries out verification operation reaches predetermined threshold, enters loopback mode.Predetermined threshold can be set to user and carry out 3 requests verification operations continuously still unsuccessfully, and certainly, the present invention does not limit this.The information entering loopback mode is sent to the information generating unit 410 coupled with it by monitoring control unit 430.
Information generating unit 410 is suitable for after entering loopback mode, generates identifying code.Wherein identifying code can be the numeral of stochastic generation.
Connection management unit 420 is suitable for responding user operation, send and comprise identifying code and apply the checking note of account to short message server 220, checking note is sent to application server 210 by short message server 220, and respond the register of user, the application account input the user received on mobile terminal 100 display screen and identifying code send to application server 210, so that application server 210 is verified, the identifying code that wherein the application account that sent by comparison short message server 220 of application server 210 is corresponding, the identifying code corresponding with the application account that mobile terminal 100 sends, whether the two is consistent, carry out checking, and connection management unit 420 is also suitable for receiving the result sent by application server, if checking is consistent, log in described application account.
Fig. 5 shows the flow chart of Information Authentication method in accordance with another embodiment of the present invention 500.The method performs in application server 210, application server can be connected with mobile terminal, short message server by network, the method starts from step S510, receive the checking note sent by short message server 220, wherein verify that note contains application account and identifying code, and verify that note is that mobile terminal 100 sends to short message server 220, sends to application server 210 by short message server under loopback mode.
Subsequently in step S520, store the application account and identifying code that are obtained by step S510, as initialize data.According to one embodiment of the present invention, before step S520, also comprise step: receive the communication account sent in the lump with checking note by short message server 220; Judge that whether this communication account is consistent with application account, if consistent, store and apply account and identifying code as initialize data to verify; If inconsistent, return authentication failed.
Subsequently in step S530, receive the identifying code and application account that are sent by mobile terminal 100, the initialize data in itself and step S520 is compared, if relatively more consistent, is verified, send the result to mobile terminal 100.According to one embodiment of present invention, checking can be completed by following steps.Whether first inquire about this user according to application account to exist, application account herein comprises the initialize data in step S520 and the application account sent by mobile terminal in step S530, and this two methods account should be consistent through comparison.If the consistent and user of two methods account exists, more whether consistent, if identifying code unanimously, is verified if comparing identifying code corresponding to two methods account.
Fig. 6 shows the schematic diagram of Information Authentication device 600 in accordance with another embodiment of the present invention.This device 600 is arranged on application server 210, and application server 210 can be connected with mobile terminal 100, short message server 220 by network, and this device 600 comprises connection management unit 610, information memory cell 620 and Information Authentication unit 630.
Connection management unit 610 is suitable for receiving the checking note sent by short message server 220, wherein said checking note comprises application account and identifying code, and checking note is that mobile terminal 100 sends to short message server 220, sends to application server 210 by short message server under loopback mode.According to one embodiment of present invention, connection management unit 610 is also suitable for receiving the communication account sent in the lump by short message server 220 and described checking note.Then receive the identifying code that sent by mobile terminal 100 and application account, send the result to mobile terminal 100.
Information memory cell 620 is suitable for storing the application account that sent by short message server 220 and identifying code as initialize data.
Information Authentication unit 630 is suitable for the identifying code sent by mobile terminal 100 and application account and initialize data to compare, if relatively unanimously, be verified.Particularly, Information Authentication unit 630 can comprise: information query unit 632 and judging unit 634.Whether information query unit 632 is suitable for existing according to application account inquiring user, if exist, send and be indicated to the preset judging unit 634 coupled, whether judging unit 634 is suitable for comparing identifying code corresponding to two methods account consistent, if identifying code unanimously, is verified.
According to one embodiment of present invention, Information Authentication unit 630 is also suitable for after receiving the checking note and communication account sent by short message server 220, judge that whether communication account is consistent with application account, send if consistent and be indicated to information memory cell, store application account and identifying code as initialize data by it.
Be to be understood that, in order to simplify the disclosure and to help to understand in each inventive aspect one or more, in the description above to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes.But, the method for the disclosure should be construed to the following intention of reflection: namely the present invention for required protection requires than the feature more multiple features clearly recorded in each claim.Or rather, as claims below reflect, all features of disclosed single embodiment before inventive aspect is to be less than.Therefore, the claims following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are to be understood that the module of the equipment in example disclosed herein or unit or assembly can be arranged in equipment as depicted in this embodiment, or alternatively can be positioned in one or more equipment different from the equipment in this example.Module in aforementioned exemplary can be combined as a module or can be divided into multiple submodule in addition.
Those skilled in the art are appreciated that and adaptively can change the module in the equipment in embodiment and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition.Except at least some in such feature and/or process or unit be mutually repel except, any combination can be adopted to combine all processes of all features disclosed in this specification (comprising adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment or unit.Unless expressly stated otherwise, each feature disclosed in this specification (comprising adjoint claim, summary and accompanying drawing) can by providing identical, alternative features that is equivalent or similar object replaces.
Whether C1, method as described in claim 7 or 8, wherein receiving the identifying code and application account that are sent by mobile terminal, the step that itself and initialize data compare being comprised: exist according to applying account inquiring user; And if exist, whether unanimously compare identifying code corresponding to application account, if identifying code unanimously, is verified.C2, method according to any one of claim 7-8 or C1, wherein identifying code is the numeral of stochastic generation.D12, device as described in claim D11, wherein, connection management unit is also suitable for receiving the communication account sent in the lump by short message server and described checking note; Information Authentication unit is also suitable for after receiving the checking note and communication account sent by short message server, judge that whether communication account is consistent with application account, send if consistent and be indicated to information memory cell, store application account and identifying code as initialize data by it.D13, device as described in claim D11 or D12, whether wherein Information Authentication unit also comprises: information query unit, be suitable for existing according to application account inquiring user; And judging unit, be suitable for after inquiring user exists, whether unanimously compare identifying code corresponding to application account, if identifying code unanimously, is verified.D14, device according to any one of claim D11-13, wherein identifying code is the numeral of stochastic generation.
In addition, those skilled in the art can understand, although embodiments more described herein to comprise in other embodiment some included feature instead of further feature, the combination of the feature of different embodiment means and to be within scope of the present invention and to form different embodiments.Such as, in the following claims, the one of any of embodiment required for protection can use with arbitrary compound mode.
In addition, some in described embodiment are described as at this can by the processor of computer system or the method implemented by other device performing described function or the combination of method element.Therefore, there is the device of processor formation for implementing the method or method element of the necessary instruction for implementing described method or method element.In addition, the element described herein of device embodiment is the example as lower device: this device is for implementing the function performed by the element of the object in order to implement this invention.
As used in this, unless specifically stated so, use ordinal number " first ", " second ", " the 3rd " etc. to describe plain objects and only represent the different instances relating to similar object, and be not intended to imply the object be described like this must have the time upper, spatially, sequence aspect or in any other manner to definite sequence.
Although the embodiment according to limited quantity describes the present invention, benefit from description above, those skilled in the art understand, in the scope of the present invention described thus, it is contemplated that other embodiment.In addition, it should be noted that the language used in this specification is mainly in order to object that is readable and instruction is selected, instead of select to explain or limiting theme of the present invention.Therefore, when not departing from the scope and spirit of appended claims, many modifications and changes are all apparent for those skilled in the art.For scope of the present invention, be illustrative to disclosing of doing of the present invention, and nonrestrictive, and scope of the present invention is defined by the appended claims.
Claims (10)
1. an Information Authentication method, described method performs in the terminal, and described mobile terminal can be connected with application server, short message server by network, and described method comprises step:
Under loopback mode, generate identifying code;
Confirm the operation returned in response to user, call short message interface transmission and comprise the checking note of identifying code and application account to short message server, send described checking note to application server by short message server;
Receive application account and the identifying code of user's input, in response to user login operation, send described identifying code with application account to application server, so that application server is verified, the identifying code that wherein the application account that sent by comparison short message server of application server is corresponding, the identifying code corresponding with the application account that mobile terminal sends, whether the two is consistent, has carried out checking; And
Receive the result sent by application server, if checking is consistent, log in described application account.
2. the method for claim 1, also comprises step: monitoring input interface, when the number of times detecting that user carries out verification operation reaches predetermined threshold, enters loopback mode.
3. method as claimed in claim 1 or 2, wherein, described identifying code is the numeral of stochastic generation.
4. an Information Authentication device, on mobile terminals, described mobile terminal can be connected with application server, short message server by network described Plant arrangement, and described device comprises:
Information generating unit, is suitable for after entering loopback mode, generates identifying code;
Connection management unit, be suitable for responding user operation, send and comprise identifying code and apply the checking note of account to short message server, described checking note is sent to application server by short message server, and respond the register of user, the application account user received inputted on mobile terminal display screen and identifying code send to application server, so that application server is verified, the identifying code that wherein the application account that sent by comparison short message server of application server is corresponding, the identifying code corresponding with the application account that mobile terminal sends, whether the two is consistent, carry out checking, and
Also be suitable for receiving the result sent by application server, if checking is consistent, log in described application account.
5. device as claimed in claim 4, also comprises:
Monitoring control unit, is suitable for monitoring input interface in real time, when the number of times detecting that user carries out verification operation reaches predetermined threshold, enters loopback mode.
6. the device as described in claim 4 or 5, wherein said identifying code is the numeral of stochastic generation.
7. an Information Authentication method, described method performs in the application server, and described application server can be connected with mobile terminal, short message server by network, and described method comprises step:
Receive the checking note sent by short message server, wherein said checking note comprises application account and identifying code, and described checking note is that mobile terminal sends to short message server under loopback mode;
Store described application account and identifying code as initialize data;
Receive the identifying code and application account that are sent in response to user login operation by mobile terminal, its and described initialize data are compared, if relatively unanimously, be verified, transmission the result, to mobile terminal, logs in described application account for mobile terminal.
8. method as claimed in claim 7, wherein before described storage application account and the step of identifying code as initialize data, also comprises step:
Receive the communication account sent in the lump by short message server and described checking note;
Judge that whether communication account is consistent with application account, if consistent, store and apply account and identifying code as initialize data to verify; If inconsistent, return authentication failed.
9. an Information Authentication device, on the application server, described application server can be connected with mobile terminal, short message server by network described Plant arrangement, and described device comprises:
Connection management unit, be suitable for receiving the checking note sent by short message server, wherein said checking note comprises application account and identifying code, described checking note is that mobile terminal sends to short message server under loopback mode, and receive the identifying code that sent in response to user login operation by mobile terminal and application account, transmission the result to mobile terminal, log in described application account for mobile terminal;
Information memory cell, described in being suitable for storing, the application account that sent by short message server and identifying code are as initialize data; And
Information Authentication unit, is suitable for the described identifying code that sent by mobile terminal and application account to compare with initialize data, if relatively unanimously, be verified.
10. an information authentication system, described system comprises:
There is the mobile terminal of the Information Authentication device according to any one of claim 4-6; And
There is the application server of Information Authentication device as claimed in claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510379708.7A CN105072080B (en) | 2015-07-01 | 2015-07-01 | A kind of Information Authentication method, apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510379708.7A CN105072080B (en) | 2015-07-01 | 2015-07-01 | A kind of Information Authentication method, apparatus and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105072080A true CN105072080A (en) | 2015-11-18 |
| CN105072080B CN105072080B (en) | 2018-04-13 |
Family
ID=54501365
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510379708.7A Active CN105072080B (en) | 2015-07-01 | 2015-07-01 | A kind of Information Authentication method, apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105072080B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106357632A (en) * | 2016-08-31 | 2017-01-25 | 全通支付网络科技有限公司 | Intelligent verification method |
| CN107707529A (en) * | 2017-09-06 | 2018-02-16 | 北京五八到家信息技术有限公司 | A kind of client validation method for realizing limitation identifying code transmission times |
| CN107896218A (en) * | 2017-11-29 | 2018-04-10 | 郑州云海信息技术有限公司 | A kind of method and system of automatic detection identifying code passback logic leak |
| CN109714297A (en) * | 2017-10-26 | 2019-05-03 | 中国电信股份有限公司 | Safe verification method, system and user terminal and application platform |
| CN110020529A (en) * | 2018-01-08 | 2019-07-16 | 武汉斗鱼网络科技有限公司 | It is a kind of for detecting the method, apparatus and computer equipment of user information |
| CN110276180A (en) * | 2019-06-04 | 2019-09-24 | 北京达佳互联信息技术有限公司 | Authority checking method, authority checking device and computer readable storage medium |
| CN110839217A (en) * | 2019-10-24 | 2020-02-25 | 深圳市梦网科技发展有限公司 | Addressing method, device, server and medium for mobile terminal |
| CN110895603A (en) * | 2019-11-05 | 2020-03-20 | 泰康保险集团股份有限公司 | Multi-system account information integration method and device |
| CN111835765A (en) * | 2020-07-13 | 2020-10-27 | 中国联合网络通信集团有限公司 | Verification method and device |
| CN112154634A (en) * | 2018-05-18 | 2020-12-29 | 瑞典爱立信有限公司 | Application access control |
| CN113132925A (en) * | 2020-01-16 | 2021-07-16 | ***通信集团山东有限公司 | Short message authentication method, system, short message gateway equipment and terminal equipment |
| CN114125737A (en) * | 2021-11-17 | 2022-03-01 | 深圳市一诺成电子有限公司 | Intelligent control method and equipment for sending intelligent voice click-to-read information in tablet personal computer |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102231746A (en) * | 2011-07-11 | 2011-11-02 | 华为技术有限公司 | Method for validating identification information and terminal thereof |
| CN102694780A (en) * | 2011-03-25 | 2012-09-26 | 同方股份有限公司 | Digital signature authentication method, payment method containing the same and payment system |
| CN103152400A (en) * | 2013-02-07 | 2013-06-12 | 百度在线网络技术(北京)有限公司 | Method and system for logging in through mobile terminal and cloud server |
| CN104579649A (en) * | 2013-10-28 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Identity recognition method and system |
| US20150139039A1 (en) * | 2013-11-18 | 2015-05-21 | Kirill KAZANTSEV | Communication system and method for making telephone calls over the internet |
-
2015
- 2015-07-01 CN CN201510379708.7A patent/CN105072080B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102694780A (en) * | 2011-03-25 | 2012-09-26 | 同方股份有限公司 | Digital signature authentication method, payment method containing the same and payment system |
| CN102231746A (en) * | 2011-07-11 | 2011-11-02 | 华为技术有限公司 | Method for validating identification information and terminal thereof |
| CN103152400A (en) * | 2013-02-07 | 2013-06-12 | 百度在线网络技术(北京)有限公司 | Method and system for logging in through mobile terminal and cloud server |
| CN104579649A (en) * | 2013-10-28 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Identity recognition method and system |
| US20150139039A1 (en) * | 2013-11-18 | 2015-05-21 | Kirill KAZANTSEV | Communication system and method for making telephone calls over the internet |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106357632A (en) * | 2016-08-31 | 2017-01-25 | 全通支付网络科技有限公司 | Intelligent verification method |
| CN107707529A (en) * | 2017-09-06 | 2018-02-16 | 北京五八到家信息技术有限公司 | A kind of client validation method for realizing limitation identifying code transmission times |
| CN109714297A (en) * | 2017-10-26 | 2019-05-03 | 中国电信股份有限公司 | Safe verification method, system and user terminal and application platform |
| CN107896218A (en) * | 2017-11-29 | 2018-04-10 | 郑州云海信息技术有限公司 | A kind of method and system of automatic detection identifying code passback logic leak |
| CN110020529A (en) * | 2018-01-08 | 2019-07-16 | 武汉斗鱼网络科技有限公司 | It is a kind of for detecting the method, apparatus and computer equipment of user information |
| CN110020529B (en) * | 2018-01-08 | 2021-04-27 | 武汉斗鱼网络科技有限公司 | Method and device for detecting user information and computer equipment |
| US11785013B2 (en) | 2018-05-18 | 2023-10-10 | Telefonaktiebolaget Lm Ericsson (Publ) | Application program access control |
| CN112154634A (en) * | 2018-05-18 | 2020-12-29 | 瑞典爱立信有限公司 | Application access control |
| CN110276180A (en) * | 2019-06-04 | 2019-09-24 | 北京达佳互联信息技术有限公司 | Authority checking method, authority checking device and computer readable storage medium |
| CN110839217A (en) * | 2019-10-24 | 2020-02-25 | 深圳市梦网科技发展有限公司 | Addressing method, device, server and medium for mobile terminal |
| CN110839217B (en) * | 2019-10-24 | 2022-03-11 | 深圳市梦网科技发展有限公司 | Addressing method, device, server and medium for mobile terminal |
| CN110895603B (en) * | 2019-11-05 | 2021-11-26 | 泰康保险集团股份有限公司 | Multi-system account information integration method and device |
| CN110895603A (en) * | 2019-11-05 | 2020-03-20 | 泰康保险集团股份有限公司 | Multi-system account information integration method and device |
| CN113132925A (en) * | 2020-01-16 | 2021-07-16 | ***通信集团山东有限公司 | Short message authentication method, system, short message gateway equipment and terminal equipment |
| CN113132925B (en) * | 2020-01-16 | 2022-02-18 | ***通信集团山东有限公司 | Short message authentication method, system, short message gateway equipment and terminal equipment |
| CN111835765A (en) * | 2020-07-13 | 2020-10-27 | 中国联合网络通信集团有限公司 | Verification method and device |
| CN111835765B (en) * | 2020-07-13 | 2022-09-23 | 中国联合网络通信集团有限公司 | Verification method and device |
| CN114125737A (en) * | 2021-11-17 | 2022-03-01 | 深圳市一诺成电子有限公司 | Intelligent control method and equipment for sending intelligent voice click-to-read information in tablet personal computer |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105072080B (en) | 2018-04-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105072080A (en) | Information verification method, device and system | |
| CA2737777C (en) | User authentication management | |
| CN104902028B (en) | A kind of a key login authentication method, apparatus and system | |
| CN108632253B (en) | Client data security access method and device based on mobile terminal | |
| US9059858B1 (en) | User characteristic based digital signature of documents | |
| EP3203709B1 (en) | Cloud service server and method for managing cloud service server | |
| CN106911687B (en) | Page construction control method and device | |
| CN109542361B (en) | Distributed storage system file reading method, system and related device | |
| CN104144419A (en) | Identity authentication method, device and system | |
| CN105101205B (en) | A kind of a key login authentication method, apparatus and system | |
| CN108965250B (en) | Digital certificate installation method and system | |
| CN105100108A (en) | Login authentication method, device and system based on face identification | |
| CN108055238B (en) | Account verification method and system | |
| CN105141427A (en) | Login authentication method, device and system based on voiceprint recognition | |
| CN104796385A (en) | Terminal binding method, device and system | |
| CN104902479A (en) | Network security management equipment and method and mobile terminal | |
| CN105187412A (en) | Login authentication method, device and system based on gesture recognition | |
| CN104639521A (en) | Application safety verification method and system, application server and application client | |
| CN104486371A (en) | Equipment and method for downloading file on batch | |
| CN110334529B (en) | Data processing method, device, equipment, system and audio equipment | |
| CN110933014B (en) | Cloud service access method, device and computer-readable storage medium | |
| CN105577621B (en) | Business operation verification method, device and system | |
| KR20160042399A (en) | Creating a contact list and pre-populated user accounts | |
| CN104394210B (en) | Direct-connected communication means and device | |
| CN109543398B (en) | Application program account migration method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information |
Inventor after: Wu Hongsheng Inventor before: Wu Hongsheng Inventor before: Wu Yunbin |
|
| COR | Change of bibliographic data | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20170523 Address after: 510660, room 2, 388 central street, Huangcun village, Guangzhou, Guangdong, Tianhe District Applicant after: Guangzhou cipher technology Co., Ltd. Address before: 100000 Beijing city Chaoyang District South Mill Road No. 37 room 1701-1703 (Downtown North boring centralized Office District No. 177427) Applicant before: SECKEN, INC. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |