CN105100005A - Identity verification method and device - Google Patents
Identity verification method and device Download PDFInfo
- Publication number
- CN105100005A CN105100005A CN201410190284.5A CN201410190284A CN105100005A CN 105100005 A CN105100005 A CN 105100005A CN 201410190284 A CN201410190284 A CN 201410190284A CN 105100005 A CN105100005 A CN 105100005A
- Authority
- CN
- China
- Prior art keywords
- picture
- user terminal
- theme
- preset themes
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention proposes an identity verification method and device which are high in safety. The method comprises the steps that a server receives a verification code pull request transmitted by a user terminal, wherein the verification code pull request contains the account information of the user terminal; a preset theme corresponding to the account information is obtained according to the account information; a plurality of to-be-selected pictures are obtained from an image database; each to-be-selected picture is provided with a corresponding theme; the theme of at least one of the plurality of obtained to-be-selected pictures is the same as the preset theme; the plurality of obtained to-be-selected pictures are transmitted to the user terminal for display; the information of a selected picture returned by the user terminal is received, and the identity of a user is verified according to the theme of the selected picture and the preset theme, wherein the selected picture is selected by the user from the plurality of to-be-selected pictures.
Description
Technical field
The present invention relates to technical field of the computer network, particularly relate to a kind of auth method and device.
Background technology
Day by day universal along with computer and computer network, the Internet has been deep into the every field of people's work, studying and living.The development of network also brings various challenge provide easily for people while.Some can utilize robot program's improper use Internet resources in large quantities, such as, mass-send spam etc., server usefulness is greatly reduced.Also someone utilizes program constantly to send service request response, carries out " saturation attack " to reach the object making servers go down.Even somebody attempts utilizing sudden huge profits to crack etc. means carries out the behaviors such as malice decryption.For avoiding above-mentioned malicious act, designing a set of automatic resolution information of computer that can allow is instrument from reasonable user or the robot program of improper use, just seems extremely important.
Use identifying code picture to be now relatively more current mode, the main purpose of identifying code picture is resolution network service user is program or the mankind.Identifying code picture is a secondary picture containing effective identifying code (being made up of machine recognizable character), can require that user answers and show which word in this pictures.In order to avoid automatically being identified by machine, usually can by being connected the alphabetical stroke of identifying code, the font of word being carried out torsional deformation or increase the means such as background and process the word in identifying code picture, thus machine is identified automatically disturb.
But, as shown in Figure 1, the existing auth method based on identifying code picture, need the character that user is shown in manual input validation code picture 2 in identifying code input frame 1, need to have come by keyboard owing to manually inputting, the character therefore determined in identifying code picture must be easily understood.Content in current identifying code picture generally all adopts letter or number, and selectable range is little, as long as collect enough samples, carries out machine learning and training, can develop the automaton program that can crack identifying code soon.Even add the identifying code picture of background, if context vault is huge not, still can be cracked by automaton.Therefore, the entirety of identifying code picture is anti-, and to crack ability poor, and fail safe is lower.
Summary of the invention
The object of the embodiment of the present invention is, the auth method providing a kind of fail safe higher and device.
The embodiment of the present invention provides a kind of auth method, and described method comprises: the identifying code that server receives user terminal sends pulls request, and described identifying code pulls the account that request carries described user terminal; The preset themes corresponding with described account is obtained according to described account, by obtaining multiple picture to be selected in picture database, each picture to be selected all has corresponding theme, has at least the theme of a picture to be selected identical with described preset themes in the picture multiple to be selected obtained; Obtained picture multiple to be selected is handed down to described user terminal show; And receive the information of the selected picture that described user terminal returns, and to verify according to the theme of described selected picture and the identity of described preset themes to described user, described selected picture for user in described multiple picture to be selected the picture selected.
The embodiment of the present invention also provides a kind of auth method, and described method comprises: user terminal sends identifying code to server and pulls request, and described identifying code pulls the account that request carries described user terminal; Receive and show the picture multiple to be selected that described server issues, described multiple picture to be selected is obtained from picture database by described server, each picture to be selected all has corresponding theme, have at least the theme of a picture to be selected identical with preset themes in the picture multiple to be selected obtained, described preset themes is obtained according to described account by described server; And according to the selection of user to described multiple picture to be selected, obtain the information of selected picture, and the information of described selected picture is sent to described server, with make described server according to the theme of described selected picture and described preset themes the identity to described user verify.
Accordingly, the embodiment of the present invention also provides a kind of authentication means, described device can run on server, described device can comprise: request receiving module, the identifying code sent for receiving user terminal pulls request, and described identifying code pulls the account that request carries described user terminal; Picture acquisition module, for obtaining the preset themes corresponding with described account according to described account, by obtaining multiple picture to be selected in picture database, each picture to be selected all has corresponding theme, has at least the theme of a picture to be selected identical with described preset themes in the picture multiple to be selected obtained; Picture issues module, shows for obtained picture multiple to be selected is handed down to described user terminal; And authentication module, for receiving the information of the selected picture that described user terminal returns, and verify according to the theme of described selected picture and the identity of described preset themes to described user, described selected picture for user in described multiple picture to be selected the picture selected.
Accordingly, the embodiment of the present invention also provides a kind of authentication means, can run on user terminal, and described device can comprise: request sending module, pull request for sending identifying code to server, described identifying code pulls the account that request carries described user terminal; Picture display module, for receiving and showing the picture multiple to be selected that described server issues, described multiple picture to be selected is obtained from picture database by described server, each picture to be selected all has corresponding theme, have at least the theme of a picture to be selected identical with preset themes in the picture multiple to be selected obtained, described preset themes is obtained according to described account by described server; And information returns module, for according to the selection of user to described multiple picture to be selected, obtain the information of selected picture, and the information of described selected picture is sent to described server, with make described server according to the theme of described selected picture and described preset themes the identity to described user verify.
Auth method in the embodiment of the present invention and device, compared by the theme of determining picture by user-selected and preset themes and carry out authentication, take full advantage of the mankind to the innate advantage in the understanding of picture theme, because machine exists very large difficulty on understanding picture theme, therefore the difficulty that machine cracks identifying code is considerably increased, in addition, because preset themes is set by the user setting up described user terminal account number, the setting before as long as user does not forget, just can select the picture to be selected that meets preset themes with by checking, and other users also cannot see preset themes, proof procedure is made to have more confidentiality, be not easy to be cracked, therefore fail safe is higher.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to technological means of the present invention can be better understood, and can be implemented according to the content of specification, and can become apparent to allow above and other object of the present invention, feature and advantage, below especially exemplified by preferred embodiment, and coordinate accompanying drawing, be described in detail as follows.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme in the embodiment of the present invention, below the accompanying drawing used required in describing embodiment is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the interactive interface schematic diagram of existing employing identifying code picture when carrying out authentication.
Fig. 2 is the applied environment figure of the embodiment of the present invention.
Fig. 3 is a kind of structured flowchart that can be applicable to the user terminal of the embodiment of the present invention.
Fig. 4 is a kind of structured flowchart that can be applicable to the server of the embodiment of the present invention.
Fig. 5 is the flow chart of the auth method that first embodiment of the invention provides.
Fig. 6 is an interactive interface schematic diagram in the embodiment of the present invention.
Fig. 7 is the flow chart of the auth method that second embodiment of the invention provides.
Fig. 8 is the flow chart of the auth method that third embodiment of the invention provides.
Fig. 9 is the structured flowchart of the authentication means that fourth embodiment of the invention provides.
Figure 10 is the structured flowchart of part-structure in Fig. 9.
Figure 11 is the structured flowchart of the authentication means that fifth embodiment of the invention provides.
Figure 12 is the structured flowchart of the authentication system in sixth embodiment of the invention.
Embodiment
For further setting forth the present invention for the technological means reaching predetermined goal of the invention and take and effect, below in conjunction with accompanying drawing and preferred embodiment, the auth method propose foundation the present invention and the embodiment of authentication means, method, step, structure, feature and effect thereof, be described in detail as follows.
Aforementioned and other technology contents, Characteristic for the present invention, can know and present in the detailed description of following cooperation with reference to graphic preferred embodiment.By the explanation of embodiment, when can to the present invention for the technological means reaching predetermined object and take and effect be able to more deeply and concrete understanding, however institute's accompanying drawings be only to provide with reference to and the use of explanation, be not used for being limited the present invention.
Refer to Fig. 2, Figure 2 shows that the applied environment figure of the auth method that the embodiment of the present invention provides.As shown in Figure 2, user terminal 100 and server 200 are arranged in wireless or cable network 300, wireless or cable network 300 by this, user terminal 100 and the intercommunication of server 200 phase.
User terminal 100 specifically can comprise smart mobile phone, panel computer, E-book reader, MP3 player (MovingPictureExpertsGroupAudioLayerIII, dynamic image expert compression standard audio frequency aspect 3), MP4 (MovingPictureExpertsGroupAudioLayerIV, dynamic image expert compression standard audio frequency aspect 4) player, pocket computer on knee, car-mounted terminal etc.
Fig. 3 shows a kind of structured flowchart of the user terminal that can be applicable in the embodiment of the present invention.As shown in Figure 3, user terminal 100 comprises memory 102, storage control 104, one or more (only illustrating one in figure) processor 106, Peripheral Interface 108, radio-frequency module 110, locating module 112, image capture module 114, audio-frequency module 116, Touch Screen 118 and key-press module 120.These assemblies are by one or more communication bus/holding wire 122 communication mutually.
Be appreciated that the structure shown in Fig. 3 is only signal, user terminal 100 also can comprise than assembly more or less shown in Fig. 3, or has the configuration different from shown in Fig. 3.Each assembly shown in Fig. 3 can adopt hardware, software or its combination to realize.
Memory 102 can be used for storing software program and module, as the auth method in the embodiment of the present invention and program command/module corresponding to device, processor 106 is by running the software program and module that are stored in memory 102, thus perform the application of various function and data processing, as the auth method that the embodiment of the present invention provides.
Memory 102 can comprise high speed random asccess memory, also can comprise nonvolatile memory, as one or more magnetic storage device, flash memory or other non-volatile solid state memories.In some instances, memory 102 can comprise the memory relative to the long-range setting of processor 106 further, and these remote memories can be connected to user terminal 100 by network.The example of above-mentioned network includes but not limited to the Internet, intranet, local area network (LAN), mobile radio communication and combination thereof.Processor 106 and other possible assemblies can carry out the access of memory 102 under the control of storage control 104.
Various input/output device is coupled to CPU and memory 102 by Peripheral Interface 108.Various softwares in processor 106 run memory 102, instruction are to perform the various function of user terminal 100 and to carry out data processing.
In certain embodiments, Peripheral Interface 108, processor 106 and storage control 104 can realize in one single chip.In some other example, they can respectively by independently chip realization.
Radio-frequency module 110, for receiving and sending electromagnetic wave, realizes the mutual conversion of electromagnetic wave and the signal of telecommunication, thus carries out communication with communication network or other equipment.Radio-frequency module 110 can comprise the various existing circuit element for performing these functions, such as, and antenna, radio-frequency (RF) transceiver, digital signal processor, encrypt/decrypt chip, subscriber identity module (SIM) card, memory etc.Radio-frequency module 110 can with various network as the Internet, intranet, wireless network carry out communication or carry out communication by wireless network and other equipment.Above-mentioned wireless network can comprise cellular telephone networks, WLAN (wireless local area network) or metropolitan area network.Above-mentioned wireless network can use various communication standard, agreement and technology, include, but are not limited to global system for mobile communications (GlobalSystemforMobileCommunication, GSM), enhancement mode mobile communication technology (EnhancedDataGSMEnvironment, EDGE), Wideband CDMA Technology (widebandcodedivisionmultipleaccess, W-CDMA), CDMA (Code Division Multiple Access) (Codedivisionaccess, CDMA), tdma (timedivisionmultipleaccess, TDMA), bluetooth, adopting wireless fidelity technology (Wireless, Fidelity, WiFi) (as IEEE-USA standard IEEE 802.11a, IEEE802.11b, IEEE802.11g and/or IEEE802.11n), the networking telephone (Voiceoverinternetprotocal, VoIP), worldwide interoperability for microwave access (WorldwideInteroperabilityforMicrowaveAccess, Wi-Max), other are for mail, the agreement of instant messaging and short message, and any other suitable communications protocol, even can comprise those current agreements be developed not yet.
Locating module 112 is for obtaining the current location of user terminal 100.The example of locating module 112 includes but not limited to GPS (Global Position System) (GPS), location technology based on WLAN (wireless local area network) or mobile radio communication.
Image capture module 114 is for taking pictures or video.Photo or the video of shooting can be stored in memory 102, and send by radio-frequency module 110.
Audio-frequency module 116 provides audio interface to user, and it can comprise one or more microphone, one or more loud speaker and voicefrequency circuit.Voicefrequency circuit receives voice data from Peripheral Interface 108, voice data is converted to telecommunications breath, and telecommunications breath is transferred to loud speaker.Telecommunications breath is changed the sound wave can heard into people's ear by loud speaker.Voicefrequency circuit also from microphone receive telecommunications breath, convert electrical signals to voice data, and by data transmission in network telephony to Peripheral Interface 108 to be further processed.Voice data can obtain from memory 102 or by radio-frequency module 110.In addition, voice data also can be stored in memory 102 or by radio-frequency module 110 and send.In some instances, audio-frequency module 116 also can comprise an earphone and broadcast hole, for providing audio interface to earphone or other equipment.
Touch Screen 118 provides one simultaneously and exports and inputting interface between user terminal 100 and user.Particularly, Touch Screen 118 exports to user's display video, and the content of these video frequency output can comprise word, figure, video and combination in any thereof.Some Output rusults correspond to some user interface object.Touch Screen 118 also receives the input of user, and the gesture operation such as click, slip of such as user, so that response is made in the input of user interface object to these users.The technology detecting user's input can be based on resistance-type, condenser type or other touch control detection technology possible arbitrarily.By detect user input technology can obtain user input time, user input position, user's gesture track, dynamics etc.The instantiation of Touch Screen 118 display unit includes, but are not limited to liquid crystal display or light emitting polymer displays.
Key-press module 120 provides user to carry out the interface inputted to user terminal 100 equally, and user can perform different functions by pressing different buttons to make user terminal 100.
Fig. 4 is a kind of structured flowchart of the server that can be applicable in the embodiment of the present invention.As shown in Figure 4, server 200 comprises: memory 201, processor 202 and mixed-media network modules mixed-media 203.Be appreciated that the structure shown in Fig. 4 is only signal, it does not cause restriction to the structure of the server in the embodiment of the present invention.Such as, the server in the embodiment of the present invention also can comprise than assembly more or less shown in Fig. 4, or has the configuration different from shown in Fig. 4.In addition, the server in the embodiment of the present invention can also comprise the server of multiple concrete difference in functionality.
Memory 201 can be used for storing software program and module, as the auth method in the embodiment of the present invention and program command/module corresponding to device, processor 202 is by running the software program and module that are stored in memory 201, thus perform the application of various function and data processing, namely realize the auth method in the embodiment of the present invention.Memory 201 can comprise high speed random asccess memory, also can comprise nonvolatile memory, as one or more magnetic storage device, flash memory or other non-volatile solid state memories.In some instances, memory 201 can comprise the memory relative to the long-range setting of processor 202 further, and these remote memories can be connected to server 200 by network.
Mixed-media network modules mixed-media 203 is for receiving and sending network signal.Above-mentioned network signal can comprise wireless signal or wire signal.In an example, above-mentioned network signal is cable network signal.Now, mixed-media network modules mixed-media 203 can comprise the elements such as processor, random asccess memory, transducer, crystal oscillator.
Above-mentioned software program and module also comprise operating system, such as can be LINUX, UNIX, WINDOWS, it can comprise the various component software for management system task (such as memory management, memory device control, power management etc.) and/or driving, and can with various hardware or the mutual communication of component software, thus provide the running environment of other component softwares.
It should be noted that, server in the embodiment of the present invention can be individual server, also can be server cluster, comprise the server of difference in functionality, such as, can comprise web server, authentication server, identifying code generation server, material storage server etc.
It should be noted that, the account of the user terminal in the embodiment of the present invention can be the browser of user terminal or the usersaccount information (comprising account number name and password) of application, such as: the user of the instant messaging application of user terminal logs in account etc.When user's registration or first time use account information, the essential information of account and user terminal can be reported server by user terminal, server can be recorded in Accounts List, have recorded the essential information of all user terminals corresponding with each account in Accounts List.Wherein, the essential information of user terminal can comprise the information such as identify label, terminal type of user terminal.
Below in conjunction with accompanying drawing, the auth method provided the embodiment of the present invention, device are described in detail.
First embodiment
Refer to Fig. 5, be depicted as the flow chart of the auth method that first embodiment of the invention provides.Composition graphs 2, what the present embodiment described is the handling process of server, and the auth method that the present embodiment provides comprises the following steps:
Step S11, the identifying code that server receives user terminal sends pulls request, and described identifying code pulls the account that request carries described user terminal.
When user terminal monitor user use terminal carry out initiating transaction etc. need the sensitive operation of identity verification or log within certain time period certain number of applications too much or strange land log in certain application or log in the situations such as certain applied cryptography input error number of times is too much occur time, can judge that authentication request is triggered, user terminal can send identifying code to server and pull request.
User terminal can to pre-configured server, such as, can be a web page address, sends identifying code and pulls request, to obtain identifying code.Concrete, identifying code pulls in request can carry page iden-tity, and page iden-tity is for identifying a unique page, and can be such as a numeral, during each refresh page, page iden-tity all can change, and pulls request have corresponding relation with identifying code.In the embodiment of the present invention, identifying code pulls the account also carrying described user terminal in request.Further, before execution step S11, server can establish picture database in advance, stores the information of all pictures in described picture database, and described information can comprise for the picture identification of each picture of unique identification and theme corresponding to each picture.The theme that in the embodiment of the present invention, each picture is corresponding refers to main body and the core of image content, such as landscape, personage, animal, etc., by manually carrying out demarcating and being stored in picture database, generally can demarcate with the form of character string.Same picture also can have multiple theme, such as, is the picture of a taxi for content, can demarcates it and theme as the vehicles, automobile, taxi etc.Picture in picture database is preferably various picture in kind, obtain because picture in kind is easier from the Internet on the one hand, therefore the number ratio of picture sample is easier to reach certain scale, on the other hand, with existing development of computer level, the sort program general to a certain class material object training one is more difficult, such as, even theme is all the picture of automobile, due to the size of automobile, color, decoration, all may there is very large difference in the aspects such as angle, for such two pictures, if the means of use machine learning carry out classifying just be difficult to the process of cluster, therefore adopt picture in kind can the anti-ability of cracking of more effective raising verification method.
Further, before execution step S11, server can also receive and store the preset themes corresponding with described account, and described preset themes is set by the user setting up described user terminal account number.
Set up the user of the account number of described user terminal after setting up account, a preset themes corresponding with described account can be set, select one or more as the theme corresponding with account in multiple themes that user can provide at user terminal, the theme that user selectes by user terminal sends to server as the preset themes corresponding with account information, and server stores this preset themes and the corresponding relation between this preset themes and account after receiving preset themes.
Further, the picture partly or entirely meeting described preset themes in described picture database can also be returned described user terminal and shows, with the content facilitating user to be familiar with these pictures by server.
Step S12, the preset themes corresponding with described account is obtained according to described account, by obtaining multiple picture to be selected in picture database, each picture to be selected all has corresponding theme, has at least the theme of a picture to be selected identical with described preset themes in the picture multiple to be selected obtained.
The account that server can pull in request according to identifying code searches the preset themes corresponding with account information.If the preset themes that user is arranged has multiple, that is corresponding with account preset themes is multiple, server can be random choose a preset themes as current preset themes, if the preset themes that user is arranged only has one, this preset themes is directly as current preset themes.
After preset themes is determined, server can obtain multiple picture to be selected from picture database, have at least the theme of a picture to be selected identical with current preset themes in the picture multiple to be selected obtained, to ensure that user can select the picture had with preset themes same subject in picture to be selected.Such as, suppose that preset themes is football, in the picture to be selected that server obtains, at least will comprise the picture that themes as football.
The quantity of picture to be selected is at least more than or equal to two, the quantity of picture to be selected can pre-set by grade of difficulty as required, such as, if wish that it is less that the quantity of picture to be selected can be arranged by lower for the difficulty of checking, such as 3, if wish the difficulty increasing checking, it is more that the quantity of picture to be selected can be arranged, such as 16 etc., certainly, the specific embodiment of the present invention is not as limit.
Step S13, is handed down to described user terminal by obtained picture multiple to be selected and shows.
While multiple picture to be selected is handed down to user terminal by server, identifying code can be recorded and pull corresponding relation between the page iden-tity of request, the account of user terminal, preset themes and the information such as picture identification and theme of picture multiple to be selected that issues.
While multiple picture to be selected is handed down to user terminal by server, the picture identification corresponding with multiple picture to be selected can also be handed down to user terminal, or by after multiple picture to be selected again label, the label of correspondence be handed down to user terminal.Also can carry out label by user terminal to multiple picture to be selected, such as, have 9 pictures to be selected, label can be carried out with Arabic numerals or letter to these 9 pictures to be selected.
The mode of user terminal displays picture to be selected can comprise: show multiple picture to be selected, the label of each picture to be selected and Text Entry (as shown in Figure 6), and described Text Entry inputs the label of selected picture for user; Or show multiple picture to be selected, the label of each picture to be selected and phonetic entry frame, described Text Entry is for the label of the selected picture of user speech input; Or multiple picture to be selected being presented at one can in touch interface, for the picture that user's touch-control is selected; Or choose control for each picture to be selected arranges one, etc.The specific embodiment of the present invention is not limited in the mode of above-mentioned several display picture to be selected.
If the preset themes that user is arranged is a preset themes, this preset themes can be returned user terminal by server, also can not return, and does not preferably return.Because preset themes is that user oneself is arranged, therefore, even if server does not return preset themes, the setting before as long as user does not forget, just can select the picture to be selected meeting preset themes, and other users also cannot see preset themes, making proof procedure have more confidentiality, being not easy by people as cracking.Such as, if the preset themes arranged before user forgets, also can, to server retrieves preset themes, can use the mobile phone, mailbox etc. bound with account to fetch preset themes.
If the preset themes that user is arranged is multiple, the current preset theme of random selecting can be returned to user terminal by server, with the picture to be selected of preset themes before reminding described user that selector in described multiple picture to be selected is fated.
Step S14, receive the information of the selected picture that described user terminal returns, and verify according to the theme of described selected picture and the identity of described preset themes to described user, described selected picture for user in described multiple picture to be selected the picture selected.
User terminal, according to the selection of user to described multiple picture to be selected, returns the information of selected picture to described server, can also return the page iden-tity that identifying code pulls request simultaneously and search for server.User terminal can select corresponding processing rule according to the display packing of picture to be selected, and such as, if user's input is the label of selected picture, picture identification corresponding for label can be sent to server by user terminal; If store the label that picture to be selected is corresponding in server, the label of selected picture also directly can be sent to server by user terminal; If user selects picture by touch control manner, user terminal can go out picture corresponding to touch control operation according to the position calculation of user's touch control operation, then by the picture identification return service device of picture, etc., the specific embodiment of the present invention is not as limit.
Server can according to page iden-tity, find the preset themes corresponding with this page iden-tity, and obtain the theme of selected picture according to the picture identification of selected picture or label, then verify according to the theme of described selected picture and the identity of described preset themes to described user.
Concrete, server can calculate the theme of described selected picture and the matching degree of described preset themes, if described matching degree reaches predetermined threshold value, then decision verification result is for passing through, otherwise decision verification result is not for pass through.Because theme is generally demarcate with the form of character string, therefore the circular of matching degree can adopt string matching algorithm, and predetermined threshold value can set according to actual needs.
In the technical scheme that the present embodiment provides, when carrying out authentication, server can send to the multiple picture to be selected of user terminal, have at least the theme of a picture to be selected identical with preset themes in multiple picture to be selected, only have when the theme of user-selected picture and the matching degree of preset themes reach predetermined threshold value, just by checking.Auth method in the embodiment of the present invention, compared by the theme of determining picture by user-selected and preset themes and carry out authentication, take full advantage of the mankind to the innate advantage in the understanding of picture theme, because machine exists very large difficulty on understanding picture theme, therefore the difficulty that machine cracks identifying code is considerably increased, in addition, because preset themes is set by the user setting up described user terminal account number, the setting before as long as user does not forget, just can select the picture to be selected that meets preset themes with by checking, and other users also cannot see preset themes, proof procedure is made to have more confidentiality, be not easy to be cracked, therefore fail safe is higher.
Second embodiment
Refer to Fig. 7, be depicted as the flow chart of the auth method that second embodiment of the invention provides.Composition graphs 2, what the present embodiment described is the handling process of user terminal, and the auth method in the present embodiment comprises:
Step S21, user terminal sends identifying code to server and pulls request, and described identifying code pulls the account that request carries described user terminal.
Further, before step S21, the preset themes corresponding with described account can also send to server to store by user terminal, and wherein, described preset themes is set by the user setting up described user terminal account number.User terminal can also receive and show part in that described server returns, described picture database and meet the picture of described preset themes, so that the user arranging preset themes is familiar with these pictures.Concrete method with reference to the related content in the first embodiment, can repeat no more here.
Step S22, receive and show the picture multiple to be selected that described server issues, described multiple picture to be selected is obtained from picture database by described server, each picture to be selected all has corresponding theme, have at least the theme of a picture to be selected identical with preset themes in the picture multiple to be selected obtained, described preset themes is obtained according to described account by described server.
Further, if the preset themes corresponding with described account is multiple, described user terminal can also receive the current preset theme that described server returns, and remind described user in described multiple picture to be selected, select to meet the picture of described current preset theme, described current preset theme is by described server random selecting in described multiple preset themes.
Step S23, according to the selection of user to described multiple picture to be selected, obtain the information of selected picture, and the information of described selected picture sent to described server, with make described server according to the theme of described selected picture and described preset themes the identity to described user verify.
The specific implementation process of step S21 to step S23, with reference to the associated description in the first embodiment, can repeat no more here.
Auth method in the embodiment of the present invention, compared by the theme of determining picture by user-selected and preset themes and carry out authentication, take full advantage of the mankind to the innate advantage in the understanding of picture theme, because machine exists very large difficulty on understanding picture theme, therefore the difficulty that machine cracks identifying code is considerably increased, in addition, because preset themes is set by the user setting up described user terminal account number, the setting before as long as user does not forget, just can select the picture to be selected that meets preset themes with by checking, and other users also cannot see preset themes, proof procedure is made to have more confidentiality, be not easy to be cracked, therefore fail safe is higher.
3rd embodiment
Refer to Fig. 8, be depicted as the flow chart of the auth method that third embodiment of the invention provides.Composition graphs 2, what this embodiment described is interaction process flow process between user terminal and server.Auth method in the present embodiment can comprise:
Step S301, user terminal receives the account of user's input.
Step S302, the essential information of described account and described user terminal is reported server by user terminal.
Step S303, the account of described account as described user terminal stores by described server.
Step S304, server returns multiple theme to user terminal.
Step S305, user terminal shows multiple theme to user.
Step S306, user terminal receives the theme that user selectes.
Step S307, the theme that user selectes by user terminal sends to server as the preset themes corresponding with account information.
Step S308, this preset themes of server stores and the corresponding relation between this preset themes and account.
Step S309, the picture partly or entirely meeting described preset themes in picture database is returned described user terminal by server.
Step S310, user terminal meets the picture of described preset themes, to make user be familiar with these pictures to user's display.
Above step S301 to step S310 essentially describes the detailed process that normal users arranges preset themes picture.
When user use user terminal carry out initiating transaction etc. need the sensitive operation of identity verification or user terminal to monitor to log within certain time period certain number of applications too much or strange land log in certain application or log in the situations such as certain applied cryptography input error number of times is too much occur time, authentication request can be identified as and be triggered.The detailed process of authentication will be described below.
Step S311, user terminal sends identifying code to server and pulls request, and described identifying code pulls the account that request carries described user terminal.
Step S312, server obtains the preset themes corresponding with described account according to described account, by obtaining multiple picture to be selected in picture database, each picture to be selected all has corresponding theme, has at least the theme of a picture to be selected identical with described preset themes in the picture multiple to be selected obtained.
Step S313, obtained picture multiple to be selected is handed down to described user terminal by server.
Step S314, user terminal shows described multiple picture to be selected to user.
Step S315, user terminal, according to the selection of user to described multiple picture to be selected, obtains the information of selected picture.
Step S316, the information of described selected picture is sent to described server by user terminal.
Step S317, server calculates the theme of described selected picture and the matching degree of described preset themes, if described matching degree reaches predetermined threshold value, then decision verification result is for passing through, otherwise decision verification result is not for pass through.
Auth method in the embodiment of the present invention, compared by the theme of determining picture by user-selected and preset themes and carry out authentication, take full advantage of the mankind to the innate advantage in the understanding of picture theme, because machine exists very large difficulty on understanding picture theme, therefore the difficulty that machine cracks identifying code is considerably increased, in addition, because preset themes is set by the user setting up described user terminal account number, the setting before as long as user does not forget, just can select the picture to be selected that meets preset themes with by checking, and other users also cannot see preset themes, proof procedure is made to have more confidentiality, be not easy to be cracked, therefore fail safe is higher.
The structural representation of a kind of authentication means that Fig. 9 provides for fourth embodiment of the invention.Please refer to Fig. 9, the device that the present embodiment proposes can run on server, and for realizing the auth method that above-described embodiment proposes, the device 40 in the present embodiment can comprise:
Request receiving module 41, the identifying code sent for receiving user terminal pulls request, and described identifying code pulls the account that request carries described user terminal;
Picture acquisition module 42, for obtaining the preset themes corresponding with described account according to described account, by obtaining multiple picture to be selected in picture database, each picture to be selected all has corresponding theme, has at least the theme of a picture to be selected identical with described preset themes in the picture multiple to be selected obtained;
Picture issues module 43, shows for obtained picture multiple to be selected is handed down to described user terminal; And
Authentication module 44, for receiving the information of the selected picture that described user terminal returns, and verify according to the theme of described selected picture and the identity of described preset themes to described user, described selected picture for user in described multiple picture to be selected the picture selected.
Further, device 40 can also comprise theme memory module 45, and for receiving and storing the preset themes corresponding with described account, described preset themes is set by the user setting up described user terminal account number.
Further, described theme memory module 45 also shows for the picture partly meeting described preset themes in described picture database is returned described user terminal.
Device 40 can also comprise Database module 46, and for storing the information of all pictures in described picture database, described information comprises for the picture identification of each picture of unique identification and theme corresponding to each picture.
Further, described picture issues module 43 and can also be used for: if the preset themes corresponding with described account is multiple, random selecting preset themes returns to described user terminal as current preset theme, with the picture to be selected of preset themes before reminding described user that selector in described multiple picture to be selected is fated.
Please refer to Figure 10, described authentication module 44 can comprise:
Computing unit 441, for according to the theme of selected picture to be selected and described preset themes, calculate select the theme of picture to be selected and the matching degree of described preset themes;
Judging unit 442, for judging whether described matching degree reaches predetermined threshold value, if so, then decision verification result is for passing through, otherwise decision verification result is not for pass through.
Each module can be by software code realization above, and now, above-mentioned each module can be stored in the memory of user terminal.Each module can be realized by hardware such as integrated circuit (IC) chip equally above.
It should be noted that, the function of each functional module of the user terminal of the embodiment of the present invention can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can be not repeated herein.
Authentication means in the embodiment of the present invention, compared by the theme of determining picture by user-selected and preset themes and carry out authentication, take full advantage of the mankind to the innate advantage in the understanding of picture theme, because machine exists very large difficulty on understanding picture theme, therefore the difficulty that machine cracks identifying code is considerably increased, in addition, because preset themes is set by the user setting up described user terminal account number, the setting before as long as user does not forget, just can select the picture to be selected that meets preset themes with by checking, and other users also cannot see preset themes, proof procedure is made to have more confidentiality, be not easy to be cracked, therefore fail safe is higher.
5th embodiment
The structural representation of a kind of authentication means that Figure 11 provides for fifth embodiment of the invention.Please refer to Figure 11, the device that the present embodiment proposes can run on user terminal, and for realizing the auth method that above-described embodiment proposes, the device 50 in the present embodiment can comprise:
Request sending module 51, pull request for sending identifying code to server, described identifying code pulls the account that request carries described user terminal;
Picture display module 52, for receiving and showing the picture multiple to be selected that described server issues, described multiple picture to be selected is obtained from picture database by described server, each picture to be selected all has corresponding theme, have at least the theme of a picture to be selected identical with preset themes in the picture multiple to be selected obtained, described preset themes is obtained according to described account by described server; And
Information returns module 53, for according to the selection of user to described multiple picture to be selected, obtain the information of selected picture, and the information of described selected picture is sent to described server, with make described server according to the theme of described selected picture and described preset themes the identity to described user verify.
Further, device 50 can also comprise theme and arrange module 54, for sending to server to store the account of described user terminal and the preset themes corresponding with described account, described preset themes is set by the user setting up described user terminal account number.
Further, described theme arranges module 54 also for receiving and showing the picture partly meeting described preset themes in that described server returns, described picture database.
Further, described picture display module 52 can also be used for the picture to be selected that reminding user selects to meet described preset themes in described multiple picture to be selected.
Each module can be by software code realization above, and now, above-mentioned each module can be stored in the memory of user terminal.Each module can be realized by hardware such as integrated circuit (IC) chip equally above.
It should be noted that, the function of each functional module of the user terminal of the embodiment of the present invention can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can be not repeated herein.
Authentication means in the embodiment of the present invention, compared by the theme of determining picture by user-selected and preset themes and carry out authentication, take full advantage of the mankind to the innate advantage in the understanding of picture theme, because machine exists very large difficulty on understanding picture theme, therefore the difficulty that machine cracks identifying code is considerably increased, in addition, because preset themes is set by the user setting up described user terminal account number, the setting before as long as user does not forget, just can select the picture to be selected that meets preset themes with by checking, and other users also cannot see preset themes, proof procedure is made to have more confidentiality, be not easy to be cracked, therefore fail safe is higher.
6th embodiment
Figure 12 is the structured flowchart of the authentication system in sixth embodiment of the invention.Please refer to Figure 12, the authentication system 60 that the present embodiment proposes may be used for the auth method realizing above-described embodiment proposition, authentication system 60 in the present embodiment can comprise: user terminal 61 and server 62, user terminal 61 can be the user terminal in the 4th embodiment, and server 62 can be the server in the 5th embodiment.The function of the user terminal of the embodiment of the present invention and each functional module of server can according to the method in above-described embodiment or device specific implementation, and its specific implementation process with reference to the associated description of above-described embodiment, can be not repeated herein.
It should be noted that, each embodiment in this specification all adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar part mutually see.For device class embodiment, due to itself and embodiment of the method basic simlarity, so description is fairly simple, relevant part illustrates see the part of embodiment of the method.
It should be noted that, in this article, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or device and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or device.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the device comprising this key element and also there is other identical element.
One of ordinary skill in the art will appreciate that all or part of step realizing above-described embodiment can have been come by hardware, the hardware that also can carry out instruction relevant by program completes, the program of being somebody's turn to do can be stored in a kind of computer-readable recording medium, the above-mentioned storage medium mentioned can be read-only memory, disk or CD etc.
The above, it is only preferred embodiment of the present invention, not any pro forma restriction is done to the present invention, although the present invention discloses as above with preferred embodiment, but and be not used to limit the present invention, any those skilled in the art, do not departing within the scope of technical solution of the present invention, make a little change when the technology contents of above-mentioned announcement can be utilized or be modified to the Equivalent embodiments of equivalent variations, in every case be do not depart from technical solution of the present invention content, according to any simple modification that technical spirit of the present invention is done above embodiment, equivalent variations and modification, all still belong in the scope of technical solution of the present invention.
Claims (20)
1. an auth method, is characterized in that, described method comprises:
The identifying code that server receives user terminal sends pulls request, and described identifying code pulls the account that request carries described user terminal;
The preset themes corresponding with described account is obtained according to described account, by obtaining multiple picture to be selected in picture database, each picture to be selected all has corresponding theme, has at least the theme of a picture to be selected identical with described preset themes in the picture multiple to be selected obtained;
Obtained picture multiple to be selected is handed down to described user terminal show; And
Receive the information of the selected picture that described user terminal returns, and verify according to the theme of described selected picture and the identity of described preset themes to described user, described selected picture for user in described multiple picture to be selected the picture selected.
2. the method for claim 1, is characterized in that, the identifying code that described server receives user terminal sends also comprises before pulling the step of request:
Receive and store the preset themes corresponding with described account, described preset themes is set by the user setting up described user terminal account number.
3. method as claimed in claim 2, is characterized in that, described reception also after storing the step of the preset themes that described user terminal sends, also comprises:
Picture part in described picture database being met described preset themes returns described user terminal and shows.
4. the method for claim 1, is characterized in that, the identifying code that described server receives user terminal sends also comprises before pulling the step of request:
Set up described picture database, and store the information of all pictures in described picture database, described information comprises for the picture identification of each picture of unique identification and theme corresponding to each picture.
5. the method for claim 1, is characterized in that, the described step obtained picture multiple to be selected being handed down to described user terminal, also comprises:
If the preset themes corresponding with described account is multiple, random selecting preset themes returns to described user terminal as current preset theme, with the picture to be selected of preset themes before reminding described user that selector in described multiple picture to be selected is fated.
6. the method for claim 1, is characterized in that, the step that the described theme according to selected picture to be selected and the identity of described preset themes to described user are verified, comprising:
Calculate the theme of described selected picture and the matching degree of described preset themes, if described matching degree reaches predetermined threshold value, then decision verification result is for passing through, otherwise decision verification result is not for pass through.
7. an auth method, is characterized in that, described method comprises:
User terminal sends identifying code to server and pulls request, and described identifying code pulls the account that request carries described user terminal;
Receive and show the picture multiple to be selected that described server issues, described multiple picture to be selected is obtained from picture database by described server, each picture to be selected all has corresponding theme, have at least the theme of a picture to be selected identical with preset themes in the picture multiple to be selected obtained, described preset themes is obtained according to described account by described server; And
According to the selection of user to described multiple picture to be selected, obtain the information of selected picture, and the information of described selected picture is sent to described server, with make described server according to the theme of described selected picture and described preset themes the identity to described user verify.
8. method as claimed in claim 7, is characterized in that, described user terminal also comprises before pulling the step of request to server transmission identifying code:
Send to server to store the preset themes corresponding with described account, described preset themes is set by the user setting up described user terminal account number.
9. method as claimed in claim 8, is characterized in that, describedly the account of described user terminal and the preset themes corresponding with described account is sent to after server carries out the step stored, and also comprises:
Receive and show part in that described server returns, described picture database and meet the picture of described preset themes.
10. method as claimed in claim 7, is characterized in that, described reception also shows the step of the picture multiple to be selected that described server issues, and also comprises:
If the preset themes corresponding with described account is multiple, described user terminal receives the current preset theme that described server returns, and remind described user in described multiple picture to be selected, select to meet the picture of described current preset theme, described current preset theme is by described server random selecting in described multiple preset themes.
11. 1 kinds of authentication means, run on server, it is characterized in that, described device comprises:
Request receiving module, the identifying code sent for receiving user terminal pulls request, and described identifying code pulls the account that request carries described user terminal;
Picture acquisition module, for obtaining the preset themes corresponding with described account according to described account, by obtaining multiple picture to be selected in picture database, each picture to be selected all has corresponding theme, has at least the theme of a picture to be selected identical with described preset themes in the picture multiple to be selected obtained;
Picture issues module, shows for obtained picture multiple to be selected is handed down to described user terminal; And
Authentication module, for receiving the information of the selected picture that described user terminal returns, and verify according to the theme of described selected picture and the identity of described preset themes to described user, described selected picture for user in described multiple picture to be selected the picture selected.
12. devices as claimed in claim 11, it is characterized in that, described device also comprises:
Theme memory module, for receiving and storing the preset themes corresponding with described account, described preset themes is set by the user setting up described user terminal account number.
13. devices as claimed in claim 12, is characterized in that, the picture of described theme memory module also for part in described picture database being met described preset themes returns described user terminal and show.
14. devices as claimed in claim 11, it is characterized in that, described device also comprises: Database module, and for storing the information of all pictures in described picture database, described information comprises for the picture identification of each picture of unique identification and theme corresponding to each picture.
15. devices as claimed in claim 11, it is characterized in that, if it is also multiple for the preset themes corresponding with described account that described picture issues module, random selecting preset themes returns to described user terminal as current preset theme, with the picture to be selected of preset themes before reminding described user that selector in described multiple picture to be selected is fated.
16. devices as claimed in claim 11, it is characterized in that, described authentication module, comprising:
Computing unit, for according to the theme of selected picture to be selected and described preset themes, calculate select the theme of picture to be selected and the matching degree of described preset themes;
Judging unit, for judging whether described matching degree reaches predetermined threshold value, if so, then decision verification result is for passing through, otherwise decision verification result is not for pass through.
17. 1 kinds of authentication means, run on user terminal, it is characterized in that, described user terminal comprises:
Request sending module, pull request for sending identifying code to server, described identifying code pulls the account that request carries described user terminal;
Picture display module, for receiving and showing the picture multiple to be selected that described server issues, described multiple picture to be selected is obtained from picture database by described server, each picture to be selected all has corresponding theme, have at least the theme of a picture to be selected identical with preset themes in the picture multiple to be selected obtained, described preset themes is obtained according to described account by described server; And
Information returns module, for according to the selection of user to described multiple picture to be selected, obtain the information of selected picture, and the information of described selected picture is sent to described server, with make described server according to the theme of described selected picture and described preset themes the identity to described user verify.
18. devices as claimed in claim 17, it is characterized in that, described device also comprises:
Theme arranges module, and for sending to server to store the account of described user terminal and the preset themes corresponding with described account, described preset themes is set by the user setting up described user terminal account number.
19. devices as claimed in claim 18, is characterized in that, described theme arranges module and also meets the picture of described preset themes for receiving and showing part in that described server returns, described picture database.
20. devices as claimed in claim 17, is characterized in that, described picture display module also selects for reminding user the picture to be selected meeting described preset themes in described multiple picture to be selected.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410190284.5A CN105100005B (en) | 2014-05-07 | 2014-05-07 | Identity verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410190284.5A CN105100005B (en) | 2014-05-07 | 2014-05-07 | Identity verification method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105100005A true CN105100005A (en) | 2015-11-25 |
| CN105100005B CN105100005B (en) | 2020-06-30 |
Family
ID=54579566
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410190284.5A Active CN105100005B (en) | 2014-05-07 | 2014-05-07 | Identity verification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105100005B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108494794A (en) * | 2018-04-11 | 2018-09-04 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
| CN108512855A (en) * | 2018-04-11 | 2018-09-07 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
| CN108537015A (en) * | 2018-04-11 | 2018-09-14 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
| CN108616520A (en) * | 2018-04-11 | 2018-10-02 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030177366A1 (en) * | 2002-03-18 | 2003-09-18 | Sun Microsystem, Inc., A Delaware Corporation | Method and apparatus for dynamic personal identification number management |
| CN101663672A (en) * | 2007-02-21 | 2010-03-03 | 维杜普有限责任公司 | The method and system that is used for graphical image authentication |
-
2014
- 2014-05-07 CN CN201410190284.5A patent/CN105100005B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030177366A1 (en) * | 2002-03-18 | 2003-09-18 | Sun Microsystem, Inc., A Delaware Corporation | Method and apparatus for dynamic personal identification number management |
| CN101663672A (en) * | 2007-02-21 | 2010-03-03 | 维杜普有限责任公司 | The method and system that is used for graphical image authentication |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108494794A (en) * | 2018-04-11 | 2018-09-04 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
| CN108512855A (en) * | 2018-04-11 | 2018-09-07 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
| CN108537015A (en) * | 2018-04-11 | 2018-09-14 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
| CN108616520A (en) * | 2018-04-11 | 2018-10-02 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105100005B (en) | 2020-06-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104270404B (en) | A kind of login method and device based on terminal iidentification | |
| CN104702406B (en) | Auth method and device | |
| CN105323218A (en) | Identity verifying method and device | |
| US20140179281A1 (en) | Mobile terminal having auto answering function and auto answering method for use in the mobile terminal | |
| US20160241589A1 (en) | Method and apparatus for identifying malicious website | |
| CN105094861A (en) | Webpage application program loading method, device and system | |
| CN104660549A (en) | Identity verification method and device | |
| CN104834847B (en) | Auth method and device | |
| CN104917724A (en) | Identity verification method and apparatus | |
| US10659587B2 (en) | Incoming call management method and apparatus | |
| CN104917612A (en) | Identity verification method and device | |
| EP2642382A1 (en) | Method of enabling voice input for a visually based interface | |
| CN108847242B (en) | Electronic device control method, electronic device control device, storage medium and electronic device | |
| CN105306208A (en) | Identity verification method and identity verification device | |
| US10045166B2 (en) | Method and device for identifying short messages from pseudo base stations | |
| CN104217172B (en) | Privacy content inspection method and device | |
| CN106251869A (en) | Method of speech processing and device | |
| CN110765502B (en) | Information processing method and related product | |
| CN105323066A (en) | Identity verification method and device | |
| KR20110132392A (en) | User challenge using information based on geography or user identity | |
| CN104346560A (en) | Security authentication method and security authentication device | |
| CN105187206A (en) | Identity verification method and device | |
| CN105577375A (en) | Identity authentication method and device | |
| CN110557499B (en) | Information processing method and device and mobile terminal | |
| CN106255102A (en) | The authentication method of a kind of terminal unit and relevant device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |